Security News
India's Punjab National Bank has smacked down a security firm's allegation that it exposed personal and financial data of its 180 million customers - but appears to have admitted its Exchange Server implementation wasn't in tip-top shape. In the same report, the Bank admitted that it uses Exchange, but the allegedly unpatched servers were only used to route mail to Office365 and contain no sensitive data.
There are significant privacy challenges that could make eNaira a lot less attractive. Identification and authentication can pose additional privacy risks because of their central role in onboarding users to the eNaira wallet and ensuring equal access for all users to meet the financial inclusion aspiration of the CBN. Under the CBN's Circular and Guideline [PDF] on the eNaira issued on 25 October, the national identity number and/or biometric verification number are the unique identifiers for users to "Self-onboard" to the eNaira speed wallet.
US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial sector's stability.
US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial sector's stability.
This article was written by Peter Gerdenitsch, Group CISO at Raiffeisen Bank International, and is based on a presentation given during Imvision's Executive Education Program, a series of events focused on how enterprises are taking charge of the API security lifecycle. We've got an API security course and cloud security course to deepen our security-related knowledge in these domains.
This article was written by Peter Gerdenitsch, Group CISO at Raiffeisen Bank International, and is based on a presentation given during Imvision's Executive Education Program, a series of events focused on how enterprises are taking charge of the API security lifecycle. We've got an API security course and cloud security course to deepen our security-related knowledge in these domains.
The Dutch Police have arrested nine people for targeting and stealing money from the elderly by impersonating bank employees. The group of bank help desk fraudsters, five men and four women between the ages of 20 and 27, were arrested between September 14 and October 19, 2021.
Ecuador's largest private bank Banco Pichincha has suffered a cyberattack that disrupted operations and taken the ATM and online banking portal offline. The cyberattack occurred over the weekend, causing the bank to shut down portions of their network to prevent the attack's spread to other systems.
Pacific City Bank, one of the largest Korean-American community banking service providers in America, has disclosed a ransomware incident that took place last month. The bank is circulating notices to inform its clients of a security breach it identified on August 30, 2021, which they claim to have addressed promptly.
BEC scams use various tactics to compromise or impersonate business email accounts with the end goal of redirecting pending or future payments to bank accounts under a threat actor's control. One of the case examples in the indictment document seen by Bleeping Computer, mentions a single transaction of $356,954, sent by a victim in Boston to what they thought was the bank account of their business partner.