North Korea-linked APT group BeagleBoyz intensified its operations since February, US CISA, Department of the Treasury, FBI, and USCYBERCOM warn. According to a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation (FBI), and U.S. Cyber Command (USCYBERCOM)

The ATM manufacturer giants, Diebold Nixdorf and NCR, have released software updates to fix a flaw that could have been exploited for ‘deposit forgery’ attacks The ATM manufacturers Diebold Nixdorf and NCR have addressed a bug that could have been exploited for ‘deposit forgery’ attacks The flaws that could have allowed crooks t

Distributed denial of service (DDoS) attacks are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. Kaspersky also found that DDoS cyberattacks are increasing in duration. Average attack

ATM maker Diebold Nixdorf is warning banks a new ATM black box attack technique that was recently employed in cyber thefts in Europe. Black box attacks are a type of jackpotting attack aimed at forcing an ATM to dispense the cash by sending a command through a “black box” device. In this attack, a black box device, such as a mobile device o

Containers have become a staple among large banks and financial services firms, which have used the technology in production. It has captured the attention of the broader market, that hopes to achieve the same technology benefits of improved application delivery and run-time efficiencies. This modular plug-and-play architecture is more scalable and can deliv

Website owners, listen up: There are lots of things you shouldn’t do with your site, and many more you should avoid with the domains you’re responsible for. Insider malice, bad luck, and the stars aligning in impossible ways can all give your online portfolio a bad hair day. However, if you want to tempt fate, you can bring on the mayhem with website misconf

Experts found a tainted app in the Google Play store that was downloaded by more than 10,000 users and that was delivering the Cerberus banking Trojan. Researchers from AVAST have discovered a currency converter application in the Google Play store that was downloaded by more than 10,000 users and that was designed to deliver the Cerberus banking Trojan.

Experts spotted a new version of the IcedID banking trojan that uses steganography to infect victims as part of COVID-19 themed attacks. A new version of the IcedID banking trojan was employed in COVID-19 themed attacks, the new variant uses steganography to infect victims and implements anti-detection capabilities. Researchers at Juniper Threat La

In a public announcement released on June 10th, the Federal Bureau of Investigation (FBI) warned that bad actors are now aiming at mobile banking users. Because of the pandemic, more and more people are looking for an alternative to physically visiting branch locations, so hackers will be looking for ways to exploit the new trend. The law enforcement agency

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot, aka Qakbot, is a data stealer worm wi

I recently talked with Julian Hall, senior vice president of enterprise architecture and application development at Security Service Federal Credit Union, to discuss what steps he and his team took in securing his credit union’s digital channels. Julian has more than 30 years of software industry experience and has been with Security Service for the la

Since the World Health Organization (WHO) declared the COVID-19 outbreak a pandemic on March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19-related spam, with lures ranging the full gamut of challenges and concerns facing individuals — from phishing emails impersonating the Small Business Administration (SBA) and the WHO to U.S.

Security researchers at Cybereason are warning of a new mobile banking trojan that steals details from financial apps and intercepts SMS messages to bypass two-factor authentication mechanisms.According to experts who have examined the code of the malware, known as EventBot, it differs substantially from previously known Android malware – suggesting th

During the past few months, IBM X-Force researchers have noticed a familiar malware threat that typically affects bank customers in Brazil has spread to attack banks in Spain. The rise in campaigns prompted us to look into it further. Grandoreiro, a remote-overlay banking Trojan, has migrated to Spain without significant modification, proving that attackers

DDoS extortionists are blackmailing Australian banks asking for payments of large sums in Monero cryptocurrency threatening DDoS attacks. Cybercriminals are threatening Australian banks of DDoS attacks if they will not pay large sums in Monero cryptocurrency. The extortion campaign was observed over the past week, attackers are sending emails to the ba