Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Banking. Show all posts
Transaction Security
Banco Santander Banking Cyberattacks CyberCrime Data Breach Digital Security Malicious Incident Transaction Security

Banco Santander Reports Data Breach, Reaffirms Transaction Security

 


There was a malicious incident reported by Bank Santander that involved an individual who had accessed the data of one of its service providers. The malicious incident resulted in a data breach, which affected the bank's customers and posed a threat to their digital identities. One of the biggest banking institutions in the world, Banco Santander, recently reported that it was accessed by an unauthorized party in a database that contained highly sensitive customer information from Chile, Spain, and Uruguay, resulting in a significant cybersecurity incident. 

Digital security in the banking sector is facing growing challenges as a result of this recent breach, which has been brought to the attention of the Spanish stock market supervisor. Approximately a year ago, Santander announced a data breach that involved a third-party database hosted by a third-party provider. It contained information about Santander's clients in three countries, as well as information regarding all Santander employees. 

People have been assured by the bank that there was no transactional data contained in the compromised database nor that login credentials or passwords could be accessed directly to the bank's banking systems. An attack on a third-party supplier may have compromised the privacy of customers and employees of Santander across Spain, Chile and Uruguay. The bank notified them of the threat. 

According to the Spanish National Securities Market Commission (CNMV), which is the second largest bank in the world by market value, the bank reported on Tuesday that "unauthorized access to a database" caused the incident. Except for German federal government employees, it was reported that this database contained data belonging to "all employees and some former employees of the group". This may mean that as many as 200,000 Santander employees around the world were affected by the exposure. 

Among the largest and most important banks in the world, Banco Santander, whose presence is mainly in Spain, the United Kingdom, Brazil, Mexico, and the United States, has over 140 million customers and is known for offering an extensive array of financial products and services. A data breach incident involving customers and employees of the bank in Spain, Chile, and Uruguay has been announced by the bank in a statement published this week. 

According to the bank, there have been no details provided about the types of data that were exposed, however, it is noted that online banking credentials as well as transaction information were not affected. According to Santander, this incident has not affected its presence in any other markets where it operates and has not affected existing financial products. Although no further details regarding the details of the exposed data have yet been released by the bank, they have assured everyone that the affected dataset does not include transaction data or the passwords for online banking accounts. 

Furthermore, the financial institution went on to inform its customers that none of its other markets were affected by this incident. Further, neither the bank's systems nor its operations in the previously mentioned nations have been affected by this incident. It is because of this that clients will be able to continue to use all services freely and without any concerns. It is the bank's policy on the other hand to contact all its customers and employees in the affected areas immediately after the data breach occurs and seek its assistance from law enforcement agencies in addressing the problem. 

The bank refuses to reveal the identity of the third-party service provider affected, how many of its clients were affected as well as what type of data was exposed. The security breach operators could indeed use the impacted data in other illegal activities, within the countries allegedly compromised by the attack, for example, conducting phishing campaigns. 

As a result, customers and employees within the countries allegedly compromised by the attack should be cautious about their digital presence. There are serious concerns regarding the stability of the financial and banking sectors as an increasing number of cyber threats or the exposure of third-party databases, as was the case with the Santander data breach. Several incidents can erode confidence in the financial system, cause critical services to be disrupted, or have spillover effects on other institutions, as noted in a blog post by the International Monetary Fund last month. 

In March, the European Central Bank issued instructions to banks within the European Union region to be prepared for cyberattacks by taking stronger measures. Earlier, the European Central Bank (ECB) announced its intention to conduct a resilience test on a minimum of 109 of its directly supervised banks in 2024. This initiative arises from heightened concerns about the security of European banking institutions. 

In the previous year, data from Deutsche Bank AG, Commerzbank AG, and ING Group NV were compromised following an exploit by the CL0P ransomware group. This breach exploited a security vulnerability in the MOVEit file transfer tool. The European Central Bank’s official website elaborates that its banking supervisors depend on stress tests to collect vital information and evaluate the banks' ability to withstand, respond to, and recover from cyberattacks, rather than solely focusing on their capability to prevent such attacks. 

