Doha News reports that clients of Qatar National Bank (QNB), employees at Al Jazeera Media Network, and even secret service agents have had what appears to be their details leaked. The names, phone numbers, bank passwords and other sensitive information of what appears to be a large number of Qatar National Bank (QNB) customers has…
Category: Financial Sector
SWIFT warns customers of multiple cyber fraud cases, issues software security update
Jim Finkle reports: SWIFT, the global financial network that banks use to transfer billions of dollars every day, warned its customers on Monday that it was aware of “a number of recent cyber incidents” where attackers had sent fraudulent messages over its system. The disclosure came as law enforcement authorities in Bangladesh and elsewhere investigated the…
SWIFT Software Bug Exploited by Bangladesh Bank Hackers
Phil Muncaster reports: A bug in SWIFT banking software may have been exploited to allow hackers to make off with $81 million from Bangladesh’s central bank in February, according to reports. Investigators at British defense contractor BAE Systems told Reuters that the malware in question, evtdiag.exe, had been designed to change code in SWIFT’s Access…
JPMorgan Hack Case Nets Dad Accused in Bitcoin Bribery Plot
Patricia Hurtado and David Voreacos report: Federal prosecutors broadened a case linked to what the U.S. called a multiyear criminal enterprise centering on hacks of publishing and financial firms including JPMorgan Chase & Co., according to court records in Manhattan. […] In a revised indictment, Anthony Murgio and his co-conspirators are accused of knowingly exchanging…
Failed blackmail nets ex-Leumi Card employee 11 years in jail
Gur Megiddo reports a follow-up on an insider breach that occurred in 2014 and was previously covered here and here: A former Leumi Card employee convicted of stealing information from the credit card company’s database as a precursor to blackmail has been sentenced to 11 years in prison. Eliran Rosnis admitted the charges against him…
Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms
Catalin Cimpanu reports: Vulnerabilities known as IODR (Insecure Direct Object References) were found and fixed in Worldpay, an online secure payments platform, security researcher Randy Westergren reports. An IODR vulnerability is when users have access to information they should not see, either because it belongs to another user or originates from an account with higher privileges. In…