Jim Finkle reports: SWIFT, the global financial network that banks use to transfer billions of dollars every day, warned its customers on Monday that it was aware of “a number of recent cyber incidents” where attackers had sent fraudulent messages over its system. The disclosure came as law enforcement authorities in Bangladesh and elsewhere investigated the…
Category: Financial Sector
SWIFT Software Bug Exploited by Bangladesh Bank Hackers
Phil Muncaster reports: A bug in SWIFT banking software may have been exploited to allow hackers to make off with $81 million from Bangladesh’s central bank in February, according to reports. Investigators at British defense contractor BAE Systems told Reuters that the malware in question, evtdiag.exe, had been designed to change code in SWIFT’s Access…
JPMorgan Hack Case Nets Dad Accused in Bitcoin Bribery Plot
Patricia Hurtado and David Voreacos report: Federal prosecutors broadened a case linked to what the U.S. called a multiyear criminal enterprise centering on hacks of publishing and financial firms including JPMorgan Chase & Co., according to court records in Manhattan. […] In a revised indictment, Anthony Murgio and his co-conspirators are accused of knowingly exchanging…
Failed blackmail nets ex-Leumi Card employee 11 years in jail
Gur Megiddo reports a follow-up on an insider breach that occurred in 2014 and was previously covered here and here: A former Leumi Card employee convicted of stealing information from the credit card company’s database as a precursor to blackmail has been sentenced to 11 years in prison. Eliran Rosnis admitted the charges against him…
Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms
Catalin Cimpanu reports: Vulnerabilities known as IODR (Insecure Direct Object References) were found and fixed in Worldpay, an online secure payments platform, security researcher Randy Westergren reports. An IODR vulnerability is when users have access to information they should not see, either because it belongs to another user or originates from an account with higher privileges. In…
Lessons from the Olympus Mortgage vs. Guaranteed Rate Case
Craig Nazarro of Baker Donelson writes about an insider breach case previously covered on this blog: Late last month a jury awarded Mount Olympus Mortgage Company (MOMC) more than $25 million for their claims against Guaranteed Rate (Guaranteed), which alleged Guaranteed along with other former employees of MOMC illegally transferred hundreds of loan files from…