These assessments of response and recovery encompass the activation of emergency procedures, the implementation of contingency plans, and the restoration of normal operations. The website further details that the results of these tests will be utilized by supervisors to identify vulnerabilities. These identified weaknesses will then form the basis for discussions with the respective banks, aiming to enhance their overall cybersecurity resilience. The ECB’s proactive approach underscores its commitment to ensuring the robustness and reliability of the European banking sector in the face of evolving cyber threats.
Read more »
Privacy
Banking Cash Cyberattacks CyberCrime Cyberhackers Cybersecurity Privacy

Advocating for the Persistence of Cash to Counteract Intrusive Banking Practices

 


The Bank of England released news this week that the value of notes in circulation has increased by nearly 16 percent since last year as it announced the opening of a new exhibition on the future of money (who could resist a tour through the history of payment methods?) 

A curator at the Bank of England Museum, Jennifer Adam, stated that even though many people are making more use of digital payments regularly, many people may still be using cash regularly. She also added that if users are physically handing over cash in shops to keep track of their finances, it will be much easier for them to keep track of their finances. 

There is also a theory that the spike in cash can also be attributed to “the turmoil caused by the pandemic and a rise in living costs”. In today's world, users are sick and tired of Big Brother, the state that is grabbing our data with its tentacles. 

Big Brother isn't the only problem. The government is utilizing its catalogue of scapegoats to avoid addressing the current economic hardship that families are facing to avoid addressing the election looming ahead. To whip up divisive and xenophobic, anti-immigrant sentiment, there is no better example than Rishi Sunak’s ongoing struggle to implement an illegal flagship Rwanda policy which is the best example of this principle. 

During the last week, Sunak accepted (then backed out of) a £1000 bet with TalkTV host Piers Morgan that he would get planes in the air before the next general election, which exemplifies the government’s distancing from asylum seekers most affected by this policy, highlighting how the government has become increasingly indifferent to the misfortunes of asylum seekers.  

In light of the passage of the second reading in the House of Lords of the Data Protection and Digital Information Bill (DPDI), amendments to the bill will likely have a greater impact on benefits recipients regarding savings accounts, overseas travel, and other benefits. Additionally, several cruel pieces of legislation have been passed to weaken the welfare system in a misguided attempt to help people find work and to 'crackdown' on fraudulent welfare claimants by debilitating the system. 

This government seems determined to fight workers and benefits recipients against one another for votes, as evidenced by Sunak's promise of cutting disability benefits to reduce taxes. As a result of the DPDI Bill, a bill introduced by the Secretary for Work and Pensions, Mel Stride, the DWP will be able to spy on welfare recipients' bank accounts to improve the welfare system. 

Accordingly, nearly 9 million people and anyone connecting them to the claimant could be involved in surveillance. This can include previous and current partners, children, and even landlords, who may be linked to the claimant. The government is, however, facing mounting pressure against the bill, which is being backed by the private sector.

Over 80,000 signatures have been collected so far in favour of a petition asking that the government stop scrutinizing bank accounts, and to preserve benefits claimants' dignity and privacy. There have also been concerns voiced by politicians regarding privacy and surveillance. 

According to a senior government official, the government is making an Orwellian "nightmare" come true, as the House of Lords is considering a bill that would allow officials to snoop on the bank accounts of benefit claimants. For the Department for Work and Pensions (DWP) to be able to track fraud and errors among those claiming benefits, the Data Protection and Digital Information Bill would compel banks to provide the Department with data to assist in finding fraud and errors. 

In the House of Lords, it has now passed its second reading, which means it has passed its second reading in parliament. In his speech, Sir Prem Sikka told the House of Lords that George Orwell's iconic novel 1984, first published in 1949, proclaimed Big Brother to be the spectre of the future. 

A newly elected Conservative government has now given shape to this nightmare by allegedly rolling back many of the policies and programs of the state. As a result of the government's actions, the right of people to protest and withdraw their labour has already been undermined. The sick, disabled, elderly, poor, unfortunate, and everyone else there is on the streets are now subjected to snooping and 24/7 surveillance of their bank accounts, building societies, and other accounts without a court order.

