$2.1 million stolen with clever social engineering
An unnamed fraudster managed to steal $2.1 million from a hospital chain’s Wells Fargo Bank escrow account by faxing a money transfer signed with a copied-and-pasted …
Self-selected PINs aren’t that hard to guess
Four-digit banking PINs are usually randomly assigned by banks after the issuing of credit and debit cards, but there are still some out there that let its customers choose …
Multi-layered cloud security for banks
ActivIdentity announced integrated fraud detection service and authentication capabilities for its 4TRESS Authentication Appliance. The all-in-one platform and cloud-based …
New powerful bot spreads by email
PandaLabs reported the presence of a powerful new bot called Ainslot.L. This malware is designed to log user activities, download additional malware and take control of …
Best practices for online banking security
There are two common misconceptions about online banking security which are holding financial institutions back from offering their customers the best services possible. …
Malware redirects bank phone calls to attackers
Trusteer have discovered a concerning development in some new Ice IX configurations that are targeting online banking customers in the UK and US. Ice IX is a modified variant …
Hackers steal $6.7 million in bank cyber heist
A perfectly planned and coordinated bank robbery was executed during the first three days of the new year in Johannesburg, and left the targeted South African Postbank – …
Security challenges for the finance sector
As the migration to Windows 7 is proving a catalyst to organizations, banks are stepping up to the challenge to protect themselves against malware attacks abusing admin …
Optical transaction signing device limits ebanking fraud
SafeNet announced the eToken 3500, an electronic signing and strong authentication token-based device that will enable financial services organizations to achieve risk …
Is your online bank vulnerable to currency rounding attacks?
In the 12+ years of doing penetration tests against various critical environments, we’ve seen numerous online banking servers and found all sorts of vulnerabilities in …
Cyber crooks combine new Zeus variant and DDoS attacks
A new variant of the information-stealing Zeus Trojan – dubbed Gameover – is currently being delivered to unsuspecting victims via emails purportedly coming from …
Fraudsters beat two-factor authentication, steal $45k
It seems that two-factor authentication solutions that deliver verification codes to mobile phones are not as foolproof as one might think – a lesson that an Australian …
Featured news
Sponsored
Don't miss
- US exposes scheme enabling North Korean IT workers to bypass sanctions
- The importance of access controls in incident response
- Organizations struggle to defend against ransomware
- Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)
- Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)