#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

bank security | Breaking Cybersecurity News | The Hacker News

Category — bank security
Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers' Data

Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers' Data

Oct 27, 2022
Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack. In an update to its ongoing investigation into the incident, the firm  said  the attackers had access to "significant amounts of health claims data" as well as personal data belonging to its  ahm health insurance subsidiary  and international students. Medibank, which is one of the largest Australian private health insurance providers,  serves about 3.9 million customers  across the country. "We have evidence that the criminal has removed some of this data and it is now likely that the criminal has stolen further personal and health claims data," the company further added. "As a result, we expect that the number of affected customers could grow substantially." The company also said it's continuing its probe to determine what specific data has been stolen in th...
BHIM App — How to Send & Receive Money with UPI

BHIM App — How to Send & Receive Money with UPI

Jan 03, 2017
After the lack of supply of cash in India following its Prime Minister step to remove high-denomination banknotes from circulation in November 2016, the country is moving a step closer towards becoming a cashless economy with the launch of Unified Payment Interface ( UPI ). Unified Payment Interface ( UPI ) allows all bank account holders to pay money from their smartphones, both online and offline, without the need to enter credit card details, IFSC code, or net banking userID/passwords. All the users need to do is create a Virtual Payment Address (VPA) of their choice, which will act as their financial address, and link it to their bank account. Now in an effort to boost the adoption of Unified Payments Interface (UPI) as a tool for digital transactions, Indian Government has recently launched a new app called, the Bharat Interface for Money ( BHIM ) app . This new digital payments app, which is believed to be a game-changer for cashless payments in India, is currently av...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card

Android Banking Trojan Tricks Victims into Submitting Selfie Holding their ID Card

Oct 15, 2016
While some payment card companies like Mastercard have switched to selfies as an alternative to passwords when verifying IDs for online payments, hackers have already started taking advantage of this new security verification methods. Researchers have discovered a new Android banking Trojan that masquerades primarily as a video plugin, like Adobe Flash Player, pornographic app, or video codec, and asks victims to send a selfie holding their ID card, according to a blog post published by McAfee. The Trojan is the most recent version of Acecard that has been labeled as one of the most dangerous Android banking Trojans known today, according to Kaspersky Lab Anti-malware Research Team. Once successfully installed, the trojan asks users for a number of device's permissions to execute the malicious code and then waits for victims to open apps, specifically those where it would make sense to request payment card information. Acecard Steals your Payment Card and Real ID det...
cyber security

Breaking Barriers: Strategies to Unite AppSec and R&D for Success

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
Russia arrests 50 hackers who stole $25 million from Banks

Russia arrests 50 hackers who stole $25 million from Banks

Jun 03, 2016
Russian authorities have arrested a gang of 50 hackers suspected of stealing more than 1.7 Billion Rubles ( over US$25 Million ) from banks and other financial institutions in the country since 2011. The same criminal gang had tried to steal a further 2.273 Billion Roubles by issuing false payment instructions, but that were blocked. The group allegedly used a Trojan called " Lurk " to set up a network of bots on infected computers to carry out the attacks, according to Russia's FSB ( Federal Security Service ). Initially identified in 2012, Lurk is a "fileless" Trojan that runs in RAM and has mostly been used for collecting banking credentials, especially for banks in Eastern Europe and the Russian Federation. The criminal gang allegedly seeded some of Russia's most popular websites with Lurk. Once infected, the malware downloaded more software modules, allowing the hackers to gain remote access to victims' computers. The hackers then stole...
Second Bank hit by Malware attack similar to $81 Million Bangladesh Heist

Second Bank hit by Malware attack similar to $81 Million Bangladesh Heist

May 13, 2016
SWIFT, the global Society for Worldwide Interbank Financial Telecommunications, warned on Thursday of a second malware attack similar to the Bangladesh central bank hack one that led to $81 million cyber heist. In February,  $81 Million cyberheist at the Bangladesh central bank was carried out by hacking into SWIFT, the global financial messaging system that thousands of banks and companies around the world use to transfer billions of dollars every day. However, the hackers behind the cyber heist appear to be part of a comprehensive online attack on global banking and financial infrastructure. The second attack involving SWIFT targeted a commercial bank, which the company declined to identify. SWIFT also did not immediately clear how much money, if any, was stolen in the attack. However, SWIFT spokeswoman Natasha de Teran said that the second attack and the Bangladesh bank heist contained numerous similarities and were very likely part of a "wider and highly adaptive...
How Did Hackers Who Stole $81 Million from Bangladesh Bank Go Undetected?