Cash is resurging as a means of sending a reassuring message to those who have fled data to ensure that users are not alone in our flight. After the Facebook generation began to realise that posting photos of themselves getting sloshed on the internet was a mistake in an attempt to make their future bosses rethink their claims of loving nothing more than a quiet night in front of the TV, they soon stopped posting photos of themselves getting sloshed on the internet. The convenience and ease of buying everything on the go with a phone are now being less attractive for Millennials as they begin to realize that banks are watching their every move.
Read more »
data security
Bank Security Banking CSI Cyber Security CyberCrime data security

Bankers Worried About Data Security, CSI Research Suggests

Research published by Consumer Services (CSI) reveals increasing threats among bank executives in hiring new talent and facing cybercrime threats as a challenge. The survey received 279 executive responses from the banking sector nationwide, bankers listed cybersecurity dangers (26%) and hiring employees (21%) as the top problems in 2022. 

The survey results, suggesting respondents from different bank asset sizes, provide an alternate look into how these organizations tackle concerning issues like compliance, technological innovations, and customer expectations. 

For example, to improve user experience and increase market shares, banks are promoting the use of digital tools, like account opening (51% responses), customer relationship management (43% responses), and digital loans (36% respondents). 

CSI is a leading fintech, regtech, and cybersecurity solutions partner operating at the intersection of innovation and service. It excels at driving the business forward with a unique blend of cutting-edge technology, effortless integration, and a commitment to authentic partnerships defined by our customer-first culture. 

Customers have raised the bar in expectations from banks, and the latter should respond accordingly, says David Culbertson, CSI president, and CEO. The data is paired with banks' aspirations to improve digital tools, the banking industry is moving towards a digital-first mindset and aiming for digital advancement. Interestingly, bank leaders also aspire to open banking for growth, particularly for digital progress. 

The latest research suggests how banking institutes measure their personal growth in the rising digital landscape scenario. "For example, although executives on average rated their institutions a healthy 4/5 on compliance readiness, regulatory changes remain top of mind, with 14% of respondents naming it their primary concern.," reports HelpNet Security. 

Keeping the new administration in mind, bankers have mentioned "data privacy" (39% responses) and CECL (20% responses) as the most needed measures for banking institutions. "The continuation of remote work will make this a critical component, along with new asset types such as cryptocurrencies being adopted, and increasing privacy regulations. 

On the other hand, ransomware is expected to remain a challenge alongside a bigger looming threat from quantum computing, which holds the potential to defeat modern encryption systems," reports HelpNet Security.

Read more »
Trojan
Anubis Banking Banking Trojan Crypto Wallet Digital Banking Financial Data Hacking malware Orange Telecom Trojan

Anubis Trojan Targeted 400 Banks’ Customers

 

A malicious app disguised as the official account management portal for French telecom giant Orange S.A. is targeting customers of Chase, Wells Fargo, Bank of America, and Capital One, as well as almost 400 other financial institutions. 

According to researchers, this is only the beginning. Researchers at Lookout cautioned in a recent report that once downloaded, the malware - a version of banking trojan Anubis – collects the user's personal data and uses it to mislead them. And it's not just huge bank customers that are at risk, according to the researchers: Crypto wallets and virtual payment networks are also being targeted.

The Lookout report stated, “As a banking trojan malware, Anubis’ goal is to collect significant data about the victim from their mobile device for financial gain.”

“This is done by intercepting SMSs, keylogging, file exfiltration, screen monitoring, GPS data collection, and abuse of the device’s accessibility services.” 

The malicious version of the Orange Telecom account management software was uploaded to the Google Play store in July 2021 and then removed, but analysts believe this was only a test of Google's antivirus defences and that it could reappear shortly. 

The report added, “We found that obfuscation efforts were only partially implemented within the app and that there were additional developments still occurring with its command-and-control (C2) server. We expect more heavily obfuscated distributions will be submitted in the future.” 

