-
Week of 19 Sep 2011 Russian cybercriminal steals $3.2M from U.S. government with Zeus, SpyEye toolkit (SearchSecurity.com | 21 Sep 2011)
In addition to bank fraud, the Russian cybercriminal also stole credentials from users of Facebook, Yahoo, Google, eBay, Amazon, Twitter, PayPal and Skype.
-
Week of 12 Sep 2011 Bank security on top in consumer information security trust survey (SearchSecurityUK.com | 16 Sep 2011)
More than half of respondents indicated they trusted financial institutions with their personal data, with students being the most trusting overall.
Shylock, a new Internet banking Trojan, targets UK banks (SearchSecurityUK.com | 12 Sep 2011)
The Shylock Internet banking Trojan pilfers online banking credentials and data, using innovative new techniques to avoid detection.
SpyEye attackers turn to Android phones to steal SMS messages (Security Bytes blog | 13 Sep 2011)
SMS-stealing Trojan poses as banking protection but once installed it can intercept text messages, sending them to the attacker’s command-and-control server.
-
Week of 22 Aug 2011 Ramnit worm variant now dangerous banking malware (25 Aug 2011)
The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.
-
Week of 27 Jun 2011 Citigroup breach: It’s about Web security (Security Wire Weekly blog | 27 Jun 2011)
Jeremiah Grossman explains that the Citigroup breach was the result of a simple business logic flaw which should have been caught in the code review process.
-
Week of 13 Jun 2011 Citigroup attack highlights insufficient authorization error (SearchSecurity.com | 14 Jun 2011)
Citigroup hackers used a common website vulnerability to bypass security controls and reap confidential banking data.
PCI virtualisation: With new guidelines, compliance may be harder (SearchSecurityUK.com | 14 Jun 2011)
New guidelines on virtualisation issued by the PCI SSC show PCI compliance is possible within a virtualised environment, but may not be feasible.
-
Week of 28 Mar 2011 SIEM vendors make the case for extending SIEM product capabilities (01 Apr 2011)
Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.
-
Week of 20 Dec 2010 Out-of-band authentication boosts security but isn't failsafe (20 Dec 2010)
Authentication technology helps thwart online banking fraud but determined criminals can circumvent it.
-
Week of 25 Oct 2010 How privacy and data security legislation will fare after Nov. 2 (28 Oct 2010)
The midterm elections will likely result in a shift in political power. How will that impact pending privacy and data security bills?
Qakbot banking Trojan develops unique attributes, researchers say (26 Oct 2010)
Security researchers at RSA say malware that targets U.S. financial institutions spreads like a worm and organizes targeted credentials.
-
Week of 18 Oct 2010 FinCEN reports rise in suspected identity theft scams (18 Oct 2010)
SARs study also shows that financial institutions are rejecting fraudulent consumer loans in majority of cases.
-
Week of 11 Oct 2010 Midmarket financial firms grapple with internal, external security threats (13 Oct 2010)
In the wake of the global economic crisis, many financial firms are struggling to meet tough regulations while defending against both accidental data leakage and a constant barrage of external...
-
Week of 04 Oct 2010 Former Fannie Mae contractor convicted in data destruction scheme (07 Oct 2010)
Programmer planted malicious script on company's network after he was fired, prosecutors said.
Organizations lag in testing their ESI discovery policies (04 Oct 2010)
Companies are taking steps to prepare for litigation but still falling short, according to survey.
-
Week of 27 Sep 2010 Authorities indict more than 60 for role in Zeus banking Trojan scheme (30 Sep 2010)
Foreigners in the United States on student visas were lured into opening bank accounts to funnel stolen money overseas.
New Zeus banking Trojan tactic tries to defeat SMS-based authentication (27 Sep 2010)
Security researchers say malware has new functionality that targets mobile authentication used by banks.
Nineteen charged with using Zeus banking Trojan to drain UK accounts (29 Sep 2010)
Suspects allegedly used the data-stealing malware to hijack bank accounts and steal millions of pounds.
Ukraine authorities detain alleged Zeus banking Trojan scam leaders (02 Oct 2010)
Five suspects masterminded international scheme that siphoned $70 million from bank accounts, FBI says.
-
Week of 20 Sep 2010 Application security test finds financial software lacking (22 Sep 2010)
Majority of financial services applications studied by firm weren't sufficiently secure.
Phishers turn to smishing and vishing scams to trick bank customers (20 Sep 2010)
Fraudsters are increasingly targeting bank customers via voice and text message phishing scams.
-
Week of 13 Sep 2010 FDIC releases guidance on digital copier security and printer risks (16 Sep 2010)
Financial institutions need to implement policies and procedures to protect sensitive data stored on devices like copiers, agency says.
Standardization key to Credit Suisse information security governance framework (17 Sep 2010)
The CISO of financial giant Credit Suisse says the key to successful global security and risk management is a uniform governance system supported by a common policy framework.