Security news aggregator

Latest coverage for Finance

Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.

Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.

Showing 8 most recent headlines Filtered view

InfoSys McCamish Systems Earlier Alerted 57,000 Bank of America Clients of BreachInfosys McCamish Systems, an insurance software product and services vendor, is notifying nearly 6.1 million people of a 2023 ransomware incident that potentially comprised their sensitive data, including Social Security numbers, medical treatment, and financial and biometric information.

Scammers Use Social Engineering and Phishing to Fool Workers and IT Help Desk StaffFederal authorities warn of social engineering and phishing scams - sometimes targeting IT help desk workers - that allow attackers to steal login credentials and access healthcare sector entities' IT systems so they can divert automated clearinghouse payments to bank accounts the attackers control.

Bank Info Security 2 years ago

Atos Takeover Bid Hits New Roadblock

Shareholder Onepoint Withdraws From Confirmed Restructuring PlanA takeover bid of debt-ridden French IT consultancy Atos hit a roadblock after a key company shareholder withdrew from a financial restructuring plan designed to help the firm recover from its 3.9-billion-euro liability, saying, "Conditions were not ripe to reach an agreement."

Actual Victim: Evolve Bank, Now Dealing With Open Banking Enforcement Action by FedMore reasons to beware breathless reporting about a ransomware group's latest supposed victim: LockBit's claim to have breached the U.S. Federal Reserve Bank. Instead, the actual victim is Evolve Bancorp, which is currently dealing with an enforcement action by - wait for it - the Fed.

John Riggi of the American Hospital Association on HHS' Upcoming Cyber RegulationsWhite House efforts to ratchet up health sector cybersecurity are critically important, but possible financial penalties levied for non-compliance with upcoming cyber requirements that are directed only at hospitals could do more harm than good, said John Riggi of the American Hospital Association.

More Victims of Campaign Against Data Warehousing Platform Snowflake Come to LightAdd luxury department store chain Neiman Marcus and the Los Angeles Unified School District to the list of known victims of a cybercrime that accessed accounts at cloud-based data warehousing platform Snowflake. Other victims include Santander Bank and Live Nation Entertainment's Ticketmaster.

Final HHS Rule Cuts Financial Payments to Healthcare Firms That Violate Cures ActFederal regulators have issued a final rule that sets financial disincentives for healthcare providers that commit information blocking - or practices that they know are unreasonable and likely to interfere with patient access to electronic health information.