March 5, 2024 at 02:31PM Nearly 30,000 Fidelity Investments Life Insurance customers’ personal and financial information was likely stolen by hackers who infiltrated Infosys’ IT systems. The breach may have compromised names, Social Security numbers, bank account details, and more, leaving individuals vulnerable to financial fraud and identity theft. The incident also affected Bank of … Read more
March 1, 2024 at 08:48AM A novel phishing kit targets mobile devices by impersonating login pages of cryptocurrency services. The kit tricks victims into sharing credentials, password reset URLs, and even photo IDs via email, SMS, and voice phishing. The attacks have successfully targeted over 100 victims, employing CAPTCHA tests and customization to appear credible. … Read more
February 29, 2024 at 10:45AM European discount retailer Pepco Group reported a significant loss of €15.5 million to cybercriminals in a fraudulent phishing attack. An investigation is underway, but the company is unsure if the funds can be recovered. Pepco assured that no customer, supplier, or colleague information was compromised and is committed to enhancing … Read more
February 14, 2024 at 07:09AM Microsoft’s latest Patch Tuesday resolves over 70 vulnerabilities, including two zero-day exploits used for financial market trader attacks by the Water Hydra threat group. Trend Micro described the attacks, outlining the exploitation of CVE-2024-21412 to deliver DarkMe malware. It affects Windows Server 2019, Windows Server 2022, Windows 10, and Windows … Read more
February 14, 2024 at 02:39AM A zero-day exploit in Microsoft Defender SmartScreen, leveraged by the threat actor Water Hydra (aka DarkCasino), targets financial market traders. Exploiting CVE-2024-21412, the attacker convinces victims to click on a booby-trapped URL, bypassing security checks. The end goal is to deliver the DarkMe trojan, capable of executing additional instructions and … Read more
February 6, 2024 at 10:58AM Global securities finance tech company EquiLend recently recovered from a ransomware attack, disrupting its systems for nearly two weeks. Known for its Next Generation Trading platform, EquiLend transacts $113.5 billion daily between 120+ companies across 40 markets. EquiLend restored client services but hasn’t commented on ransom payment. Data safety is … Read more
January 30, 2024 at 10:50AM Brazil’s Federal Police, along with cybersecurity collaborators, have disrupted the Grandoreiro banking malware operation targeting Spanish-speaking countries with financial fraud since 2017. Five arrests were made in Brazil, and substantial losses and the malware’s capabilities were outlined. The operation is on hold, but future resurgence is uncertain. From the meeting … Read more
January 25, 2024 at 01:14PM Abu Dhabi-based investment firm National Investor alerts about fraudulent use of its name, logo, and employee names in online scams promoting fake investment opportunities and tenders. Scams involve soliciting personal, business, financial information. The firm’s warning comes after similar phishing messages impersonating official entities and manipulated search engine results related … Read more
January 23, 2024 at 12:12PM Approximately 16.6 million people had their personal information stolen in a ransomware attack on mortgage lender loanDepot. The attack forced the company to shut down systems and caused delays in payment history. The company has confirmed it will notify individuals impacted and provide free credit monitoring. This is loanDepot’s second … Read more
January 22, 2024 at 11:02AM Mortgage lender loanDepot confirmed a ransomware attack resulting in the theft of personal information from approximately 16.6 million people. The incident led to system shutdowns, impacting payments and online portals. The company is offering free credit monitoring and identity protection services to affected individuals. The attack highlights the risks of … Read more