Security News

Details of bank vault floor plans, alarm systems and the security arrangements for Swedish authorities have been leaked online after a security company was hacked, local media reported Tuesday. A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August, according to newspaper Dagens Nyheter.

Behavox announced that Danske Bank has successfully implemented Behavox's solution in less than five months for compliance supervision. In June, Danske Bank partnered with Behavox to establish group wide compliance communications monitoring, and has since completed a seamless, full SaaS implementation of the Behavox Compliance solution.

Many banks across the U.S. and Canada are failing to meet their customers' online identity fraud and digital banking needs, according to a survey from FICO. Despite COVID-19 quickly turning online banking into an essential service, the survey found that financial institutions across North America are struggling to establish practices that combat online identity fraud and money laundering, without negatively impacting customer experience. 51 percent of North American banks are still asking customers to prove their identities by visiting branches or posting documents when opening digital accounts.

Documents filed by cloud software provider Blackbaud with the United States Securities and Exchange Commission this week reveal that bank account details and social security numbers might have been affected in a ransomware attack earlier this year. At the time, the company admitted to paying ransomware operators so that they would delete the data exfiltrated during the attack, but said that no personally identifiable information or bank account details were compromised.

Blackbaud, the cloud CRM provider whose execs bought off ransomware crooks in exchange for a pinky promise that stolen data would not be misused, has now confessed that customers' bank account information may have been taken from its servers by the criminals. In a US stock market 8-K filing [PDF], Blackbaud admitted the ransomware infection in May potentially resulted in miscreants making off with banking details.

Banks and federal government agencies are holding up the best against cyberattacks while retail and manufacturing are faltering, according to a new report from Synack. The 2020 Trust Report from the penetration testing company found that government and financial services scored 15% and 11% higher than all other industries in 2020.

The Central Bank of Seychelles on Friday announced that the network of the Development Bank of Seychelles was recently targeted in a ransomware attack. CBS has been engaging with DBS to establish the exact nature and circumstances of the incident and closely monitor the developments, including the possible impact on DBS' operations," the bank said in a Friday announcement.

Since February 2020, North Korean state-sponsored hackers have been targeting banks in multiple countries, the Cybersecurity and Infrastructure Security Agency, the Department of the Treasury, the Federal Bureau of Investigation and U.S. Cyber Command warn in a joint advisory. "The BeagleBoyz's bank robberies pose severe operational risk for individual firms beyond reputational harm and financial loss from theft and recovery costs. [] Equally concerning, these malicious actors have manipulated and, at times, rendered inoperable, critical computer systems at banks and other financial institutions," the joint advisory reads.

The BeagleBoyz, part of the North Korean government's hacking apparatus, are back to targeting banks around the world after a brief pause in activity. The US Cybersecurity and Infrastructure Security Agency has released an alert with details of how the BeagleBoyz have made off with an estimated $2 billion in fiat and cryptocurrency since 2015, along with details on how financial institutions can protect themselves against their known patterns of attack.

For two years, IBM has been deploying confidential computing capabilities in the IBM Cloud and Rohit Badlaney, vice president of IBM Z Hybrid Cloud, said it is the only public cloud with "Production-ready confidential computing capabilities able to protect data, applications and processes." IBM's platform is now used in heavily regulated industries like healthcare and banking, with high profile customers like Bank of America and Daimler taking advantage of confidential cloud computing capabilities.