Security News

The Anubis Android banking malware is now targeting the customers of nearly 400 financial institutions in a new malware campaign. The threat actors target financial institutions, cryptocurrency wallets, and virtual payment platforms by impersonating an Orange S.A. Android app that attempts to steal login credentials.

EB Associates, a London-based financial advisory business, is facing a £140,000 fine from the UK's data watchdog after it instigated 107,000 illegal cold calls to people about their pensions. The practice of pension cold-calling was banned by the government in January 2019 to stop people being scammed of their life savings.

Government, diplomatic entities, military organizations, law firms, and financial institutions primarily located in the Middle East have been targeted as part of a stealthy malware campaign as early as 2019 by making use of malicious Microsoft Excel and Word documents. Russian cybersecurity company Kaspersky attributed the attacks with high confidence to a threat actor named WIRTE, adding the intrusions involved "MS Excel droppers that use hidden spreadsheets and VBA macros to drop their first stage implant," which is a Visual Basic Script with functionality to amass system information and execute arbitrary code sent by the attackers on the infected machine.

New legislation introduced this week by US lawmakers aims to set ransomware attack response "Rules of road" for US financial institutions. If signed into law, the new bill will require US financial institutions impacted by a ransomware attack to notify the Director of the Treasury Department's Financial Crimes Enforcement Network with details on the attack and any associated ransom demands.

Attackers will threaten to release confidential data that could affect a company's stock price to pressure them to pay the ransom, says the FBI. Ransomware operators will stoop to any tactic necessary to try to force their victims to acquiesce to the ransom demands. In a new report published Monday, the FBI warns of attacks in which ransomware groups will leak sensitive information that could impact a company's stock price if the ransom goes unpaid.

Ransomware gangs are zeroing in on publicly held companies with the threat of financial exposure in an effort to encourage ransom payments, the FBI is warning. In an alert issued this week [PDF], the Bureau said that activity over the course of the past year shows a trend toward targeting companies when they're coming up to "Significant, time-sensitive financial events," such as quarterly earnings reports and mandated SEC filings, initial public offerings, M&A activity, and so on.

Whether pursued as a compliance requirement or a business strategy, open banking has ignited financial services firms to focus on APIs and API security. Financial services API security issues 54 of the 55 mobile apps that were reverse engineered contained hardcoded API keys and tokens including usernames and passwords to third-party services.

The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. Sites used in these attacks are designed to closely resemble official government platforms to trick the targets into giving away their info, infecting them with malware, and claiming unemployment benefits on their behalf.

The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research. "The new trojan already has active distribution campaigns and is targeting 378 banking and wallet apps with overlays," ThreatFabric's CEO Cengiz Han Sahin said in an emailed statement.

Cyentia Institute and RiskRecon released a research that quantifies how a multi-party data breach impacts many organizations in today's interconnected digital world. The impact of multi-party data breach events 897 multi-party data breach incidents, also referred to as ripple events, have been observed since 2008.