Security News

Temenos launches new technology propositions to help banks respond to the pandemic
2020-04-30 00:30

"Only Temenos can provide banks the richest banking functionality and the most advanced cloud-native technology to help them deliver value to their customers and build sustainable growth in the future." To support banks, Temenos launched AI-driven SaaS technology propositions which are immediately available to help banks with the Covid-19 crisis.

Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
2020-04-13 18:42

Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account.

“Instant bank fraud” warning spread on WhatsApp is a hoax
2020-03-31 08:25

Last week we wrote about a WhatsApp hoax that was spreading widely, warning people to look out for a cybersecurity catastrophe that simply wasn't going to happen. The City of London Police in turn link you to UK National Fraud and Cyber Crime Reporting Centre's ActionFraud website, where you will see that the "City of London Police hasn't issued any alerts about fake messages from Danske Bank.".

Has Houseparty really hacked your phone and stolen your bank details?
2020-03-30 20:12

If anyone is using that house party app DELETE IT My friends email account been hacked into by it And managed to get bank account details too and has hacked that. To be honest, we can't tell you that the Houseparty app is bug-free, because we haven't decompiled or analysed it, and even if we had, working out that an app is totally free of vulnerabilities is a close-to-impossible exercise, as are many tasks where you are expected to prove a negative.

Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs
2020-03-12 13:57

Research from Akamai recently found that up to 75 percent of all credential abuse attacks against the financial services industry in 2019 targeted APIs directly. "We talk about API attacks and the reason why criminals are using targeted methods against API because the traditional 'throw it and hope it sticks' against financial services just isn't cutting it anymore, they have to be more creative," Steve Ragan, security researcher with Akamai, told Threatpost.

Digital piggy bank sevice broken into by cybercrooks
2020-03-03 14:08

That's a very 1990s approach! Why not put your money into a digital piggy bank, instead? Better yet, why not choose a piggy bank that deliberately starts out in debt?

Fraudulent Login Attacks Against Banks Surge: Akamai
2020-02-21 11:57

On August 7, 2019, a single credential stuffing attack against a financial services company recorded 55,141,782 malicious login attempts. The majority of API attacks against finserv was negligible for much of the two years covered by the analysis, but suddenly spiked to more than 80% of all malicious login attempts in May 2019, and to more than 75% in October 2019.

Stuffing nonsense: Persistent cyberpunks are pummelling banks' public APIs, warns Akamai
2020-02-20 22:56

The web services 'n' security biz said, in a report released today, that three-quarters of all credential abuse attacks it detected in 2019 were targeted at banks' publicly available APIs. Akamai said it had "Observed 85,422,079,109 credential abuse attacks" over two years, spanning December 2017 to November last year.

Don't use natwest.co.uk for online banking, Natwest bank tells baffled customer
2020-02-19 17:05

British customers of High Street banking brand Natwest are being advised not to use the domain natwest.co.uk - by none other than Natwest itself. Consumers are increasingly becoming aware of threats to their online banking security through malware and malicious apps designed to steal credentials.

SMS Attack Spreads Emotet, Steals Bank Credentials
2020-02-19 16:00

The SMS messages purport to be from local U.S. numbers and impersonate banks, warning users of locked bank accounts. The messages urge victims to click on a link, which redirects them to a domain that's known to distribute Emotet.