New Anubis Tricks 

The malicious version of the Orange Telecom account management software was uploaded to the Google Play store in July 2021 and then removed, but analysts believe this was only a test of Google's antivirus defences and that it could reappear shortly. 

The banking trojan connects to the command-and-control (C2) server after being downloaded on the device and downloads another application to start the SOCKS5 proxy. 

“This proxy allows the attacker to enforce authentication for clients communicating with their server and mask communications between the client and C2. Once retrieved and decrypted, the APK is saved as ‘FR.apk’ in ‘/data/data/fr.orange.serviceapp/app_apk,'” the researchers stated.

The user is then prompted to disable Google Play Protect, giving the attacker complete control, according to the research. Banks, reloadable card businesses, and cryptocurrency wallets are among the 394 apps targeted by fr.orange.serviceapp, according to the researchers. 

The Anubis client was linked back to a half-completed crypto trading platform, according to the Lookout team. 

Anubis, which was first discovered in 2016, is freely available as open-source code on underground forums, along with instructions for budding banking trojan criminals, according to the research. 

According to Lookout, the basic banking trojan has added a credential stealer to the mix in this current edition of Anubis code, putting logins for cloud-based platforms like Microsoft 365 in danger. 

As per Kristina Balaam, a security researcher with Lookout, the Lookout team was unable to discover any successful attacks linked to the Orange S.A. campaign. 

“While we can’t be certain whether the app has been used in a successful attack, we do know they are targeting U.S. banks including Bank of America, U.S. Bank, Capital One, Chase, SunTrust and Wells Fargo,” Balaam stated.
Read more »
DDoS
Banking Cybersecurity DDoS

Hackers launch DDoS Attacks to Target Australian Banks


Hackers threatening banks in Monero to pay large amounts of money, and if the demands are not met, hackers have blackmailed to launch DDoS attacks against the banks. Since last week, bank corporations and different organizations in the financial sector in Australia have become the target of DDoS extortion campaigns.

A hackers group is blackmailing the victims to pay heavy amounts as a ransom. The attackers threaten to conduct a DDoS (Distributed Denial of Service) attack unless they are paid with XMR cryptocurrency in Monero. A security threat has been sent out by ACSC (Australian Cyber Security Centre) to inform the public about the attack. According to ACSC, none of the hackers have launched any attacks, nor has there been any news of DDoS attacks. The current evidence serves as proof of this claim.


DDoS Campaign Began in 2019 

 The Global Ransom Denial of Service (DDoS), a campaign that started in October 2019, is responsible for launching the attacks on Australian financial organizations. According to ZDNet, earlier ransom efforts targeted financial companies and the banking sector. But over time, these attacks expanded and reached out to other industries. The list of nations who were the victims of the ransom threat is the banking sector in South Africa and Singapore, the telecom sector in turkey, ISP providers in South Africa and gambling websites in South Asian countries.

The ransom demands kept going on, and the attackers systematically extended the campaigns to 10 different countries across the world. Some of the attacks were successful but not all of them, as it would have been near to impossible to launch an all-out DDoS resource attack against each party. According to claims of ZDNet, it confirms that numerous attacks launched against the parties as a part of the campaign were successful.

The Group keeps changing names 

 The group responsible for these attacks kept changing their identity to prevent being identified by the authorities. At first, they used Fancy Bear, the Russian hackers' group responsible for the 2014 White House Attack and 2016 DNC hack. After that, they used Cozy Bear, another Russian hacking group which is also infamous for the 2016 DNC attack.
Read more »
Trojan
Banking malware McDonald Trojan

A Trojan that Steals User's Banking Information via Fake McDonald Coupons


Spread via malvertising attacks, the banking trojan fools its victims through fake McDonald's coupons as a bait. This came into notice when banking details of Latin American buyers were tried to steal. The trojan discovered by experts at ESET is known as Mispadu, and it is similar to other trojans like Casbaneiro and Amavaldo that are found in Latin America. The trojan uses a remote crypto key for covering its original language. Mispadu targets users from Mexico and Brazil.


