Security news aggregator

Latest coverage for Finance

Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.

11 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.

Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.

Showing 11 most recent headlines Filtered view
Bank Info Security 7 months, 2 weeks ago

Breach Roundup: Recently Patched Oracle Flaw Under Attack

Also: npm Packages Infiltrated, FBI Issues Fraud Alert, Campbell's Soup Cans CISOThis week, a recently fixed Oracle flaw is being actively exploited, Shelly tackled Pro 4PM DoS bug, "Shai-Hulud 2.0" hit npm, the FBI warned of rising bank account takeover scams, regulators fined Comcast over a vendor breach, Iberia reported a supplier incident and Campbell's canned its CISO.

Bank Info Security 7 months, 2 weeks ago

Cryptohack Roundup: WLF Scrambles to Secure User Funds

Also: UK Fraud Investigators Make Arrests in $28M Basis Markets Rug-Pull ProbeThis week, World Liberty Financial scrambles to secure user funds, the U.K.'s Serious Fraud Office arrests two people over a $28M Basis Markets rug-pull probe, a Gana Payment hack drains $3.1M and Crypto Dispensers weighs a $100M sale following money-laundering charges against its CEO.

Bank Info Security 7 months, 3 weeks ago

Unifying Cloud Strategy to Unlock AI Potential

Talcott Financial Group's Dalavi on Oracle to Azure Migration and AI InnovationTalcott Financial Group's move from a dual-cloud setup to a unified Azure environment is reshaping performance, efficiency and AI readiness, says Sudhakar Dalavi, head of software engineering. He explains how data unification and continuous learning drive the next phase of innovation.

The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeover (ATO) fraud schemes

Bank Info Security 7 months, 3 weeks ago

UK Parliamentary Committee Recommends Software Liability

Security by Design or Be Fined, Committee SuggestsA U.K. parliamentary committee is recommending a new statute forcing software publishers to hew to secure-by-design principles or else face financial penalties. The committee called for "enforcement agencies" empowered to levy fines to monitor industry for compliance.

Bank Info Security 7 months, 3 weeks ago

Major US Banks Gauge Their Exposure to SitusAMC Breach

JP Morgan Chase, Citi and Morgan Stanley Among Banking Customers ImpactedMajor U.S. banks are assessing their exposure to a cybersecurity incident at real estate financial technology company SitusAMC, which disclosed Saturday that a breach may have affected client data. The New York firm uncovered the incident on Nov. 12.