Security News

The Bank for International Settlements - a meta bank for the world's central banks and facilitator of cross-border payments - has advocated new governance systems that promote owner control of data and transparency over its use. Consent is often given once, despite use of data changing over time without re-confirming consent.

In this video for Help Net Security, Tom Kellermann, Head of Cybersecurity Strategy at VMware, talks about threats against financial institutions and the findings of the Modern Bank Heists 5.0 report. There has been a dramatic uptick of attacks, not just specific to spearphishing, but attacks against APIs, attacks where ransomware was distributed inside infrastructure because of the presence of remote access trojans, island hopping, etc.

Despite banks working to improve online security protocols, consumers must also do their part in taking advantage of enhanced security features to keep their accounts safe. Since banks strive to make the digital banking experience as intuitive and frictionless as possible for users, this can also present an opportunity for hackers to access unwitting consumers' bank accounts.

African banks are increasingly targeted by malware distribution campaigns that employ HTML smuggling tricks and typo-squatted domains to drop remote access trojans. Cybercriminals interested in quick financial gains are a constant source of trouble for banks in Africa, which have resorted to deploying strict gateway security controls.

Salt Security spotted a vulnerability in a large fintech company's digital platform that would have granted attackers admin access to banking systems in addition to allowing them to transfer funds to their own accounts. "This vulnerability is a critical flaw, one that completely compromises every bank user," Yaniv Balmas, vice president of research at Salt, an API security firm, told The Register.

A server-side request forgery flaw in an API of a large financial technology platform potentially could have compromised millions of bank customers, allowing attackers to defraud clients by controlling their bank accounts and funds, researchers have found. A team at Salt Security's Salt Labs identified the vulnerability in an API in a web page that supports the organization's platform fund transfer functionality, which allows clients to transfer money from their accounts on its platform into their bank accounts, researchers disclosed in a report published Thursday.

An Indian bank that did not have a valid firewall license, had not employed phishing protection, lacked an intrusion detection system and eschewed use of any intrusion prevention system has, shockingly, been compromised by criminals who made off with millions of rupees. It certainly thinks small about security - at least according to Hyderabad City Police, which last week detailed an attack on the Bank that started with over 200 phishing emails being sent across three days in November 2021.

A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine switching networks and carrying out unauthorized cash withdrawals at different banks using fraudulent cards. The intrusions staged by the actor involve "a high degree of OPSEC and leverage both public and private malware, utilities, and scripts to remove evidence and hinder response efforts," Mandiant researchers said in a new report published this week.

A Swiss data centre operated by financial messaging service SWIFT is under guard by police following the exclusion of key Russian banks from the system. As we reported yesterday, the EU has agreed to bar certain Russian banks from SWIFT, the most widely used global financial messaging system.

The order mandates the adoption of SBOM by large government supply chains and will change how software is supplied to U.S. federal agencies in the years ahead. It is expected that these new regulations will also spur commercial and international markets to adopt SBOM standards set by the U.S. What is an SBOM? Though their content and form are still being defined, SBOMs could include component names, license information, version numbers, the author of the SBOM, and the manufacturer of the component(s) within the SBOM. Since most of the software developed today is composed of open-source software or third-party code, SBOMs could provide visibility across the supply chain for anyone building software, buying software, or operating software.