Financial Services – Page 5

Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

Posted on March 8, 2021 by Tim Starks

The Accellion hack has claimed another victim, this time a financial firm that boasts it’s the second-largest savings bank in the United States. Michigan-based Flagstar Bank recently began notifying affected customers that on Jan. 22, Accellion, an IT provider, relayed that a vulnerability in its file sharing platform had affacted Flagstar. The software flaw has led to breaches at firms around the world, with hackers exploiting the Accellion vulnerability to victimize grocery chain Kroger, cybersecurity company Qualys, the Reserve Bank of New Zealand, the state of Washington, prominent law firm Jones Day (which counts former President Donald Trump among its clients) and perhaps others. “Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted,” Flagstar said in a notice on its website. The Clop ransomware gang, alternately known […]

The post Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk appeared first on CyberScoop.

Continue reading Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk→

Cloud security firm Qualys reportedly victimized by prolific scammers

Posted on March 3, 2021 by Sean Lyngaas

A set of cybercriminals behind a string of recent hacks involving Accellion-made software is now claiming responsibility for a breach of Qualys, a major cloud computing security vendor. As proof of the access to data, an extortion site maintained by hackers has leaked documents claiming to contain information on Qualys customers. Attackers affiliated with the extortion site have previously been linked to the Clop ransomware, a file-locking malware that emerged two years ago. This month, thieves claimed responsibility for a series of incidents that have relied on data leaks, rather than ransomware, as an extortion tactic, according to security firm FireEye. With some 19,000 clients, including major financial firms like Capital One and Experian, Qualys represents an attractive target for extortionists keen on making sensitive data public. It was not immediately clear Wednesday how, if at all, the reported breach affected Qualys’ customers, or if ransomware was deployed. The […]

The post Cloud security firm Qualys reportedly victimized by prolific scammers appeared first on CyberScoop.

Continue reading Cloud security firm Qualys reportedly victimized by prolific scammers→

How Page Integrity Manager Detects Real-World Magecart Attacks

Posted on January 26, 2021 by Ziv Eli

In this blog, we will take a look at and break down a recent Magecart attack detected and mitigated by Page Integrity Manager. The impacted customer operates a large international e-commerce business in which one of its websites was compromised with a malicious script. Continue reading How Page Integrity Manager Detects Real-World Magecart Attacks→

Banking Cybersecurity Vet: Why Transformation Must Start at the Top

Posted on January 22, 2021 by CyberArk Blog Team

The banking industry spends 40% more on combating cybercrime than any other industry, with a per-firm average of $18.5 million spent on direct costs of incidents annually. When you also consider that cyber attacks on…
The post Banking Cybersecurity V… Continue reading Banking Cybersecurity Vet: Why Transformation Must Start at the Top→

How the Edge Improves Microservices

Posted on December 22, 2020 by Pavel Despot

Microservice architecture has transformed the way we develop and operate our applications. Microservices aren’t a technology or a programming language. Instead, they create a structure for designing and building applications based on the idea that the … Continue reading How the Edge Improves Microservices→

How the Edge Improves Microservices

Posted on December 22, 2020 by Pavel Despot

Microservice architecture has transformed the way we develop and operate our applications. Microservices aren’t a technology or a programming language. Instead, they create a structure for designing and building applications based on the idea that the individual functions of a website should operate independently. From this simple concept comes a multitude of benefits including: Continue reading How the Edge Improves Microservices→

10 Ways to Protect Against DDoS Attacks

Posted on December 16, 2020 by Gerhard Giese

Distributed denial-of-service (DDoS) attacks continue to grow in size, frequency, and complexity, threatening businesses and service providers around the world. A warning was recently issued about a steep uptick of DDoS attack threats demanding bitcoin ransom with thousands of organizations across industries and around the world targeted. In June, AWS disclosed a record-setting 2.3 Tbps DDoS attack, breaking the previous record, a 1.3 Tbps attack mitigated by Akamai back in 2018. Continue reading 10 Ways to Protect Against DDoS Attacks→

10 Ways to Protect Against DDoS Attacks

Posted on December 16, 2020 by Gerhard Giese

Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users

Posted on December 8, 2020 by Elizabeth Montalbano

It remains unknown as to why Microsoft is allowing a spoof of their very own domain against their own email infrastructure. Continue reading Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users→

The Open Banking API Security Imperative

Posted on December 8, 2020 by Shreyans Mehta

The second Payment Services Directive (PSD2) in Europe, which requires banks to open their payment services to third parties via a series of APIs, has enabled a range of new FinTech products that make it easier for consumers and businesses to manage th… Continue reading The Open Banking API Security Imperative→