False McDonald’s tokens are used to lure the customers- 

 The process consists of using bogus McD offer tokens as bait. These discount vouchers are either sent through spam e-mails or facebook ads which when clicked, takes the user to the primary site of the coupon. When the user clicks the button to get the coupon, they are displayed with an MSI option. The hacker uses this MSI installer to start a command that deciphers and performs an initializing course which allows them to connect to a remote server. "The trojan was also detected when working on a harmful Chrome version. It's built to shield the Google Chrome network to instead affect its victims' devices through the support of JavaScript," confirms ESET's inquiry.

Loots banking and personal information- 

 Once the malware successfully invades a system, Mispadu uses false popup notifications to convince possible targets to share personal data. The primary aim of the trojan is to obtain critical system knowledge like- commonly used Latin American banking apps menu and downloaded safety products. The trojan also steals information from several network browsers and e-mail consumers. This includes Google Chrome, Mozilla Firefox, Outlook, Internet Explorer, and many more.

"Mispadu can also steal crypto funds like Bitcoins using a technique like a clipboard hijacking. But fortunately, no such case has appeared to date," says ESET. The elements of the Google Chrome expansion that the trojan uses for sharing can also collect users' transaction information and debit card data through various sites by scouring the information from data application lists. "For securing a backdoor entry in your device, Mispadu can automatically capture a screenshot, regulate your keyboard and mouse controls, and recover commands," say the experts.
Read more »
SCA checks
Banking Banking fraud Banking Phishing Customer Data customer privacy SCA checks

Banking customers are tricked by SCA checks

Online scammers are using changes to European banking rules around customer authentication to trick consumers into handing over their sensitive financial details, according to Which?

The consumer rights group warned that attackers are spoofing the emails being sent from banks, payment firms and e-commerce providers asking for up-to-date info, as part of new Strong Customer Authentication (SCA) requirements.

Firms across the EU are gearing up for the changes, part of PSD2, which will require a form of two-factor authentication on any online transactions over €30, although some exceptions apply.

Ironically, payments providers and e-commerce firms in the UK have been given a further 18 months to comply with the new rules, originally set for a September 14 deadline.

Yet that hasn’t stopped the scammers: Which? claimed it has already spotted phishing emails imitating emails from Santander, Royal Bank of Scotland (RBS) and HSBC.

Urging the recipient to update their banking information ahead of “new procedures,” they include links designed to take the victim to a legitimate-looking page designed to harvest banking details.

Which? argued that in many cases, legitimate brands are making it harder for consumers to spot phishing emails, by including links in their own emails, and by using multiple unusual domains for various landing pages.

The group claimed that 78% of its members think banks and other financial firms should never include links in emails, to make phishing attempts easier to spot.

Tripwire VP, Tim Erlin, agreed, arguing that companies can’t simultaneously tell customers not to follow links in emails but then continue to send them emails urging them to click through.

“As long as banks send legitimate emails as a means of communicating with customers, scammers will attempt the same with fake emails,” he added.

“Email as implemented today is a terrible system for conducting business. While attempts have been made to improve the technology, none of them have taken hold.”
Read more »
Loans
Banking China Cyber Security Jack Ma Loans

Chinese Banking Has A New Edge; Jack Ma Behind The Latest Developments!




Jack Ma is associated with one of the leading economies of the world.The risk management system employed by Jack Ma’s banking endeavors analyses over 3,000.

Per sources his company has lent around $290 billion to over 15 million small companies where the borrowing party could receive the cash almost immediately, with just a few taps.

The entire process requires no human forces and gets completed in around 3 minutes with a default rate of around 1%.

Earlier the small borrowers were rejected but thanks to MYbank and its associates the new form of payments is coming in real handy.

With the slow pace of China’s economy it gets imperative to keep a check on the risks and defaults.
Around two-third of the country’s small businesses couldn’t access loans, according to National Institution for Finance & Development.

But thanks to Jack Ma’s initiatives the lending and borrowing procedures of China are now seeing monumental growth.

Mybank’s lending app has created a real difference. By allowing the bank to access the store transaction data, some small loans have been covered.

Read more »
Subscribe to: Posts (Atom)