07 October 2021

This alert was created automatically by our award-winning intelligence product Silobreaker Online. Story selection is determined by an algorithm and based on a set of queries initially set by a Silobreaker user. Contact us here for more information.

FinServ Cyber
Phishing campaigns against Chase Bank customers are on the riseSecurity on TechRepublic – Oct 05 2021 14:24Throughout the summer of 2021, the number of phishing URLs designed to impersonate Chase jumped by 300%, says security firm Cyren.
Hackers could force locked iPhones to make contactless paymentsESET Ireland – Blog – Oct 04 2021 11:30Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds. Cybercriminals could make fraudulent purchases by circumventing an iPhone’s Apple Pay lock screen where the device’s…
Chase Bank Heavily Targeted Via XBALTI Phishing KitSecurityWeek RSS Feed – Oct 05 2021 18:13During the three months from mid-May to mid-August 2021, researchers detected a 300% increase in phishing URLs within their own telemetry targeting Chase Bank. Chase was the sixth most targeted brand, behind obvious companies as PayPal, Apple, and…
Chase Bank Heavily Targeted Via XBALTI Phishing Kit –SecurityWeek – Twitter – Oct 05 2021 18:13Chase Bank Heavily Targeted Via XBALTI Phishing Kit – hxxps://www[.]securityweek[.]com/chase-bank-heavily-targeted-xbalti-phishing-kit
Chase Bank Heavily Targeted Via XBALTI Phishing Kit – #cybercrimeSecurityWeek – Twitter – Oct 05 2021 23:54Chase Bank Heavily Targeted Via XBALTI Phishing Kit – hxxps://www[.]securityweek[.]com/chase-bank-heavily-targeted-xbalti-phishing-kit #cybercrime
AM Best to Host Webinar on What Insurers Need to Know About Next-Gen Cyber ThreatsBusiness Wire Professional Services News – Oct 06 2021 19:10OLDWICK, N.J.–(BUSINESS WIRE)–AM Best will host a complimentary webinar, titled, “What Insurers Need to Know About Next-Gen Cyber Threats,” sponsored by Munich Re, on Tuesday, Oct. 26, 2021, at 2:00 p.m. (EDT). Cyber risk continues to evolve as…
How are cyber security and insurance companies evolving with the threat of ransomware?IT Pro UK – Oct 05 2021 07:00There’s been a sharp increase in the number of ransomware attacks carried out across the world in recent years. Whether it’s the Kaseya attack that affected up to 1,500 organisations, the DarkSide Colonial Pipeline attack on major infrastructure in…
What can we learn from the recent cybersecurity incidents?The Asian Banker – Oct 07 2021 07:15Cyber-threats have become increasingly complex, inflicting high monetary and reputational damages to institutions that, despite various measures, are forced to plan “catch up” to the advanced technology of criminals. As regulators expand advisories,…
Barclays Hit in Phishing Scam via Monzo | http://PYMNTS.comSecnewsbytes – Twitter – Oct 05 2021 06:38Barclays Hit in Phishing Scam via Monzo | hxxp://PYMNTS[.]com hxxps://www[.]pymnts[.]com/news/security-and-risk/2021/barclays-hit-in-phishing-scam-using-monzo-account-pisp/
Behind the Crypto Broker Accused of Enabling Ransomware HackersBloomberg – Oct 04 2021 05:06Photographer: Bloomberg (Bloomberg) – A cryptocurrency broker that the Biden administration considers a key cog in the recent ransomware epidemic is legally registered in the Czech Republic but doesn’t appear to have an office there. It may be…
PixStealer: a new wave of Android banking Trojans abusing Accessibility ServicesReddit – BlueTeamSec – Oct 04 2021 06:39submitted by /u/digicat [link] [comments]
A #Zloader #campaign will typically involve other malware and hacking tools, which can be used to drop Zloader or be part of its post-infection routine. Our infographic provides more information on Zloader:TrendMicroRSRCH – Twitter – Oct 06 2021 17:50A #Zloader #campaign will typically involve other malware and hacking tools, which can be used to drop Zloader or be part of its post-infection routine.

Our infographic provides more information on Zloader:…

In security news this week: Learn about #Zloader (a notable recent ZBOT variant), details on the recently introduced bill that would mandate ransom payment reporting and more.TrendMicro – Twitter – Oct 04 2021 18:28In security news this week: Learn about #Zloader (a notable recent ZBOT variant), details on the recently introduced bill that would mandate ransom payment reporting and more. hxxps://bit[.]ly/2YgS59c
Our Zloader infographic provides an overview of the prolific malware, its targets, routines, and tools, as well as some of the campaigns it has been involved in over the past couple of years. View our infographic here:TrendMicro – Twitter – Oct 06 2021 20:00Our Zloader infographic provides an overview of the prolific malware, its targets, routines, and tools, as well as some of the campaigns it has been involved in over the past couple of years. View our infographic here:…
PixStealer: a new wave of Android banking Trojans abusing Accessibility Services – Check Point ResearchSecurityblog – Twitter – Oct 04 2021 06:47PixStealer: a new wave of Android banking Trojans abusing Accessibility Services – Check Point Research hxxps://research[.]checkpoint[.]com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/
Zloader can arrive on a victim’s machines through multiple entry points, such as phishing emails or exploit kits. A #Zloader infection can lead to data theft or to additional infections from other malware:TrendMicroRSRCH – Twitter – Oct 04 2021 17:59Zloader can arrive on a victim’s machines through multiple entry points, such as phishing emails or exploit kits.

