Tag: financial services
68 articles

Russian Hackers Target Network Devices With Exploits
Russian hackers, linked to the Federal Security Service's Center 16, have been actively targeting critical US and foreign networks across multiple sectors, including defense, energy, and healthcare, for over a decade. This ongoing threat has compromised networks in various industries, posing significant risks to national security and global stability.

EvilTokens Exposes New Blind Spot in Email Security
A shocking 75.6% of consulting firms were exposed to phishing attacks in 2026, with other industries like financial services, manufacturing, and tech also falling prey to these threats. EvilTokens' ghost phishing campaign uses a sneaky Microsoft Device Code Phishing tactic to trick victims into giving hackers access to their Microsoft 365 accounts.

The Gentlemen Ransomware Gang Exposes Advanced Tactics
Meet The Gentlemen, a notorious ransomware gang that's made a name for itself with sophisticated tactics, ranking among the top 10 ransomware actors in just a few months. Since February 2026, they've been wreaking havoc across industries and geographies, with a strong presence in Brazil, China, Indonesia, Taiwan, and Thailand.

Hackers Inject Malicious Script in Polymarket Supply-Chain Attack
Polymarket has pledged to fully reimburse customers who lost around $3 million in a shocking supply-chain attack that injected malicious JavaScript into the platform's frontend via a third-party vendor breach. The incident highlights the vulnerability of even major players to these types of attacks.

North Korea Targets Developers with 250 Fake Job Offers in Credential Heist
In a sneaky credential heist, hackers sent over 250 fake job offers to developers at nearly 100 US organizations, disguising phishing attempts as recruitment messages. The six-week scam targeted professionals in tech, education, and finance.

Mandiant Exposes UNC3753's US Law Firm Data Heist Tactics
Beware of UNC3753, a notorious group that's been stealing sensitive data from US law firms and other professional services, using clever vishing tactics and lightning-fast intrusions to extort their victims. In some cases, they can go from initial contact to data theft in under an hour.

Lloyds Banking Group Unveils Hands-On Approach to Securing Agentic AI
Lloyds Banking Group is taking a proactive approach to securing agentic AI, recognizing that understanding AI itself is crucial to embedding security into its adoption. The bank has made security a top priority, framing it as a deliberate technical strategy that spans the entire AI lifecycle.

Banks' Annual Testing Model Leaves 345 Days of Unvalidated Exposure
Imagine having 345 days of potential vulnerability, with hackers free to exploit your defenses while you wait for your annual security test. That's the harsh reality of the traditional annual testing model, which leaves your business exposed for nearly 11 months of the year.

Robinhood's AI Trading Push Raises Accountability, Security Risks
As Robinhood rolls out AI-powered trading and credit card features, experts are sounding the alarm on potential accountability and security risks - but the company claims it's prioritizing safety with built-in controls. Can AI agents truly be trusted to make trades and purchases on our behalf?

Apple Foils $11 Billion in App Store Fraud Over Six Years
Apple's vigilant efforts have paid off, blocking a whopping $11 billion in App Store fraud over the past six years, with a staggering $2.2 billion foiled in 2025 alone. The tech giant's winning combination of human review and cutting-edge tech has kept scammers at bay.

Agentic AI Turbo Boosts Mobile App Attacks
The alarming rise of mobile app attacks is no longer looming on the horizon - it's here, with a staggering 87% of monitored apps facing threats in 2026, a drastic jump from 55% in 2022, fueled by the rapid adoption of AI models. This explosive growth in attacks is a wake-up call for businesses to bolster their mobile app security.

UK Regulators Warn Financial Firms on Frontier AI Cybersecurity Risks
UK regulators are sounding the alarm: as frontier AI models advance, financial firms must urgently bolster their cyber defences to avoid catastrophic threats to safety, customers, and financial stability. The warning comes as AI capabilities increasingly outpace human expertise, offering malicious actors unprecedented speed, scale, and low-cost opportunities to wreak havoc.

