Security News

A new ransomware strain called Tycoon is seeking to wheel and deal its way into the Windows and Linux worlds, using a little-known Java image format as part of its kill chain. Working with KPMG's UK Cyber Response Services, the researchers analyzed a targeted attack using the previously unknown malware on an organization's domain controller and file servers.

Creeps in Australia have given away money in order to harass people with abusive transaction descriptions that appear in online banking records. Australia's Commonwealth Bank revealed the practice today after finding over 8,000 customers had received such messages.

Reposify unveiled research findings of critical asset exposures and vulnerabilities in attack surfaces of the world's leading multinational banks. Researchers measured the prevalence of exposed sensitive assets including exposed databases, remote login services, development tools and additional assets for 25 multinational banks and their 350+ subsidiaries.

Researchers have analysed a new strain of Android malware that does not yet exist in the wild. EventBot asks the user for permission to use accessibility services, a powerful feature since these services require extensive permissions in order to work, including acting as a keylogger, for example, and running in the background.

"Only Temenos can provide banks the richest banking functionality and the most advanced cloud-native technology to help them deliver value to their customers and build sustainable growth in the future." To support banks, Temenos launched AI-driven SaaS technology propositions which are immediately available to help banks with the Covid-19 crisis.

Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account.

Last week we wrote about a WhatsApp hoax that was spreading widely, warning people to look out for a cybersecurity catastrophe that simply wasn't going to happen. The City of London Police in turn link you to UK National Fraud and Cyber Crime Reporting Centre's ActionFraud website, where you will see that the "City of London Police hasn't issued any alerts about fake messages from Danske Bank.".

If anyone is using that house party app DELETE IT My friends email account been hacked into by it And managed to get bank account details too and has hacked that. To be honest, we can't tell you that the Houseparty app is bug-free, because we haven't decompiled or analysed it, and even if we had, working out that an app is totally free of vulnerabilities is a close-to-impossible exercise, as are many tasks where you are expected to prove a negative.

Research from Akamai recently found that up to 75 percent of all credential abuse attacks against the financial services industry in 2019 targeted APIs directly. "We talk about API attacks and the reason why criminals are using targeted methods against API because the traditional 'throw it and hope it sticks' against financial services just isn't cutting it anymore, they have to be more creative," Steve Ragan, security researcher with Akamai, told Threatpost.

That's a very 1990s approach! Why not put your money into a digital piggy bank, instead? Better yet, why not choose a piggy bank that deliberately starts out in debt?