US Offers $5M for Info on North Korean IT Worker Fraud
The US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy
Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.
Search across headline titles and summaries.
Background for this topic.
Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.
Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.
The US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy
A sophisticated social engineering cybercrime campaign bent on financial gain was observed being run from Tencent servers in Singapore.
The Spanish police, working with colleagues in Peru, conducted a simultaneous crackdown on a large-scale voice phishing (vishing) scam ring in the two countries, arresting 83 individuals. [...]
SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year, it’s no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient SaaS utilization can significantly affect both the bottom line and employee productivity. In this article, we’ll break down this topic
Inmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA BreachA breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in fines and civil settlements.
A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges -- none of which are physically located there.
Krispy Kreme said the incident is likely to materially affect operations and short-term financial performance
The Korean Financial Security Institute (K-FSI) disrupted a fraudulent network that made $6.3m by stealing money from fake personal trading platforms
Report: Financial Orgs Shift to Multi-Cloud to Address Cyber Threats and RegulationFinancial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. Although the move enhances flexibility and disaster recovery, challenges remain, from implementation costs to a growing skills gap.
Report: Financial Orgs Shift to Multi-Cloud to Address Cyber Threats and RegulationFinancial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. The move enhances flexibility and disaster recovery, though challenges remain, from implementation costs to a growing skills gap.
Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data and funds
A Hack The Box Freedom of Information request has shown a significant drop in cyber-attacks reported to the Financial Conduct Authority (FCA) in 2024
Scammers set up call centers in luxury rentals to run bank help-desk fraud, as well as large-scale phishing campaigns, across at least 10 European countries, according to law enforcement.