Damir Mujezinovic reports: Israeli cybersecurity firm Sygnia released a report in January 2022 revealing that a hacker group dubbed Elephant Beetle siphoned off millions from businesses in the financial sector in Latin America. […] To carry out its Java-based attacks, Elephant Beetle uses a wide arsenal of more than 80 unique tools and scripts, the researchers wrote…
Category: Financial Sector
Ukrainian defense ministry hit by DDoS during tense standoff with Russia
Corin Faife reports: On Tuesday, Ukraine’s Ministry of Defence suffered from a DDoS attack that prevented users from accessing its website, and two Ukrainian banks lost access to online banking services, according to statements from the government. In a tweet posted at around 7PM local time (12PM ET), the Ukrainian Ministry of Defence said that its website…
Houstonian sent to prison for fraud schemes totaling nearly $2M
There is an update to a case involving the Teton School District that was first reported in 2018. Although the FBI was able to recover some of the stolen funds for the district, this was not the first time the district had suffered this type of breach. But at least now the threat actor responsible…
One year after it started, LendUs discloses that they had a breach
As you read the following press release, note that they do not tell us when they first discovered that there might have been a security breach or incident. Nor do they tell us how they first discovered it. And what’s with this “out of an abundance of caution” claim? If you can’t figure out what…
SEC’s breach notification proposal one step closer to a final vote
Tonya Riley reports: The Securities and Exchange Commission voted Wednesday 3-1 to approve a recommendation for tighter mandatory cybersecurity requirements for financial institutions. The proposed rule will now open to public comment before a final vote. “The proposed rules and amendments are designed to enhance cybersecurity preparedness and could improve investor confidence in the resiliency of advisers…
The high cost of mishandling data breaches, security reporting for financial services
Karen Hoffman reminds readers of the costs of poor security, reporting, in part: Last month, the U.S. Securities and Exchange Commission (SEC) fined Chase $125 million due to employees’ insecure practices, namely using WhatsApp and personal email accounts to transact official business, thus not adhering to SEC record-keeping requirements. Additionally, under a separate enforcement action,…