Security Affairs

MARCH 19, 2025

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. California Cryobank (CCB) is the largest sperm bank in the U.S., providing frozen donor sperm and reproductive services, including egg and embryo storage.

Data breaches 107

Data breaches Banking Insurance Hacking 107

Security Affairs

MARCH 28, 2025

Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns. Forcepoint X-Labs researchers warn of new phishing campaigns targeting Latin America and Europe in new phishing campaigns.

Banking 86

Banking Phishing Malware Passwords 86

Security Boulevard

FEBRUARY 14, 2025

Plus, Europol offers best practices for banks to adopt quantum-resistant cryptography. Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention! Check out best practices for preventing buffer overflow attacks.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Krebs on Security

APRIL 27, 2023

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. Huntington Bank has disabled the leaky TCF Bank Salesforce website. Washington, D.C. ”

Banking 338

Banking Government Information Security Authentication 338

Security Affairs

MARCH 29, 2025

The new Android trojan Crocodilus exploits accessibility features to steal banking and crypto credentials, mainly targeting users in Spain and Turkey. ThreatFabric researchers discovered a new Android trojan called Crocodilus, which exploits accessibility features to steal banking and crypto credentials. ” ThreatFabric concludes.

Banking 67

Banking Mobile Identity Theft Malware 67

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. “No passwords” , “no bank cards” , “no content of communications (emails, SMS, voice messages, etc.)” The company is the second-largest ISP in France with over 22.9

Cyber Attacks 124

Cyber Attacks Telecommunications Data breaches Banking 124

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. The banking Trojan is likely operated as a Malware-as-a-Service (MaaS).

Banking 132

Banking Malware Antivirus Accountability 132

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Monitor financial accounts : Check bank statements and report any suspicious transactions promptly. The following authorities participated in the Operation Magnus.

Identity Theft 124

Identity Theft Malware Passwords Banking 124

Security Affairs

SEPTEMBER 24, 2024

A new version of the Android banking trojan Octo, called Octo2, supports improved features that allow to takeover infected devices. ThreatFabric researchers discovered a new version of the Android banking trojan Octo, called Octo2, that supports more advanced remote action capabilities needed for Device Takeover attacks.

Banking 125

Banking Mobile Malware Social Engineering 125

Security Affairs

NOVEMBER 20, 2021

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. The infamous banking trojan was also used to deliver other malicious code, such as Trickbot and QBot trojans, or ransomware such as Conti , ProLock , Ryuk , and Egregor. ” concludes the analysis.

Cybercrime 136

Cybercrime Ransomware Banking Malware 136

Security Affairs

MAY 27, 2022

A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. Interestingly, we observed that ERMAC 2.0 “ERMAC 2.0

Banking 145

Banking Malware Cybercrime Phishing 145

Security Affairs

MARCH 18, 2022

Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a new Unix rootkit named Caketap, which is used to steal ATM banking data, while investigating the activity of the LightBasin cybercrime group (aka UNC1945 ). ” concludes the report.

Banking 144

Banking Telecommunications System Administration Hacking 144

Security Affairs

JULY 9, 2024

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” million individuals.

Data breaches 131

Data breaches Banking Retail Ransomware 131

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. The authorities blocked 2,350 bank accounts linked to the illicit proceeds of online financial crime and intercepted over 27 million dollars. Pierluigi Paganini.

Cybercrime 130

Cybercrime Scams Banking Malware 130

Security Affairs

APRIL 21, 2025

The fraud campaign starts with fake bank alerts via SMS or WhatsApp, luring victims to call attackers. Since victims often do not recall their PIN immediately, the attackers guide them through their mobile banking application to retrieve this sensitive information.” ” reads the report published by Cleafy.

Malware 105

Malware Social Engineering Banking Engineering 105

Security Affairs

JANUARY 20, 2022

The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank Indonesia confirmed that it was the victim of a ransomware attack that took place last month. A bank spokesperson told Reuters that the ransomware attack did not impact services. GB worth of files.

Banking 121

Banking Ransomware Cybercrime Malware 121

Security Affairs

NOVEMBER 15, 2021

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. ” concludes the report.

Banking 143

Banking Mobile Social Engineering Malware 143

Security Affairs

OCTOBER 9, 2023

Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv.

Data breaches 133

Data breaches Banking Hacking Mobile 133

Security Affairs

SEPTEMBER 5, 2021

Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the company and threatens to leak it. Pacific City Bank is an American community bank that focuses on the Korean-American community based in California and offers commercial banking services.

Banking 136

Banking Ransomware Financial Services Hacking 136

Security Affairs

FEBRUARY 21, 2022

Xenomorph Android trojan has been observed distributed via the official Google Play Store targeting 56 European banks. Researchers from ThreatFabric have spotted a new Android banking trojan, dubbed Xenomorph , distributed via the official Google Play Store that has over 50,000 installations. ” concludes the report.

