Security news aggregator

Latest coverage for Finance

Stay secure in the finance sector. Explore the latest in financial cyber security news, trends, and best practices to protect valuable assets and data.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Finance covers the institutions, markets, and services that move, store, lend, invest, and insure money. Its distinctive assets include customer identities, account balances, payment instructions, trading positions, claims, and confidential business data. Operations depend on core banking and ledger systems, payment networks, market-data feeds, identity services, and external processors or cloud providers. Integrity and availability are especially important: an unauthorized change to beneficiary or settlement data can cause direct loss, while an outage can interrupt payments or trading and complicate time-sensitive reconciliation.

Security work therefore focuses on online banking and trading interfaces, APIs, privileged access, credentials, and third-party connections. Useful controls include phishing-resistant multi-factor authentication, least privilege, transaction signing or approval separation, encryption, tamper-evident logging, and anomaly monitoring. Privacy protections apply to personal and financial information; PCI DSS is relevant where payment-card data is handled, alongside jurisdiction-specific financial rules. Vulnerability management should prioritize internet-facing and legacy systems, while incident response needs capabilities to contain fraudulent transactions, preserve evidence, reconcile ledgers, and restore trusted service through tested backups or failover.

Showing 8 most recent headlines Filtered view
Bank Info Security 2 years, 4 months ago

Cryptohack Roundup: $26 Million FixedFloat Hack

Also: FCA Rounds Up Noncompliant Firms; GoFundMe Shuts Down Tornado Cash FundraiserThis week, FixedFloat lost $26 million in a hack, the U.K. Financial Conduct Authority found illegal promotions of cryptocurrency, GoFundMe shuttered a Tornado Cash fundraiser, and an Australian cop allegedly stole $4 million worth of bitcoins.

No time like the present, says central bank The Monetary Authority of Singapore (MAS) advised on Monday that financial institutions need to stay agile enough to adopt post-quantum cryptography (PQC) and quantum key distribution (QKD) technology, without significantly impacting systems as part of cyber security measures.…

Bank Info Security 2 years, 4 months ago

Moving First-Party Fraud Out of the Bank's Blind Spot

Fraud Expert Ian Mitchell on Creating a Holistic Program to Tackle Authorized FraudUnlike identity theft, first-party fraud is harder to spot when a consumer opens an account. To guard against this growing blind spot, banks need to invest in transaction-monitoring tools and take a more holistic approach to fraud, said Ian Mitchell, co-founder of Mission Omega.

In the tumultuous landscape of cybersecurity, the year 2023 left an indelible mark with the brazen exploits of the Scattered Spider threat group. Their attacks targeted the nerve centers of major financial and insurance institutions, culminating in what stands as one of the most impactful ransomware assaults in recent memory.  When organizations have no response plan in place for such an