Security News

One brand that's been getting a lot of exposure among phishing campaigns is Chase Bank as cybercriminals are increasingly targeting people who use the company's financial services. The American subsidiary of JP Morgan Chase, Chase Bank is now ranked as the sixth most spoofed brand seen in phishing URLs, according to Cyren.

MalwareHunterTeam has spotted the two-year-old malware in a new distribution campaign that targets German users with a malicious APK named 'Commerzbank Security' and using the same icon as the official app. Cyble has found that the Hydra-laced app requests 21 permissions, most notably the 'BIND-ACCESSIBILITY PERMISSION' and 'BIND DEVICE ADMIN,' two extremely risky permissions.

Two newly discovered malicious Android applications on Google Play Store have been used to target users of Brazil's instant payment ecosystem in a likely attempt to lure victims into fraudulently transferring their entire account balances into another bank account under cybercriminals' control. "The attackers distributed two different variants of banking malware, named PixStealer and MalRhino, through two separate malicious applications [] to carry out their attacks," Check Point Research said in an analysis shared with The Hacker News.

Banks and post offices in New Zealand have been hit by a cyber offensive, according to reports, consisting of sustained DDoS attacks against a number of critical online services. Local cybersecurity agency NZ-CERT added to the general air of mystery, saying in a statement on its website that it was "Aware of a DDoS attack targeting a number of New Zealand organisations. We are monitoring the situation and are working with affected parties where we can."

The financially motivated FIN8 cybergang used a brand-new backdoor - dubbed Sardonic by the Bitdender researchers who first spotted it - in attempted breaches of networks belonging to two unidentified U.S. financial organizations. It's a nimble newcomer, researchers wrote: "The Sardonic backdoor is extremely potent and has a wide range of capabilities that help the threat actor leverage new malware on the fly without updating components," according to Bitdefender's report.

Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers.New York City-based JPMorgan Chase Bank is a financial services giant with a $120 billion annual revenue and over 250,000 employees worldwide.

Cryptomathic and UTIMACO have unveiled a joint Qualified Electronic Signature solution with an advanced security model designed to accelerate digital transformation in banks, governments and other trusted service providers. "Stefan Auerbach, CEO, UTIMACO, comments:"We are delighted that Cryptomathic and UTIMACO continue to deliver fully approved eIDAS solutions to our clients.

The enterprise asset management space just got a bit more crowded with the launch of Sevco Security, an early-stage startup selling a "Cloud-native security asset intelligence platform." Sevco Security, based in Austin, Texas, has raised $15 million in Series A funding led by SYN Ventures.

Russian state hackers compromised Denmark's central bank and planted malware that gave them access to the network for more than half a year without being detected. The compromise came to light after technology publication Version2 obtained official documents from the Danish central bank through a freedom of information request.

An expert penetration tester working for the notorious cyber-crime gang FIN7 was sent down for seven years on Friday and told to cough up $2.5m for breaking into corporate computer systems. FIN7 injected malware into the networks of thousands of American food, hospitality, and gaming chains to steal customers' financial details.