Security news aggregator

Latest coverage for Finance

Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.

Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.

Showing 13 most recent headlines Filtered view
Bank Info Security 2 years, 2 months ago

US SEC Approves Wall Street Data Breach Reporting Regs

Covered Financial Institutions Have 30 Days to Notify Customers of Data BreachesThe Securities and Exchange Commission unanimously approved updated regulations for covered financial institutions requiring entities such as fund companies and investment advisers to notify customers within 30 days of a cyber incident that compromised their data.

Bank Info Security 2 years, 2 months ago

Cryptohack Roundup: Thieves Steal $45M; Hacker Returns $71M

Also: Crypto King Indicted in CanadaThis week, $25M in ethereum was stolen, Sonne Finance was hacked, a thief returned stolen crypto, Canada indicted its crypto king, the U.S. blocked a purchase by a Chinese crypto mining firm, Canada took regulatory action against Binance, and two senators were concerned about cryptomixer policy.

Bank Info Security 2 years, 2 months ago

Breach Roundup: Kimsuky Serves Linux Trojan

Also: Turla Targets European Missions and Google Patches Chrome Zero-DaysThis week, hackers used a Linus backdoor and a Microsoft client management tool; Santander Bank, the Helsinki Education Division, an Australian energy provider and auction house Christie's were breached; hackers targeted European missions in the Middle East; and Google patched a zero-day flaw.

Developing an effective strategy is a continuous process which requires recurring evaluation and refinement Partner Content A cyber defense strategy outlines policies, procedures, and technologies to prevent, detect, and respond to cyber attacks. This helps avoid financial loss, reputational damage, and legal repercussions.…

Bank Info Security 2 years, 2 months ago

Cinterion IoT Cellular Modules Vulnerable to SMS Compromise

Modules Widely Deployed in Manufacturing, Telecommunications and Healthcare DevicesMultiple types of Telit Cinterion cellular modules for IoT and machine-to-machine devices, which are widely used across industrial, financial services, telecommunications and healthcare environments, are vulnerable to being remotely compromised via malicious SMS messages, security researchers warn.