Security news aggregator

Latest coverage for Finance

Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.

Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.

Showing 10 most recent headlines Filtered view
Bank Info Security 3 months, 2 weeks ago

One-Time Passcodes Are Gateway for Financial Fraud Attacks

Report Reveals Growing Trend of Fraudsters Intercepting SMS-Based VerificationFinancial institutions have historically relied on one-time passcodes as a primary authentication control for their accountholders. But OTP verification is less reliable as fraudsters increasingly exploit SMS-based verification weaknesses to carry out account takeover and payment fraud schemes.

The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That's the new attack surface, and most organizations are underprepared for it

Bank Info Security 3 months, 2 weeks ago

Cryptohack Roundup: Charges in Uranium Finance Case

Also: Chinese Firms Indicted in Crypto-Linked Fentanyl Supply CaseThis week, charges filed in Uranium Finance hack, indictment of Chinese firms in fentanyl supply case, a class action lawsuit against Nvidia, Drift Protocol exploit, KuCoin operational barriers in the United States and a U.K. sanction filed against Xinbi.

Bank Info Security 3 months, 2 weeks ago

State AG Sues Change Healthcare in 2024 Ransomware Attack

Iowa Seeking Civil Monetary Fines, Damages for Alleged ViolationsIowa's state attorney general is seeking financial damages, civil penalties and improvements to UnitedHealth Group's data security practices for alleged violations of state and federal laws and other claims involving the 2024 ransomware attack on its Change Healthcare unit.

Bank Info Security 3 months, 2 weeks ago

Reengineering AML in the Era of Instant Payments

Financial Institutions Are Rethinking Controls to Ensure Frictionless TransactionsWhen the Federal Reserve lifted FedNow's transaction limit from $1 million to $10 million last November, the regulatory change transformed instant payments from a retail convenience to a corporate treasury rail. AML decisions on high-value instant wire transfers must now be made in real time.