Banks Face Growing Pressure to Justify Fraud Losses
As the Federal Reserve expands FedNow to handle higher-value transactions, banks face a daunting challenge: making split-second decisions to prevent fraud and money laundering, with transactions becoming irreversible in mere seconds. This heightened risk demands innovative solutions to safeguard against losses.

Organizations Fortify Defenses Against Evolving Scattered Spider Threats
As Scattered Spider threats evolve, organizations across finance, healthcare, and telecom are bolstering their defenses against sophisticated identity-driven attacks. They're facing an adaptable adversary that's changing tactics, putting pressure on institutions to respond.

PCPJack Credential Stealer Exploits CVEs to Spread Across Cloud Systems
Meet PCPJack, a sneaky credential stealer that's exploiting vulnerabilities to spread rapidly across cloud systems, swiping sensitive info from services like cloud, finance, and productivity tools. Its operators are after one thing: illicit financial gain.

Phishing Campaign Targets 35,000 Users in 2 Days
In just 48 hours, a massive phishing campaign hit over 35,000 users across 13,000 organizations in 26 countries, with nearly 1 in 5 targets in the healthcare and life sciences sector. The alarming attack highlights the speed and scale of modern phishing operations.

Microsoft Exposes Large-Scale Phishing Campaign Targeting 35,000 Users Worldwide
A massive phishing campaign targeting over 35,000 users worldwide has been uncovered, using sophisticated email templates that convincingly masquerade as legitimate internal communications. The highly convincing lures successfully hit organizations across 26 countries, with a staggering 92% of targets based in the US.

New York Fines Delta Dental $2.25M for MOVEit Hack Violations
Delta Dental of New York has been fined $2.25 million by the New York Department of Financial Services for its handling of a massive data breach involving hackers stealing around 60,000 files from its MOVEit servers in 2023. The hefty penalty highlights the importance of robust cybersecurity measures to protect sensitive information.

Robinhood Flaw Exploited to Send Convincing Phishing Emails
Scammers have found a way to send fake emails that look like they're really from Robinhood, complete with convincing details like unusual IP addresses and partial phone numbers. These phishing emails even appeared to come from Robinhood's official email address, making them super convincing.

Goldman Sachs Bolsters Defenses with Anthropic's Mythos Model
Goldman Sachs is taking a proactive approach to harnessing AI's potential while safeguarding against risks, partnering with Anthropic and security vendors to deploy controls around powerful models like Mythos. CEO David Solomon emphasizes the bank's hyper-aware stance, balancing innovation with robust risk management to mitigate threats like accelerated cyberattacks.

Bitcoin Depot Suffers $3.6m Crypto Heist After System Breach
In a shocking turn of events, Bitcoin Depot fell victim to a cunning cyber-attack, allowing hackers to siphon off over 50 Bitcoin worth a staggering $3.66m from its internal systems. The breach has left the company scrambling to rebuild trust and protect its customers.

Financial Services Grapple with SecOps and GRC Alignment Challenges
In financial services, two crucial functions - SecOps and GRC - are struggling to move in lockstep, despite their shared goals of protecting assets and meeting regulatory expectations. Can they ever align to tackle security and compliance challenges head-on?

Fraud Investigation: Stunning Python Malware Alarming Banks
Stunning new findings reveal a Python-based malware toolkit—layered obfuscation, throwaway infrastructure and automated workflows—that powered large-scale bank fraud. Now banks face a stark choice: tighten controls and risk customer friction, or live with stealthy theft that slowly erodes trust.

Jackpotting Surge: Stunning, Costly $20M Hit to Banks
An FBI alert reveals ATM jackpotting cost banks $20M in 2025—criminals are now turning cash machines into programmable paydays by exploiting unpatched systems, weak credentials, and supply‑chain gaps. It’s a wake‑up call that security isn’t just about tech—people and processes matter too.