Banking 136

Banking Malware Marketing Hacking 136

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) million from victims.

Cybercrime 128

Cybercrime Scams Banking Mobile 128

Security Affairs

OCTOBER 1, 2021

Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. . Experts warn of a malware campaign targeting European e-banking platform users with the Hydra banking trojan. ” concludes Cyble. Pierluigi Paganini.

Banking 136

Banking Malware Encryption Hacking 136

Security Affairs

SEPTEMBER 19, 2021

Numando, a new banking Trojan that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. ESET researchers spotted a new LATAM banking trojan, tracked as Numando, that abuses YouTube, Pastebin, and other public platforms as C2 infrastructure and to spread. SecurityAffairs – hacking, banking trojan).

Banking 139

Banking Encryption Malware Hacking 139

Security Affairs

SEPTEMBER 12, 2021

A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks. The new maxtrilha trojan is being disseminated and targeting several banks around the world. Figure 1: High-level diagram of maxtrilha banking trojan.

Banking 144

Banking Malware Internet Internet 144

Security Affairs

JUNE 4, 2024

Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. “Currently, it is estimated that hundreds of cybercriminals are using this kit to commit fraud, leaving victims with empty bank accounts. . ” reads the report published Resecurity.

Banking 128

Banking Phishing Social Engineering Engineering 128

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking 141

Banking Accountability Malware Mobile 141

Security Affairs

DECEMBER 12, 2021

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. The phishing messages are carefully crafted, the content was well-structured and features bank logos. The use of QR codes making it hard for email filters to flag the messages as malicious. Pierluigi Paganini.

Banking 145

Banking Phishing Social Engineering Engineering 145

Security Affairs

NOVEMBER 10, 2024

CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog DPRK-linked BlueNoroff used macOS malware with novel persistence Canada ordered ByteDance to shut down TikTok operations in the country over security concerns Critical bug in Cisco UWRB access points allows attackers to run commands (..)

Ransomware 115

Ransomware Cybercrime Phishing Banking 115

Security Affairs

FEBRUARY 13, 2024

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers following a data breach at the third-party services provider Infosys McCamish System (IMS). Bank of America’s systems were not compromised.”

Data breaches 137

Data breaches Banking Identity Theft Ransomware 137

Security Affairs

OCTOBER 28, 2024

. “Milan prosecutors allege the business intelligence agency tapped into three key databases: one gathering alerts over suspicious financial activities; one used by the national tax agency with citizens’ bank transactions, utility bills, income statements; and the police investigations’ database, the person said.”

Computers and Electronics 134

Computers and Electronics Banking Marketing Hacking 134

Security Affairs

OCTOBER 2, 2021

In March, experts from Swiss security outfit PRODAFT estimated that the number of infected devices worldwide was approximately 60,000. The Android malware has been used to steal banking credentials, payment information, and sensitive data from infected devices. ” states the report. Pierluigi Paganini.

Banking 145

Banking Malware Spyware Passwords 145

SecureWorld News

MARCH 20, 2025

Phishing plays straight out of the cybercrime playbook "March Madness brings heightened cybersecurity risks this year, especially with the expansion of sports gambling beyond traditional office pools creating new attack vectors for credential harvesting and financial fraud," warns J. Stephen Kowski, Field CTO at SlashNext Email Security+.

Scams 87

Scams Social Engineering Mobile Phishing 87

Security Affairs

SEPTEMBER 24, 2023

A new variant of a banking trojan, called BBTok, targets users of over 40 banks in Latin America, particularly Brazil and Mexico. Check Point researchers warn of a new variant of a banking trojan, called BBTok, that is targeting users of over 40 banks in Latin America. ” reads the report published by Check Point.

Banking 137

Banking Phishing Malware Hacking 137

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others.

Data breaches 123

Data breaches Cybercrime Authentication Technology 123

Security Affairs

FEBRUARY 19, 2024

The Android banking trojan Anatsa resurged expanding its operation to new countries, including Slovakia, Slovenia, and Czechia. In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. ” concludes the report. ” concludes the report. .

Banking 127

Banking Malware Mobile Authentication 127

Security Affairs

FEBRUARY 3, 2025

The gang targets high-value victims, also called “mammoths,” for digital asset theft, including cryptocurrencies, payment cards, online banking accounts, and non-fungible tokens (NFTs). The cybercrime gang focused on targeting the Web3 and decentralized finance industry. These factors make it a persistent cyber threat.

Scams 81

Scams Media Cryptocurrency Cybercrime 81

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 117

Data breaches Cybercrime Financial Services Hacking 117