Security News

New legislation introduced this week by US lawmakers aims to set ransomware attack response "Rules of road" for US financial institutions. If signed into law, the new bill will require US financial institutions impacted by a ransomware attack to notify the Director of the Treasury Department's Financial Crimes Enforcement Network with details on the attack and any associated ransom demands.

Attackers will threaten to release confidential data that could affect a company's stock price to pressure them to pay the ransom, says the FBI. Ransomware operators will stoop to any tactic necessary to try to force their victims to acquiesce to the ransom demands. In a new report published Monday, the FBI warns of attacks in which ransomware groups will leak sensitive information that could impact a company's stock price if the ransom goes unpaid.

Ransomware gangs are zeroing in on publicly held companies with the threat of financial exposure in an effort to encourage ransom payments, the FBI is warning. In an alert issued this week [PDF], the Bureau said that activity over the course of the past year shows a trend toward targeting companies when they're coming up to "Significant, time-sensitive financial events," such as quarterly earnings reports and mandated SEC filings, initial public offerings, M&A activity, and so on.

Whether pursued as a compliance requirement or a business strategy, open banking has ignited financial services firms to focus on APIs and API security. Financial services API security issues 54 of the 55 mobile apps that were reverse engineered contained hardcoded API keys and tokens including usernames and passwords to third-party services.

The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. Sites used in these attacks are designed to closely resemble official government platforms to trick the targets into giving away their info, infecting them with malware, and claiming unemployment benefits on their behalf.

The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research. "The new trojan already has active distribution campaigns and is targeting 378 banking and wallet apps with overlays," ThreatFabric's CEO Cengiz Han Sahin said in an emailed statement.

Cyentia Institute and RiskRecon released a research that quantifies how a multi-party data breach impacts many organizations in today's interconnected digital world. The impact of multi-party data breach events 897 multi-party data breach incidents, also referred to as ripple events, have been observed since 2008.

As you can see, the cryptocurrency wallets in question were partially redacted - but as we know, these follow a recognizable pattern and can be uncovered in the public ledger. After determining the full wallet address, we can find this wallet on the blockchain and see what was transferred and when.

This is part one of a two-part series on how hackers stole $2 million in cryptocurrency. There is one strong commonality with all these incidents and attacks: The hackers want the funds in cryptocurrency.

Key findings 32.5% of all companies were targeted by brute force attacks in early June 2021. 73% of all advanced threats were credential phishing attacks.