'Asylum Ambuscade' Cyberattackers Blend Financial Heists & Cyber Espionage
In a rare mix of motivations, the cyberattack group has been linked to both financial cybercrime and political spying efforts on governments.
Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.
Search across headline titles and summaries.
Background for this topic.
Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.
Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.
In a rare mix of motivations, the cyberattack group has been linked to both financial cybercrime and political spying efforts on governments.
Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed
The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020
Crown Glazing and Maxen Power Supply fall foul of PECR Britain's data watchdog has slapped a financial penalty on two energy companies it claims were posing as third parties, including the National Grid and UK government, when making unsolicited marketing calls.…
Collaboration delivers end-to-end intelligent banking cloud platform with online fraud detection powered by next-generation behavioral biometrics.
The firm said the attack occurred last Thursday and prompted it to activate its security protocols
An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal