Banks News, Articles and Updates

Banks lose £30m plus to new hybrid threat hitting former Soviet states

Banks face a new hybrid threat from hackers that has already netted criminals a cool £30 million, according to a new report.

Trading apps found to be worse at security than banking apps

Researchers find trading apps riddled with flaws despite transacting millions of pounds of shares

More ATM network attacks expected, US and Canada to be targeted

Network segregation is no longer enough to keep bank ATM networks safe from cyber-crooks, and network attacks in bigger regions such as the United States and Canada, are expected to start happening in 2017 and beyond.

European banking breach guidelines more strict than EU GDPR

Guidelines to payment service providers, supplied by the European Central Bank, call for reporting of a breach within two hours compared to the EU GDPR requirement for reporting within 72 hours.

FCA must have cyber-security experts on BoD

Following the recent attack, Tesco Bank reported the breach to the Financial Conduct Authority, an organisation ill-equipped to understand what had happened.

50 arrests for Russia's largest hacker group

Some 50 suspects from 15 Russian regions have been arrested, believed to be part of Russia's largest hacking group, responsible for Trojan and botnet attacks on Russian banks, stealing some £57 million.

Russia's Central Bank introduces new mandatory cyber-security regulations

Russian banks will be faced with a whole range of new regulations, and penalties for non-compliance, when it comes to cyber-security, according to the country's Central Bank

SEC chief: Cyber-crime biggest threat to financial systems

Hackers could wreak havoc on banks and other financial institutions, claims Mary Jo White

UAE InvestBank hacked, nearly 100k recycled data records leaked?

A data file of 10GB holding sensitive financial data compromised from an InvestBank in the United Arab Emirates (UAE) has been leaked online. The file contains information on tens of thousands of customers from a bank based in Sharjah.

ICYMI: Morrisons breach; Worldpay card data; power attack losses; Russian EU targets; criminal capability

The latest In Case You Missed It (ICYMI) looks at Morrisons lawsuit; Wordpay vulnerabilities; Critical scenario costs; EU Banks targeted; Cyber-crime capabilities.

ICYMI: Russian bank attack; UK CISO?; banks suspended; Crypto hack, hospital ransom

The latest In Case You Missed It (ICYMI) looks at Rusian bank attack thwarted; need for UK CISO?; banks hack themselves; Cypto key hack; US hospital ransomed.

Cyber-criminals have evolved tactics, says ThreatMetrix report

ThreatMetrix's new report has come up with several new insights from the last quarter including the evolution of bot tactics to avoid the traditional defences of lenders and banks.

Russian police prevented massive banking sector cyber-attack

Russian Interior Ministry cyber-crimes department thwarts Russian banking cyber-crime group.

ICYMI: OS X most vulnerable? Bank SSL use; GDPR agreed; Dutch damn backdoors; Baltic security boost

The latest In Case You Missed It (ICYMI) looks at Apple OS X vulnerability ranking; Banks still using SSL; GDPR agreed; Dutch oppose encryption backoors; Baltics boost national IT security

Russia's cyber-attack losses may reach US$1 bn

At least half of Russian corporate computers have been attacked, and increasingly hackers rely on the slow rate of patching.

Letters: UAE bank hack a wake-up call

Letters to the editor: UAE bank hack and ransom a wake up call for companies to contain breaches once they occur.

Cash machines in malware risk as embedded Windows XP reaches end of life

Banks are strictly Lastminute.com when it comes to updating embedded Windows XP operating systems in their ATMs, leaving 65,000 cash cows vulnerable to malware milking.

Hackers increase attacks on Russian online banking

Amid the growing number of cyber-attacks on their internet systems, Russian banks are considering designing new systems of IT security.

ICYMI: Windows 10 hack, Bank attacks and slow DDoS

This week's 'In Case You Missed It' column looks at the five most-read articles on SC this week, from hacking of Windows 10 and exploits on patched Macs to bank attacks and DDoS.

Banking industry pins its hopes on new dot-bank TLD

It's hoped that a new TLD will revolutionise online bank security, but time will only tell if it will gain traction with the industry and the public.

ICYMI: Phishing in the Yemen, Google privacy & women in security

This week's In Case You Missed It looks at Yemen's cyber-army, Google's latest efforts with online privacy and finally some good news for women in security.

Tiny Tinba malware gets tough, new variants infect European banks

Researchers at IBM Security Trusteer say that new and nasty variants of the Tinba Trojan, said to be the world's smallest malware, are emerging, and they're targeting European banks.

Russian banks lose 3.5 billion Rubles to hackers

Russian banks increasingly concerned at the activities of cyber-criminals taking advantage of dated operating systems.

New links between Carbanak APT and Russian government?

The Carbanak APT group which has stolen millions of pounds from global banks may have close ties to Russia after all. A security researcher says that the command and control (C&C) used by the group resolves to an IP linked to the Russian Federal Security Service (FSB).

Banks could be first to be hit by EU privacy fines

Nearly half of European IT professionals would struggle to meet the reporting requirements of new EU data protection regulation. That's according to a survey from Varonis, who also found that a third of organisations did not have a plan to enable them to comply with the new legislation.

ICYMI: Barclays beefs up security, AVs vulnerable to Freak & getting InfoSec right

The top stories on SC over the last week include Barclays poaching staff from Europol, anti-virus concerns and some useful advice for getting information security right.