Security News

An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. "The BBTok banker has a dedicated...

Singapore officials announced on Monday that next month they will deliver a consultation paper detailing a split liability scheme that will mean both consumers and banks are on the hook for financial losses flowing from scams. "There are some views that banks can easily absorb losses arising from individual scam cases. However, full restitution without due consideration of culpability is neither fair nor desirable," he told Parliament on Monday.

Bank-fintech partnerships continue to rise as financial institutions look to streamline operations, improve customer experiences, drive profitability, and manage risk and compliance efforts. The guidance promotes standardization for assessing third-party risk and describes sound risk management principles when developing and implementing third-party risk management practices.

No, your CEO is not on Teams asking you to transfer money Deepfakes are coming for your brand, bank accounts, and corporate IP, according to a warning from US law enforcement and cyber agencies.…

Group-IB has published new information on the operation today, reporting that Classiscam has made $64.5 million in combined earnings from scamming users of classifieds sites and stealing their money and payment card details. The number of targeted brands has also grown from 169 brands last year to 251 this year, and there are now 393 criminal gangs targeting users in 79 countries, coordinating in one of the operation's 1,366 Telegram channels.

Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. What makes the malware strain notable is its dual functions as spyware and perform bank fraud.

Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its customers' data in a likely MOVEit Transfer data-theft attack. The bank said that only a limited amount of personal data was exposed due to the security incident.

International cops have arrested a suspected "Key figure" of a cybercrime group dubbed OPERA1ER that has stolen as much as $30 million from more than 30 banks and financial orgs across 15 countries. According to Interpol, which led the international task force in Operation Nervone to take down the gang's ringleader, OPERA1ER has stolen at least $11 million - but possibly as much as $30 million - from organizations across Africa, Asia, and Latin America.

An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023. "Despite using relatively unsophisticated tools, Neo Net has achieved a high success rate by tailoring their infrastructure to specific targets, resulting in the theft of over 350,000 EUR from victims' bank accounts and compromising Personally Identifiable Information of thousands of victims," Thill said.

Pro-Kremlin groups Anonymous Sudan, Killnet and Clop have other motivations than just hacktivism as they widen their attack field beyond political targets. The June 19 attack against the European Investment Bank may have been a salvo aimed at thwarting financial pipelines supporting Ukraine's war effort, although the motives of the threat groups are still subject to speculation, experts say.