News

IT for financial services

October 10, 2024 10 Oct'24
How Recorded Future finds ransomware victims before they get hit

Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them
October 09, 2024 09 Oct'24
MoneyGram customer data breached in attack

MoneyGram confirms that customer data has been stolen in an incident that appears to have started with a social engineering attack on its IT helpdesk staff
October 09, 2024 09 Oct'24
Five zero-days to be fixed on October Patch Tuesday

Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform
October 08, 2024 08 Oct'24
Secureworks: Ransomware takedowns didn’t put off cyber criminals

The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks

October 04, 2024 04 Oct'24
NCSC celebrates eight years as Horne blows in

Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne
October 04, 2024 04 Oct'24
Cups Linux printing bugs open door to DDoS attacks, says Akamai

The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai
October 03, 2024 03 Oct'24
SOC teams falling out of love with threat detection tools

Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report
October 02, 2024 02 Oct'24
‘Shocked’ MoneyGram hits back at Post Office

Money transfer fintech wrote to subpostmasters expressing its disappointment with the Post Office over end of contract
October 01, 2024 01 Oct'24
Cyber teams say they can’t keep up with attack volumes

Over 60% of European security pros say their teams are understaffed, and over 50% don’t have enough budget, according to data from ISACA
September 24, 2024 24 Sep'24
Money transfer firm MoneyGram rushes to contain cyber attack

Money transfer specialist MoneyGram services remain down several days after a network outage developed into a full-blown cyber security incident

September 24, 2024 24 Sep'24
Unique malware sample volumes seen surging

BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks
September 23, 2024 23 Sep'24
Metro Bank outsources IT to Infosys to cut costs and digitally transform

Indian IT services giant taken on to support Metro Bank’s digital transformation in multi-year deal
September 19, 2024 19 Sep'24
HSBC tests post-quantum VPN tunnel for digital ledgers

Encryption required for post-quantum cryptography will have a material impact on the performance of distributed ledgers
September 18, 2024 18 Sep'24
Dreamforce 24: Salesforce taps Nvidia to power Agentforce

At Dreamforce in San Francisco, Salesforce and Nvidia detail some of the tech that will power the software giant's newly launched Agentforce service
September 18, 2024 18 Sep'24
Dreamforce 2024: Salesforce calls on customers to flesh out AI vision

A stream of customers helped Salesforce make the case for its Agentforce artificial intelligence offering on the opening day of the annual Dreamforce conference in San Francisco
September 17, 2024 17 Sep'24
Barclays takes on more GreenLake

Barclays has ramped up its HPE-powered private cloud, as it continues to modernise IT and reduce its carbon footprint
September 12, 2024 12 Sep'24
Mphasis expands UK roots with leap into quantum computing

Indian heritage software development services supplier opens London hub to help customers integrate the latest technologies into their business plans
September 05, 2024 05 Sep'24
NCSC and allies call out Russia's Unit 29155 over cyber warfare

The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155
September 05, 2024 05 Sep'24
Fog ransomware crew evolving into wide-ranging threat

The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims
September 04, 2024 04 Sep'24
Lloyds Bank uses artificial intelligence to check trade finance documents

Bank is automating checks of digital and paper-based documentation in trade financing with the help of artificial intelligence
September 04, 2024 04 Sep'24
Fraud and scam complaints hit highest ever level in UK

The Financial Ombudsman Service says it recorded almost 9,000 complaints about fraud and scams from April to June, the most ever recorded
September 03, 2024 03 Sep'24
TSB systems could be on the move again as BBVA eyes its parent

TSB was migrated to the systems of Sabadell in a project remembered for its monumental IT meltdown in 2018
September 03, 2024 03 Sep'24
Nationwide development platform uses Red Hat technology

Building society is speeding up its software releases through Red Hat cloud application development platform
September 02, 2024 02 Sep'24
UK and Ukraine digital trade deal comes into force

The UK eases access to the deep tech startup community in Ukraine through digital-only agreement
August 29, 2024 29 Aug'24
Iranian APT caught acting as access broker for ransomware crews

Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits
August 28, 2024 28 Aug'24
Global cyber spend to rise 15% in 2025, pushed along by AI

Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner
August 22, 2024 22 Aug'24
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos

Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line.
August 21, 2024 21 Aug'24
Women in data: Claire Thompson, chief data officer, L&G

The insurer’s data chief discusses using data for better insights, building data capabilities through apprenticeships, and the value of diversity in data leadership
August 21, 2024 21 Aug'24
Wells Fargo bank turns to AI to help families settle estates after a death

Wells Fargo bank is winning customers after using business automation software and artificial intelligence to help people manage the estates of relatives following a bereavement
August 20, 2024 20 Aug'24
ICO launches privacy notice tool for SMEs

ICO tool designed to make it easier for small businesses and sole traders operating online to create bespoke data privacy notices for compliance purposes
August 20, 2024 20 Aug'24
Phishing links becoming bigger threat than email attachments

Phishing techniques are evolving away from malicious email attachments, according to a report
August 14, 2024 14 Aug'24
August Patch Tuesday proves busy with six zero-days to fix

Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update
August 13, 2024 13 Aug'24
NIST debuts three quantum-safe encryption algorithms

NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can
August 08, 2024 08 Aug'24
Royal ransomware crew puts on a BlackSuit in rebrand

The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA
August 06, 2024 06 Aug'24
2024 seeing more CVEs than ever before, but few are weaponised

The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies
August 05, 2024 05 Aug'24
Chinese cyber attack sparks alert over six-year-old MS vuln

After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824
August 05, 2024 05 Aug'24
World’s largest companies at near-universal risk of supply chain breach

Data from SecurityScorecard once again focuses on the interconnected nature of business supply chains and the risk posed to operational resilience by unexpected IT problems and cyber threats
August 01, 2024 01 Aug'24
CrowdStrike shareholders sue, alleging false security claims

A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage
August 01, 2024 01 Aug'24
Banks, telcos call for more data sharing to fight fraud

A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud
July 29, 2024 29 Jul'24
Scam CrowdStrike domains growing in volume

Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out
July 29, 2024 29 Jul'24
CrowdStrike says most Falcon sensors now up and running

The vast majority of CrowdStrike Falcon sensors affected by a coding error have now been recovered, with a final resolution expected this week
July 29, 2024 29 Jul'24
WTO digital trade agreement aims to modernise global commerce

A digital trade deal negotiated over five years at the World Trade Organization has been signed by 91 countries, laying the groundwork for a new global digital trade regime
July 25, 2024 25 Jul'24
Fortune 500 stands to lose $5bn plus from CrowdStrike incident

The largest global organisations hit by the CrowdStrike-Microsoft incident on 19 July will likely be out of pocket to the tune of billions of dollars
July 24, 2024 24 Jul'24
CrowdStrike blames outage on content configuration update

CrowdStrike publishes the preliminary findings of what will be a lengthy investigation into the root causes of the failed 19 July update that caused Windows computers to crash all over the world
July 24, 2024 24 Jul'24
Mimecast to buy insider threat specialist Code42

Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms
July 23, 2024 23 Jul'24
Chrome cookies reprieved amid Google Privacy Sandbox changes

Google abruptly changes tack on third-party cookies in its Chrome web browser, cancelling plans to deprecate them in favour of an unspecified ‘new experience’ for users
July 22, 2024 22 Jul'24
NCSC: Beware of criminal CrowdStrike opportunists

Financially motivated cyber criminals are already conducting opportunistic attacks on organisations that leverage the CrowdStrike incident, and more targeted attacks are sure to follow
July 22, 2024 22 Jul'24
CrowdStrike chaos shows risks of concentrated ‘big IT’

The concentration of so much mission-critical technology in the hands of a few large suppliers makes incidents like the Microsoft-CrowdStrike outage all the more dangerous
July 18, 2024 18 Jul'24
DBS rolls out GenAI assistant for customer service teams

The CSO Assistant was built entirely in-house and uses a large language model tailored to local languages
July 17, 2024 17 Jul'24
UK Cyber Bill teases mandatory ransomware reporting

In the Cyber Security and Resilience Bill introduced in the King's Speech, the UK's new government pledges to give regulators more teeth to ensure compliance with security best practice and to mandate incident reporting