HackDig : Dig high-quality web security articles for hackers

New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam

Since the World Health Organization (WHO) declared the COVID-19 outbreak a pandemic on March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19-related spam, with lures ranging the full gamut of challenges and concerns facing individuals — from phishing emails impersonating the Small Business Administration (SBA) and the WHO to U.S.
Publish At:2020-05-03 08:13 | Read:706 | Comments:0 | Tags:Advanced Threats Banking & Financial Services Fraud Protecti

TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany

IBM X-Force researchers recently analyzed an Android malware app that’s likely being pushed to infected users by the TrickBot Trojan. This app, dubbed “TrickMo” by our team, is designed to bypass strong authentication methods that bank customers use when they need to authorize a transaction. Though it’s not the first of its kind, this
Publish At:2020-03-24 07:55 | Read:905 | Comments:0 | Tags:Advanced Threats Risk Management Threat Intelligence Android

Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection

Before a short lull in mid-February, Emotet was in the midst of a rise in activity that has been apparent since late 2019 — in terms of both spam and infecting potential victims via SMiShing attacks. In cases observed by IBM X-Force researchers, SMS messages sent from what would appear to be local U.S. numbers are being delivered to mobile phones impersonati
Publish At:2020-02-19 08:17 | Read:928 | Comments:0 | Tags:Malware Threat Intelligence Antivirus Banking Security Phish

Open Banking Is Here — Is Your Bank Positioned to Lead?

Banking is set to significantly change as Payment System Directive 2 (PSD2) regulations are introduced across Europe. In fact, open banking regulations are being considered in a number of regions around the world. The directives will require financial institutions to adopt open banking by safely and securely allowing customers to view account information and
Publish At:2017-11-01 18:45 | Read:6715 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Risk Managemen

Advanced Approaches to ATM Network Protection

End-to-end automated teller machine (ATM) network protection encompasses multiple security layers. Is it not enough to simply protect ATM endpoints to ensure the security of a bank’s finances. Instead, security teams at financial institutions must take a more advanced approach to ATM network protection. ATM security has always been a hot-button issue
Publish At:2017-08-11 15:05 | Read:7558 | Comments:4 | Tags:Banking & Financial Services Fraud Protection Network Securi

New Threats? No Problem! Identify Emerging Cybercrime Trends Early to Fight Financial Fraud

Every year, cyberattacks become more sophisticated, new malware emerges and fraud losses rise. Have you ever looked at your banking information to see a transaction that you didn’t make? Have you ever checked your credit report to find cards you never signed up for or high balances you didn’t create? Unfortunately, financial fraud is an issue ma
Publish At:2017-06-27 02:05 | Read:4368 | Comments:0 | Tags:Fraud Protection Risk Management Bank Fraud Banking Security

QakBot Banking Trojan Causes Massive Active Directory Lockouts

IBM X-Force Research recently observed a wave of malware-induced Active Directory (AD) lockouts across several incident response engagements. The lockouts caused hundreds to thousands of AD users to get locked out of their company’s domain in rapid succession, leaving employees of the impacted organizations unable to access their endpoints, company ser
Publish At:2017-06-03 00:15 | Read:8638 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Banki

Govern Your API Banking Environment

Mobile and online banking have already taken their place as conventional banking channels. But banks are constantly looking for new, alternative delivery methods to sell their products and distribute their services. This new channel seems to be application program interface (API) banking. As always, emerging opportunities come with emerging risks. Transition
Publish At:2017-02-27 11:15 | Read:4698 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Risk Managemen

Indian Banking Customers, Beware! Hackers Have an Eye on Your Money

A couple months back, I received a phone call from a man claiming to represent my bank. He menacingly asked me to share my debit card details so he could stop my account from being blocked. I panicked for a few seconds, then asked him some probing questions. The caller hung up the phone. A call to my bank about the security of my account did not provide very
Publish At:2017-02-14 09:35 | Read:4658 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Bank Fraud Ban

Why 53 Percent of Banks Think Security Controls Negatively Impact Customer Experience

How do you tell if a legitimate customer or a fraudster is signing into your online banking platform? How do you know if the authentication measures your organization is using are effective? How important is it to your organization to provide a seamless customer experience while maintaining adequate security controls? The Problem With Customer Security These
Publish At:2017-02-02 20:55 | Read:4167 | Comments:0 | Tags:Banking & Financial Services Fraud Protection Bank Fraud Ban

Designer Wallet or Mobile Wallet: Which One Do You Carry?

Nov. 8, 2016, is etched in my memory as the day the Indian government made a life-changing announcement regarding demonetization. With higher value currency being made invalid for transactions, my fancy Michael Kors wallet faced a sudden existential crisis. While the early days of demonetization brought a mad scramble to ATMs and banks, mobile wallet provide
Publish At:2017-01-24 15:55 | Read:3684 | Comments:0 | Tags:Mobile Security Banking Banking Security Fraud Fraud Prevent

Financial Services Sector Ends 2016 With a Bang

The financial services sector remained a sweet spot for cybercriminals in the second half of 2016. As we predicted in June, the industry continued to grapple with threats from individual fraudsters, organized cybergangs and even nation-states. As always, cybercriminals go where the money is. Many high-profile thefts hit the headlines all over the world in th
Publish At:2016-12-19 22:55 | Read:4654 | Comments:0 | Tags:Banking & Financial Services Data Protection Fraud Protectio

Password Reset OTP Bypass Critical Vulnerability in YesBank Banking Application

I am a customer of YesBank and I hold my savings account with them. I also use the YesBank’s online banking application and I strongly feel that the application of the bank must be secured. So, as a responsible client, I disclosed the vulnerability to YesBank which I recently found in their application. And I would like to thank YesBank for fixing this
Publish At:2016-10-20 12:50 | Read:3535 | Comments:0 | Tags:News Banking & financial services Vulnerability Banking Secu

One click too fast

This is the seventh in a series of posts about Cyber Defense that happened to real people in real life, costing very real money. “If I weren’t a lawyer, I probably wouldn’t have survived today”, Kate thought, as she opened a bottle of whiskey. She had earned it. It was a hard day, a disaster. Well, not a total disaster. When she had closed down her law
Publish At:2015-11-17 21:20 | Read:10338 | Comments:0 | Tags:Security banking security banking trojan attackment cyber de

Vulnerabilities Identified in NY Banking Vendors

In hopes of bolstering security, banks in New York over the next several weeks want to enact new regulations for any third party vendors they do business with.A report released last week pointed out that one in three N.Y. banks don’t require their vendors to notify them in the event they experience a data breach. More than half of the banks are also ne
Publish At:2015-04-13 17:55 | Read:3808 | Comments:0 | Tags:Compliance Vulnerabilities Bank hacks banking security