Banking and Finance

Banking and Finance Page 1

Android Banking Malware Fake Bank Customer Support Online Banking Mobile Devices

Android banking malware distributed via fake bank customer support

Threat actors were seen by researchers posing as a bank customer support service that call or text targets and instructing them to install a particular app that contains an Android banking malware remote access trojan (RAT) dubbed “BRATA malware.” Researchers first spotted this campaign in Italy, where threat actors disseminate SMS spams to steal e-banking...
Continue Reading
Flubot Banking Malware Financial Trojan Android Mobile Finland Phishing Campaign

Flubot banking malware focused on targeting Android users in Finland

Finland’s National Cyber Security Centre (NCSC) recently released a threat advisory regarding a Flubot campaign that heavily targets Android users inside their country. NCSC Finland said that the Flubot banking malware is spread through SMS sent from compromised devices. The new spam campaign utilises a voicemail theme that asks the targets to access a link...
Continue Reading
Punjab National Bank Server Flaw Exposed Customer Data

Punjab National Bank suffers from server flaw that exposed customer data

A vulnerability in the server of Punjab National Bank (PNB) reportedly exposed the financial and personal data of approximately 180 million clients in seven months. Researchers claimed that the flaw inside PNB’s server could provide full access to the said bank’s overall digital banking system, which may also give malicious threats to administrative control. Punjab...
Continue Reading
Payment Solutions Zelle Brand Abuse Exploited Online Fraud Mobile Banking OTP Stealing Vishing

Payment solutions ‘Zelle’ is exploited in fraud within banking apps

Experts have recently studied one of the most commonly exploited ways on how threat actors withdraw money from stolen bank accounts of their victims and empty their funds. The study involves the peer-to-peer payment solutions app called “Zelle,” which several banks and financial institutions use to send cash to others fast, and how it is...
Continue Reading
BrazKing Android Malware Cyber Threat Banking Apps Banking Trojan

BrazKing malware is enhanced to bring threats among banking app users

Experts are continuously analysing financial fraud attacks within the online landscape. From a recent study about malware, they have found BrazKing, an Android banking trojan, to have enhanced its capabilities to target mobile banking app users from Brazil and run by local cybercriminals. BrazKing’s developers may have worked on upgrading the malware to be more...
Continue Reading
Spam Websites Registries Exploited Pay Per Click Fraud Website Spoofing Takedown Request Alibaba

Spam sites hosted via web registries gets exploited in a pay-per-click fraud

Our security experts from iZOOlogic have recently noticed multiple spam sites registered through Alibaba Registrar/Webhost, Cloudflare Webhost, and .CN or .TOP registries created by threat actors to conduct fraud by targeting our clients and using their brand names and logos. Threat actors leverage the spam sites by offering prizes such as huge cash or gift...
Continue Reading
Ecommerce Websites Vulnerable Magecart Attacks Card Skimming Vendor Risk

Numerous e-commerce websites vulnerable to Magecart attacks

Recently, a barrage of attacks from the Magecart threat actors revealed multiple critical vulnerabilities in e-commerce sites and applications wherein the website’s defenses are discovered to be incompetent against Magecart attacks. Experts conducted research and found that about 30,000 vulnerabilities were found within existing websites being prone to Magecart attacks. Also, another 10,000 active sites...
Continue Reading
All World Cards Underground Market Data Dump Compromised Cards Dark Web

All World Cards underground market data uploaded to other dark web forums

Researchers from iZOOlogic recently discovered that the clearnet website of All World Cards (https://allworld(dot)cards/), an underground market for compromised bank cards, had been offline and was inaccessible for its clients until further notice.   Despite the website’s outage, All World Cards has its Tor website to remain accessible for clients to reach out to and...
Continue Reading
Dockers TeamTNT Hacking Website Vulnerability Assessment Container Cyber Security

Docker’s systems attacked by TeamTNT using new techniques

Recently, a cybersecurity firm reported that a malicious threat group called TeamTNT prioritises targeting poorly configured Docker systems existing on the internet. The researchers also observed that a current campaign by TeamTNT is still ongoing against the Docker REST APIs. Docker is an open-source containerisation platform that enables developers to package applications into containers. It...
Continue Reading
Ransomware Attack HR solutions Kronos UKG Data Breach

Ransomware attack hits giant HR solutions firm Kronos (UKG)

A workforce management solutions and human resource management services giant, Ultimate Kronos Group (UKG), reported a massive ransomware attack that transpired last December 11. The attack impacted the HR solutions firm’s Kronos Private Cloud applications, including Banking Scheduling Solutions, Healthcare Extensions, Workforce Central, and UKG TeleStaff. As the HR solutions firm works hard to resolve the...
Continue Reading
1 2 3 10