financial industry
Reading between the lines of a cyber insurance policy
Enterprises in regulated industries often carry cyber insurance policies because contracts require it or boards ask for documented risk transfer. The global market for these …
Finance phishing works because it sounds boringly normal
Finance departments process a constant stream of invoices, contracts, payment notices, and procurement emails, making email one of the most common initial access vectors for …
Only 28% of financial workforce MFA is phishing-resistant
Passwords remain part of many workforce authentication flows in financial organizations, making phishing and credential theft major identity security risks, according to a new …
Financial groups lay out a plan to fight AI identity attacks
Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A …
EvilTokens ramps up device code phishing targeting Microsoft 365 users
Security researchers report a notable increase in device code phishing activity aimed at Microsoft 365 users, and have attributed this rise to the availability of EvilTokens, …
Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)
A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US …
Consumers feel less judged by AI debt collectors
Debt collection agencies are starting to use automated voice systems and AI-driven messaging to handle consumer calls. These systems help scale outreach, reduce call center …
How state-sponsored attackers hijacked Notepad++ updates
UPDATE: Notepad++ supply chain attack: Researchers reveal details, IoCs, targets Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by …
A new framework helps banks sort urgent post-quantum crypto work from the rest
Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out …
Banks built rules for yesterday’s crime and RegTech is trying to fix that
Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with …
Criminal networks industrialize payment fraud operations
Fraud operations are expanding faster than payment defenses can adjust. Criminal groups function like coordinated businesses that develop tools, automate tasks, and scale …
When every day is threat assessment day
In this Help Net Security interview, Paul J. Mocarski, VP & CISO at Sammons Financial Group, discusses how insurance carriers are adapting their cybersecurity strategies. …
Featured news
Resources
Don't miss
- Two new high severity WordPress vulnerabilities, patch immediately!
- Prompt injection is becoming the XSS of the web agent era
- The script, not the voice, is what makes AI voice phishing work
- The five step plan that cuts security budget waste
- CISA folds its own hard-won lessons into coordinated vulnerability disclosure guidance