Security News
Though generative AI offers financial firms remarkable business and cybersecurity utility, cyberthreats relating to GenAI in financial services are a consistent concern, according to FS-ISAC. Cybercriminals exploit AI for data exfiltration. That said, threat actors can use generative AI to write malware and more skilled cybercriminals could exfiltrate information from or inject contaminated data into the large language models that train GenAI. The use of corrupted GenAI outputs can expose financial institutions to severe legal, reputational, or operational consequences.
In an email to customers, the Vans and North Face parent promised that crooks didn't swipe their credit card or bank account details. "VF never collects or retains any detailed payment or financial information, such as bank account or credit card information, so no such information was exposed to the threat actors. Furthermore, no consumers' passwords were compromised. Please note that formal investigations by competent authorities are still ongoing. For this reason, we are unable to provide further details."
Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration organizations. The Ukrainian SSSCIP State Cyber Protection Center, together with the Palo Alto Networks Unit 42 research team, have been tracking a massive phishing campaign linked to the distribution of the SmokeLoader malware.
A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the...
Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information - including bank account and routing numbers, credit card numbers and security or access codes - after breaking into Infosys' IT systems in the fall. The US-headquartered firm says it "Believes" the data included: names, Social Security numbers, states of residence, bank accounts and routing numbers, or credit/debit card numbers in combination with access code, password, and PIN for the account, and dates of birth.
Criminals have probably stolen nearly 30,000 Fidelity Investments Life Insurance customers' personal and financial information - including bank account and routing numbers, credit card numbers and security or access codes - after breaking into Infosys' IT systems in the fall. The US-headquartered firm says it "Believes" the data included: names, Social Security numbers, states of residence, bank accounts and routing numbers, or credit/debit card numbers in combination with access code, password, and PIN for the account, and dates of birth.
ALPHV has now made a number of inflammatory allegations against both victims, which of course should be taken with a substantial grain of salt given that they are indeed criminals. "The claims are categorically false. We continue to have uninterrupted access to their network and are actively exfiltrating information," ALPHV alleged on its site.
The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. LoanDepot revealed on January 22 that at least 16.6 million people had their personal information stolen in the ransomware attack they confirmed on January 8, two days after disclosing it as a "Cyber incident" on January 6.
Prudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal group. "Confirmation of the"material cybersecurity incident" was made in an 8K filing [PDF] the corporation deposited with the SEC. "On February 5, 2024, Prudential Financial detected that, beginning February 4, 2024, a threat actor had gained unauthorized access to certain of our systems.
Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. "As of the date of this Report, we believe that the threat actor, who we suspect to be a cybercrime group, accessed Company administrative and user data from certain information technology systems and a small percentage of Company user accounts associated with employees and contractors," Prudential said.