U.S. and U.K. cybersecurity agencies issued a joint warning this week that over 62,000 QNAP network-attached storage devices worldwide have been infected with data-stealing malware.
Mobile banking startup Dave is just the latest victim of criminal data brokers. Extensive evidence now points to Dave having been hit by a ShinyHunters, which has been tied to the sale of millions of stolen records to fraudsters - either via a phishing attack or hack of a third-party service provider.
Mobile-only banking app Dave has suffered a data breach that exposed personal details for at least 3 million users. But the fintech startup says no account information was exposed, and there are no signs of fraud. Dave says the incident traces to credentials stolen from Waydev, a third-party service provider.
Given the growing threat posed by distributed denial-of-service attacks, building an effective risk mitigation strategy is more important than ever, says Andy Ng, CEO at Nexusguard.
Money launderers are devising new tactics during the COVID-19 pandemic. For example, some are coming up with ways to use personal protective equipment, or PPE, as a form of currency, says Debra Geister, CEO of Section 2 Financial Intelligence Solutions.
A previously undetected botnet called "Prometei" is targeting vulnerable Microsoft Windows devices by brute-forcing SMB vulnerabilities to mine monero cryptocurrency, according to Cisco Talos.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
Any nationally chartered bank can now serve as a custodian of the cryptographic keys for a cryptocurrency wallet, according to a letter from the Office of the Comptroller of the Currency. James Wester of IDC analyzes the implications.
The FBI is warning of an increase in distributed denial-of-service attacks using amplification techniques that are targeting U.S. organizations. The bureau notes that it's seen an uptick in attack attempts since February.
Companies can use data analytics and artificial intelligence to help mitigate the risk of collusion between their employees and vendors, says Amine Antari, managing director at the consultancy Kroll.
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
Which entities will be custodians of our identities? David Birch of Consult Hyperion discusses why banks could be likely candidates for this emerging role.
A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
The U.S. should restore the position of cybersecurity coordinator at the White House because the number of threats against the nation is increasing, several security experts testified this week at a House hearing. But some Republicans question whether the move would create unnecessary bureaucracy.
COVID-19 contract-tracing applications that help monitor individuals' possible exposure to those who have tested positive for the virus present a variety of privacy issues that must be addressed, says regulatory attorney Nancy Perkins.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.