Security News

In the industry's five-year outlook, hybrid cloud is the only IT model showing positive growth among financial company respondents, and it is expected to increase by 39% in that timeframe. 43% of financial services companies plan to increase their investment in private cloud over the next year, 10% higher than the global average - pinpointing that private cloud adoption is crucial to creating a modern hybrid cloud.

Lacework announced the appointment of Mike Staiger as Chief Financial Officer. Staiger brings more than 25 years of executive leadership in public and venture-backed private technology companies.

The United States Department of the Treasury's Financial Crimes Enforcement Network has issued an alert to warn financial institutions of fraud and cyberattacks related to COVID-19 vaccines. In its newly released alert, FinCEN tells financial institutions to be wary of "Potential for fraud, ransomware attacks, or similar types of criminal activity related to COVID-19 vaccines and their distribution."

Xerox announced Xavier Heiss as chief financial officer, a role he's filled on an interim basis since the end of September. He reports to John Visentin, Xerox vice chairman and chief executive officer.

Financial cybercrime in 2021 is set to evolve, researchers say, with extortion practices becoming more widespread, ransomware gangs consolidating and advanced exploits being used more effectively to target victims. According to Kasperky, ransomware - above all - will continue to be a main scourge in the year ahead. "Due to their successful operations and extensive media coverage this year, the threat actors behind targeted ransomware systematically increased the amounts victims were expected to pay in exchange for not publishing stolen information," researchers said in a Monday posting.

European IT services provider Sopra Steria estimates that a recent ransomware attack will have a financial impact ranging between €40 million and €50 million. Sopra Steria revealed one month ago that some of its systems were infected with a new variant of the Ryuk ransomware, which is believed to have been used by Russian cybercriminals.

Cybercriminals looking to steal personal information are baiting U.S. citizens with emails purporting to be from government agencies offering federal assistance. Bad actors are sending out messages purporting to be from federal government entities offering financial aid or unemployment assistance during the pandemic.

The financial services industry has the best flaw fix rate across six industries and leads a majority of industries in uncovering flaws within open source components, Veracode reveals. Fixing open source flaws is critical because the attack surface of applications is much larger than developers expect when open source libraries are included indirectly.

A hackers-for-hire operation has been discovered using a strain of previously undocumented malware to target South Asian financial institutions and global entertainment companies. Dubbed "CostaRicto" by Blackberry researchers, the campaign appears to be the handiwork of APT mercenaries who possess bespoke malware tooling and complex VPN proxy and SSH tunneling capabilities.

Four months after security researchers uncovered a "Tetrade" of four Brazilian banking Trojans targeting financial institutions in Brazil, Latin America, and Europe, new findings show that the criminals behind the operation have expanded their tactics to infect mobile devices with spyware. According to Kaspersky's Global Research and Analysis Team, the Brazil-based threat group Guildma has deployed "Ghimob," an Android banking Trojan targeting financial apps from banks, fintech companies, exchanges, and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola, and Mozambique.