India’s central bank mandated use of .bank domains to enhance trust – but its registry leaked sensitive info
Open API could reveal everything an attacker needs to impersonate bank officials
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Open API could reveal everything an attacker needs to impersonate bank officials
15-year-old among six arrested after Dutch cops target suspected bank fraud call center
Volume and sensitivity of the data cited as chief concerns
Names, addresses, dates of birth, and bank details accessed, though not passwords Basic-Fit, Europe's largest gym chain, has confirmed data including the bank details of around a million customers was stolen from its systems.…
Global bank's devs have some cleaning up to do after cloud creds found in website code Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages.…
They cleverly mimic most traits of a real phone Smartphones have fast become the basis of our digital identities, securing payment systems and bank accounts. Now virtual devices that pretend to be real handsets have become a key tool for financial scammers, according to one company. …
AI helped send weekly threat signal count from 80 million to 400 billion, then helped response time shrink from two days to 30 minutes Australia’s Commonwealth Bank built its own agentic AI threat hunting tools, because vendors are too slow to develop tools that can cope with emerging AI-powered threats, according to General Manager of Cyber Defence Operations Andrew Pade.…
17-year-old allegedly withdrew large sums of cash from ATMs Dutch police have arrested a 17-year-old boy who detectives suspect was responsible for 16 bank card frauds across the Netherlands.…
MOIS-linked MuddyWater crew has a new, custom implant An Iranian cyber crew believed to be part of the Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies' networks - including a bank, software firm, and airport, among others - since the beginning of February, with more activity in the days following the US and Israeli military strikes, according to security researchers.…
Vulnerable citizens targeted by criminals purporting to represent fake police crisis department Scammers targeted Dubai citizens mere hours after missiles struck the city, attempting to gain access to their bank accounts, police have warned.…
PLUS: Unpatched Ivanti boxes under attack; 0APT might not be a scam; AI gets better at helping cyber-scum; And more Infosec In Brief An unknown attacker accessed the French government’s database listing every bank account in the country and made off with 1.2 million records.…
Names, addresses, bank account numbers accessed – but biz insists passwords and call data untouched The Netherlands' largest mobile network operator (MNO) has admitted that a breach of its customer contact system may have affected around 6.2 million people.…
Mind the cyber gap – similar flaws highlighted multiple years in a row Concerned about the orgs that safeguard your money? The UK's annual cybersecurity review for 2025 suggests you should be. Despite years of regulation, financial organizations continue to miss basic cybersecurity safeguards.…
Bank staff wore the blame for a silly security slip Who, Me? Welcome to another edition of “Who Me?”, The Register’s Monday column that shares your mistakes and celebrates your escapes.…
Travel biz tells customers to change passwords beyond its own services Eurail has confirmed customer information was stolen in a data breach, according to notification emails sent out this week.…
Customers report being locked out after grabbing the password manager via F-Droid Some HSBC mobile banking customers in the UK report being locked out of the bank's app after installing the Bitwarden password manager via an open source app catalog.…
Crooks used platform to scoop up and store banking credentials for big-money thefts The US says it has shut down a platform used by cybercriminals to break into Americans' bank accounts.…
Watchdog links schedule change to replanning of UK payments system overhaul The European Central Bank's (ECB) decision to delay its move to a new messaging standard in 2022 ended up costing the Bank of England £23 million as it was forced to adjust migration to a new settlement system to avoid compounding risks.…
Flare warns devs are unwittingly publishing production-level secrets Docker Hub has quietly become a treasure trove of live cloud keys and credentials, with more than 10,000 public container images exposing sensitive secrets from over 100 companies, including a Fortune 500 firm and a major bank.…
Wanna know a secret? Whether you're logging into your bank, health insurance, or even your email, most services today do not live by passwords alone. Now commonplace, multifactor authentication (MFA) requires users to enter a second or third proof of identity. However, not all forms of MFA are created equal, and the one-time passwords orgs send to your phone have holes so big you could drive a truck through them.…