Security News

A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. The intrusions staged by the actor involve "a high degree of OPSEC and leverage both public and private malware, utilities, and scripts to remove evidence and hinder response efforts," Mandiant researchers said in a new report published this week.

A Swiss data centre operated by financial messaging service SWIFT is under guard by police following the exclusion of key Russian banks from the system. As we reported yesterday, the EU has agreed to bar certain Russian banks from SWIFT, the most widely used global financial messaging system.

The order mandates the adoption of SBOM by large government supply chains and will change how software is supplied to U.S. federal agencies in the years ahead. It is expected that these new regulations will also spur commercial and international markets to adopt SBOM standards set by the U.S. What is an SBOM? Though their content and form are still being defined, SBOMs could include component names, license information, version numbers, the author of the SBOM, and the manufacturer of the component(s) within the SBOM. Since most of the software developed today is composed of open-source software or third-party code, SBOMs could provide visibility across the supply chain for anyone building software, buying software, or operating software.

The sites of several Ukrainian government agencies, and of the two largest state-owned banks are again targeted by Distributed Denial-of-Service attacks. Internet watchdog NetBlocks also confirmed that the websites Privatbank and Oschadbank were being hammered in the attacks and knocked down together with Ukrainian government sites.

A new malware called Xenomorph distributed through Google Play Store has infected more than 50,000 Android devices to steal banking information. Researchers at fraud and cybercrime prevention company ThreatFabric analyzing Xenomorph found code that is similar to Alien banking trojan.

Five major Canadian banks went offline for hours blocking access to online and mobile banking as well as e-transfers for customers. The banks hit by the outage include Royal Bank of Canada, BMO, Scotiabank, TD Bank Canada, and the Canadian Imperial Bank of Commerce.

Unknown attackers have mounted disruptive distributed denial-of-service attacks against several Ukrainian government organizations and state-owned banks on Tuesday. The DDoS attacks' impact on government sites and bank services.

The deputy governor of the Reserve Bank of India, T Rabi Sankar, has delivered an extremely unflattering assessment of cryptocurrencies - worse than Ponzi schemes, wreckers of economies, and richly deserving of a ban within India. Speaking at the Indian Banks' Association's 17th Annual Banking Technology Conference, Sankar argued that cryptocurrencies are poorly named, as unlike fiat currencies they "Do not have an issuer, they are not an instrument of debt, nor commodities, nor do they have any intrinsic value."

The websites of the Ukrainian military and at least two of the nation's biggest banks were knocked offline in a cyberattack today. On social media, it reported "Technical works on restoration of regular functioning" are underway after it was "Probably attacked by DDoS: an excessive number of requests per second was recorded." Other military sites are also apparently suffering outages.

A distributed denial-of-service cyber-attack today took down Ukrainian defense military websites - and at least two of the nation's biggest banks were knocked offline, too. Ukraine's Ministry of Defense website is still unavailable at time of publication.