A #Zloader infection can lead to data theft or to additional infections from other malware:…

19 new OPEN, 25 new PRO (19 + 9) Lazarus APT, Ursnif and Cobalt Strike CnC DNS sigs, Moar CVE-2021-41773, another MirrorBlast sig and ESPecter Bootkit! Thanks @JAMESWT_MHT and @welivesecurityET_Labs – Twitter – Oct 06 2021 23:0919 new OPEN, 25 new PRO (19 + 9) Lazarus APT, Ursnif and Cobalt Strike CnC DNS sigs, Moar CVE-2021-41773, another MirrorBlast sig and ESPecter Bootkit!

Thanks @JAMESWT_MHT and @welivesecurity…

Anomali Cyber Watch: New APT ChamelGang, FoggyWeb, VMWare Vulnerability Exploited and MoreAnomali – Blog – Oct 05 2021 18:28The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, FoggyWeb, Google Chrome Bugs, Hydra Malware, NOBELIUM and Vulnerabilities. The IOCs related to these stories are attached to…
FinServ Data Breaches
Twitch: No credentials or card numbers exposed in data breachBleepingComputer.com – Oct 07 2021 07:39Twitch says that no login credentials and credit card numbers belonging to users or streamers were exposed following yesterday's massive data leak. […]
Barclays Hacked by Cyberthieves Using Monzo Account, PISPDataBreaches.net -Financial Sector – Oct 04 2021 11:58PYMNTS reports: Millions of pounds were swiped from Barclays accounts in a series of coordinated cyberattacks by a fraudster using a Monzo account and a payments initiation service provider (PISP), The Telegraph reported. PISPs are a newer concept,…
Fraud & Money Laundering
Man, 23, arrested for alleged money laundering via love scamThe Straits Times All News – Oct 06 2021 02:55October 06, 2021 10:55 AM He will be charged in court on Thursday with two counts of benefiting from criminal conduct.
Singapore preps data sharing platform to tackle money launderingFinextra Research news – Oct 04 2021 23:10The Monetary Authority of Singapore (MAS) is building a digital platform that lets banks share information on customers and transactions in order to tackle money laundering, terrorism financing and proliferation financing.
NatWest Faces $460 Million U.K. Fine on Money Laundering GuiltBloomberg – Oct 07 2021 10:10NatWest Group Plc could face a fine of around 340 million pounds ($460 million) from the U.K. watchdog after pleading guilty to three criminal charges of money laundering.
Kazakhstan Senate Considers Bill to Amend Anti-Money Laundering, Counter-Terrorist Financing RulesBloomberg Law – Oct 06 2021 19:35The Kazakh Senate Oct. 5 accepted for consideration Bill No. 3245, amending the anti-money laundering and counter-terrorism financing rules. The bill includes measures to: 1) update reporting requirements and procedures for beneficial owners; 2)…
German police raid suspected Islamic money-laundering ringWashington Post – Oct 06 2021 08:18BERLIN — Police carried out large-scale raids in three German states Wednesday in connection with a suspected money-laundering network that reportedly funneled millions in ill-gotten gains to Turkey and Syria. Duesseldorf police said the raids, which…
Banks to probe card disputes for any link to OTP fraudStraits Times – Oct 05 2021 21:19This includes any related to transactions prior to Sept 2020, when first cases were confirmed Banks will investigate any new card dispute cases to identify whether they were of fraudulent transactions enabled by the diversion of SMS one-time passwords…
How to combat fraud in a hybrid banking environmentAsian Banking and Finance – Oct 04 2021 03:41Financial organizations are called to take the offensive against fraudsters with the use of anomaly detection and analytics. It’s time for the financial industry to turn the tables and stop playing catch-up to fraudsters using advanced analytics and…
Banks to probe new and past card disputes to identify if they are linked to SMS OTP diversion fraud: Lawrence WongThe Straits Times All News – Oct 05 2021 09:53October 05, 2021 5:53 PM SINGAPORE – Banks will investigate any new card dispute cases to identify if they were fraudulent transactions enabled by the diversion of SMS one-time passwords (OTPs), including any related to transactions prior to September…
The port fraud, SIM-swapping, and SIMJacking on mobile instrumentsMedium Cybersecurity – Oct 05 2021 22:04 The SIM swapping is the most common form of hack where the hacker installs SIM card on phone through your mobile provider and gains access… Continue reading on Medium »

Although Silobreaker has relied on what it regards as reliable sources while compiling the content herein, Silobreaker cannot guarantee the accuracy, completeness, integrity or quality of such content and no responsibility is accepted by Silobreaker in respect of such content. Readers must determine for themselves what reliance they should place on the compiled content herein.

Silobreaker Financial Services Threat Alert

Sign up to receive strategic intelligence on the biggest threats facing the Financial Services industry.

Silobreaker
This website uses cookies.
See our privacy policy at www.silobreaker.com/legal