Citibank Sued Over Failure to Defend Customers Against Hacks and Fraud

Citibank faces a lawsuit for allegedly failing to protect its customers from hacks and fraud. The suit claims the bank didn't implement adequate security measures, resulting in unauthorized access and financial losses for customers. This legal action highlights the increasing scrutiny on financial institutions to ensure robust cybersecurity defenses. 
Learn more

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

A severe misconfiguration in Kubernetes, a popular service used by major tech companies like Google, could allow malicious actors unauthorized access to cloud-based applications. A threat actor with access to a Google account could abuse the misconfiguration by using their own Google OAuth 2.0 token to seize control of the cluster for further exploitation. Google is actively addressing the issues and has encouraged its users to deploy recommended detection rules.
Learn more

Global Fintech Firm EquiLend Offline After Recent Cyberattack

EquiLend, a global financial technology firm based in New York, experienced significant operational disruptions due to a cyberattack that occurred on January 22, 2024. The attack led to unauthorized network access and forced the company to take parts of its systems offline. EquiLend is actively working to restore the affected services with the assistance of external cybersecurity experts. The incident comes shortly after EquiLend announced its acquisition by the U.S. private equity firm Welsh, Carson, Anderson & Stowe, a deal expected to close in Q2 2024.
Learn more

Massive Data Breach at LoanDepot Affects Over 16 Million Individuals

LoanDepot, a large mortgage lender, experienced a ransomware attack that compromised the personal information of approximately 16.6 million people. The breach was initially disclosed earlier in the month and was further detailed in a recent filing with the Securities and Exchange Commission.
Learn more

Federal Reserve Warns of Historical Gaps in Banks’ Management of Cyber Risk

Federal Reserve's Vice Chair for Supervision, Michael Barr, addressed historical shortcomings in banks' management of third-party cyber risk during a conference. He expressed concerns about the rising reliance on third-party service providers by banks, leading to increased cyber threats. Barr emphasized the need for banks to not only identify vulnerabilities but also prioritize resilience by developing and testing business continuity plans. He anticipates improvements in quantifying cyber risk through mandatory incident reporting, expecting this to aid threat detection and understanding the broader financial system's interconnectedness.
Learn more

Ingenious iPhone Passcode Theft Nets Over $300,000

Aaron Johnson, a 26-year-old criminal, executed a deceptively simple but effective scheme to steal over $300,000 from bank accounts by hacking into iPhones. Between 2021 and 2022, Johnson frequented Minnesota bars, where he would observe and memorize the passcodes of young people as they entered them into their iPhones. Once he had the passcodes, he stole the phones, locked the victims out of their Apple IDs, and enrolled his own face in the devices' Face ID, effectively gaining complete control.
Learn more

Widespread JavaScript Malware Targets Online Banking Credentials

A sophisticated JavaScript malware campaign, detected by IBM Security Trusteer in March 2023, has targeted over 40 financial institutions worldwide, compromising at least 50,000 user sessions across North America, South America, Europe, and Japan. This malware, using JavaScript web injections, primarily aims to steal online banking account credentials.
Learn more

Carbanak Malware: Evolving Threat Landscape with Ransomware Tactics

Carbanak, a notorious banking malware active since at least 2014, has resurfaced with new ransomware tactics. According to an analysis by NCC Group, Carbanak has evolved to incorporate diverse attack vectors, enhancing its effectiveness. It now uses compromised websites to distribute malware, often impersonating popular business-related software like HubSpot, Veeam, and Xero. Originally known for its data exfiltration and remote control capabilities, Carbanak has been a tool for the FIN7 cybercrime syndicate.
Learn more

SEC Enforces New Rule for Disclosure of Cybersecurity Incidents

The U.S. Securities and Exchange Commission (SEC) has implemented a new rule requiring publicly traded companies to report "material" cybersecurity incidents within four business days. This rule aims to provide investors with more consistent and transparent information about potential cybersecurity risks, addressing the previous inconsistencies in major incident disclosures.
Learn more

Terrapin Flaw: A Significant Vulnerability in SSH Protocol Security

Researchers at Ruhr University Bochum have uncovered a critical vulnerability in the Secure Shell (SSH) protocol known as Terrapin (CVE-2023-48795, CVSS score: 5.9). This vulnerability introduces a novel prefix truncation attack, enabling attackers to compromise the integrity of SSH's secure channel by manipulating sequence numbers during the handshake process, permitting the removal of initial messages without detection.
Learn more