ALPHV ransomware claims loanDepot, Prudential Financial breaches
The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. [...]
Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.
Search across headline titles and summaries.
Background for this topic.
Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.
Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.
The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. [...]
Hackers Used LLMs to Perform Tasks That Non-AI Tools Can PerformNation-state hackers including Russian military intelligence and hackers backed by China have used OpenAI large language models for research and to craft phishing emails, the artificial intelligence company disclosed Tuesday in conjunction with major financial backer Microsoft.
Also: Polish Prime Minister Says Previous Administration Deployed Pegasus SpywareThis week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomware hit Romanian healthcare entities, Juniper was breached and Poland allegedly previously used Pegasus.
GoldPickaxe Malware Can Record User’s Face - Use Video to Commit Deepfake ScamsA Chinese-speaking cybercrime group with the codename GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can harvest and steal personal details, including biometric face profiles, that attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.
The breach exposed administrative and user data from specific IT systems, but there is no evidence of customer or client data compromise
Deepfake-enabled attacks against Android and iOS users are netting criminals serious cash Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first.…
Both iOS and Android Variants Can Record Face Videos, Used to Create AI DeepfakesA Chinese-speaking cybercrime group codenamed GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can to harvest and steal personal details, including biometric face profiles, which attackers use to create AI-driven deepfakes to fool bank defenses, researchers warn.
The finance services giant says it was hacked — and reported the incident proactively before SEC requirements mandated it. It could be an anti-extortion move, or merely a brand protection effort.
Some company admin and customers data exposed, but bad guys were there for 'only' a day Prudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal group.…
CVE-2024-21412 was used to evade Microsoft Defender SmartScreen and implant victims with DarkMe
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more
A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders
Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. [...]
Kansas Bank Forced to Close After CEO Allegedly Embezzled Nearly $50 MillionA watchdog report reveals how Heartland Tri-State Bank CEO Shan Hanes allegedly defrauded a local church and investment club in Kansas out of $47.1 million through a "pig-butchering" cryptocurrency scam that ultimately caused the bank to fail in 2023.
InfoSys McCamish Says Incident Involved BoA's Deferred Compensation Plan CustomersBank of America is notifying more than 57,000 customers that their information, including Social Security numbers, was potentially compromised in a hacking incident last November at Atlanta, Georgia-based insurance software firm InfoSys McCamish. BoA says none of its systems were affected.
A notification letter sent to the Attorney General of Maine showed 57,028 individuals were impacted
Looks like LockBit took a swipe at an outsourced life insurance application Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America.…
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.
Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. [...]
Attackers Downloaded Files Containing Financial, Security and User InformationA still-active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, said researchers from Proofpoint. They said the hackers have compromised hundreds of user accounts spread across dozens of Microsoft Azure environments.