banking – SSL and internet security news

New York Increases Cybersecurity Rules for Financial Companies

November 3, 2023 infossl

banking, computer security, cybersecurity, ransomware, regulation, Security technology, Uncategorized

Another example of a large and influential state doing things the federal government won’t: Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say. Directors must sign off on cybersecurity programs, and ensure that any security … Read More “New York Increases Cybersecurity Rules for Financial Companies” »

Fooling a Voice Authentication System with an AI-Generated Voice

March 1, 2023 infossl

artificial intelligence, authentication, banking, biometrics, deep fake, fraud, identification, Security technology, spoofing, Uncategorized, voice recognition

A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank. Powered by WPeMatico

Credit Card Fraud That Bypasses 2FA

September 22, 2022 infossl

banking, credit cards, fraud, Security technology, smartphones, two-factor authentication, Uncategorized

Someone in the UK is stealing smartphones and credit cards from people who have stored them in gym lockers, and is using the two items in combination to commit fraud: Phones, of course, can be made inaccessible with the use of passwords and face or fingerprint unlocking. And bank cards can be stopped. But the … Read More “Credit Card Fraud That Bypasses 2FA” »

Fraud on Zelle

March 9, 2022 infossl

banking, fraud, scams, Security technology, Uncategorized

Zelle is rife with fraud: Zelle’s immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money via Zelle, they can siphon away thousands of dollars in seconds. … Read More “Fraud on Zelle” »

Bizarro Banking Trojan

May 20, 2021 infossl

backdoors, banking, credentials, cryptography, malware, reports, Security technology, Uncategorized

Bizarro is a new banking trojan that is stealing financial information and crypto wallets. …the program can be delivered in a couple of ways — either via malicious links contained within spam emails, or through a trojanized app. Using these sneaky methods, trojan operators will implant the malware onto a target device, where it will … Read More “Bizarro Banking Trojan” »

Details of a Computer Banking Scam

March 22, 2021 infossl

banking, phones, psychology of security, scams, Security technology, social engineering, Uncategorized, video

This is a longish video that describes a profitable computer banking scam that’s run out of call centers in places like India. There’s a lot of fluff about glitterbombs and the like, but the details are interesting. The scammers convince the victims to give them remote access to their computers, and then that they’ve mistyped … Read More “Details of a Computer Banking Scam” »

Bank Card “Master Key” Stolen

June 17, 2020 infossl

banking, breaches, dataprotection, keys, pins, Security technology, theft

South Africa’s Postbank experienced a catastrophic security failure. The bank’s master PIN key was stolen, forcing it to cancel and replace 12 million bank cards. The breach resulted from the printing of the bank’s encrypted master key in plain, unencrypted digital language at the Postbank’s old data centre in the Pretoria city centre. According to … Read More “Bank Card “Master Key” Stolen” »

Banks Attacked through Malicious Hardware Connected to the Local Network

December 7, 2018 infossl

banking, cybercrime, hacking, hardware, malware, Security technology, theft, usb

Kaspersky is reporting on a series of bank hacks — called DarkVishnya — perpetrated through malicious hardware being surreptitiously installed into the target network: In 2017-2018, Kaspersky Lab specialists were invited to research a series of cybertheft incidents. Each attack had a common springboard: an unknown device directly connected to the company’s local network. In … Read More “Banks Attacked through Malicious Hardware Connected to the Local Network” »

On Financial Fraud

July 25, 2018 infossl

auditing, banking, cons, crime, economicsofsecurity, fraud, Security technology

There are some good lessons in this article on financial fraud: That’s how we got it so wrong. We were looking for incidental breaches of technical regulations, not systematic crime. And the thing is, that’s normal. The nature of fraud is that it works outside your field of vision, subverting the normal checks and balances … Read More “On Financial Fraud” »

Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill

June 20, 2018 infossl

apple, authentication, banking, ios, Security technology, sms, twofactorauthentication, usability

Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes and suggests them in AutoFill, so that people can use them without having to memorize or type them. Sounds like a really good idea, but Andreas Gutmann points … Read More “Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill” »