How Did Hackers Who Stole $81 Million from Bangladesh Bank Go Undetected?

Apr 25, 2016
In Brief Investigators from British defense contractor BAE Systems discovered that hackers who stole $81 million from the Bangladesh Central Bank actually hacked into software from SWIFT financial platform, a key part of the global financial system. The hackers used a custom-made malware to hide evidence and go undetected by erasing records of illicit transfers with the help of compromised SWIFT system. The Bangladesh Bank hackers, who managed to steal $81 Million from the bank last month in one of the largest bank heists in history, actually made their tracks clear after hacking into SWIFT, the heart of the global financial system. SWIFT , stands for the Society for Worldwide Interbank Financial Telecommunications, is a global messaging network used for most international money and security transfers. More than 11,000 Global Banks on HIGH ALERT! Nearly 11,000 Banks and other financial institutions around the World use SWIFT system to send securely and receive payment ...
World's 9 Biggest Banks to adopt Bitcoin's Blockchain Technology

World's 9 Biggest Banks to adopt Bitcoin's Blockchain Technology

Sep 17, 2015
The Existing Infrastructure used by Financial institutions like Banks is Archaic, Slow, and Costly, with hardly any innovation in the past three decades. Nine of the World's renowned Banks, including JPMorgan , Royal Bank of Scotland , Goldman Sachs and Barclays , are collaborating with New York-based financial tech firm R3 to create a new framework based on Bitcoin's Blockchain. Yes, they are back in the game yet again, but this time officially! Blockchain — the public and decentralized ledger technology that underpins all Bitcoin transactions has been now recognized as " the future for financial services infrastructure ". The blockchain technology is a way of keeping records by listing the owner's name with all the previous and present transaction the client was involved. It is a public ledger where a list of all the transactions ever executed is maintained. The Banks are planning to develop and implement Blockchain-like Technology where distributed/shared ...
Self-Service Bank Passbook Printing Machines Leak Customers Financial Details

Self-Service Bank Passbook Printing Machines Leak Customers Financial Details

Aug 07, 2015
Gone are the days when you had to wait in a queue to get your Bank passbook updated. With the implementation of automated machines in Banks, it's now a game of seconds to update your passbook yourself. Bank Passbook is a copy of the customer's account in the books of the bank which includes client's current account balance and transaction details (deposits and withdrawals). But, Are these Automated Machines holding your Financial Information Hack-Proof? Last year, Major Indian Banks rolled out a barcode based passbook printers called ' Swayam ' which can be operated by customers themselves. 17-year-old Indian bug hunter, Indrajeet Bhuyan , found that the barcode technology used by more than 3000 Indian Banking Branches, including State Bank of India , UCO Bank and Canara Bank , is vulnerable to information disclosure. To use Swayam, the s elf-service passbook printing machine , the customers need just to feed their passbook into the machine, which will read the barcod...
Android iBanking Trojan Source Code Leaked Online

Android iBanking Trojan Source Code Leaked Online

Feb 22, 2014
Smartphone  is the need of everyone today and so the first target of most of the Cyber Criminals . Malware authors are getting to know their market and are changing their way of operations. Since last year we have seen a rise in the number of hackers moving from the Blackhat into the Greyhat. The Head of knowledge delivery and business development for  RSA's FraudAction Group ,  Daniel Cohen  warned users about the new threat via a company  blog  on Thursday, that explains everything about the malware app, called  iBanking . iBanking , a new mobile banking  Trojan app which impersonates itself as an Android ' Security App ', in order to deceive its victims, may intimidate a large number of users as now that its source code has been leaked online through an underground forum. It will give an opportunity to a larger number of cybercriminals to launch attacks using this kind of ready-made mobile malware in the future. Since...
Expert Insights / Articles Videos
Cybersecurity Resources