Security news aggregator

Latest coverage for Finance

Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.

Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.

Showing 11 most recent headlines Filtered view

Could steal sensitive personal and financial data After a whopper of a Patch Tuesday last month, with six Microsoft flaws exploited as zero-days, March didn't exactly roar in like a lion. Just two of the 83 Microsoft CVEs released on Tuesday are listed as publicly known, and none is under active exploitation, which we're sure is a welcome change to sysadmins.…

Crooks used simple phone scam to compromise vendor account, spilling personal and financial data belonging to more than 15,000 people A voice-phishing scam targeting one of Ericsson's service providers has exposed the personal data of more than 15,000 individuals after attackers sweet-talked an employee into handing over access.…

Bank Info Security 4 months, 1 week ago

Bank Phishing Refunds Should Be Easier, Says CJEU Advisor

Top European Court Advisor Says Policy Should Be 'Refund Now, Sue Later'Banks must promptly refund phishing victims when the scams lead to unauthorized transactions, an advisor to the European Union’s top court has said. The case in question involves an unnamed Polish woman who got duped on an online auction platform.

Bank Info Security 4 months, 1 week ago

Documentation Fraud: a Verification Architecture Failure

Similar Fraud Rates Across Documents Reveal Weaknesses in Verification WorkflowsOne in 16 documents processed across financial institutions last year showed signs of manipulation, fabrication or misrepresentation. Most fraud teams want better document detection and tighter review queues. But financial institutions may be looking in the wrong place.