Financial groups lay out a plan to fight AI identity attacks 2026-04-01 at 10:34 By Mirko Zorz Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the American Bankers Association, the Better Identity Coalition, and the […]
Financial groups lay out a plan to fight AI identity attacks Read More »
EvilTokens ramps up device code phishing targeting Microsoft 365 users 2026-03-31 at 17:56 By Zeljka Zorz Security researchers report a notable increase in device code phishing activity aimed at Microsoft 365 users, and have attributed this rise to the availability of EvilTokens, a new, specialized phishing toolkit that’s being offered as-a-service via Telegram. What is
EvilTokens ramps up device code phishing targeting Microsoft 365 users Read More »
Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) 2026-03-28 at 11:30 By Zeljka Zorz A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities
Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) Read More »
How state-sponsored attackers hijacked Notepad++ updates 2026-02-02 at 15:38 By Zeljka Zorz Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by compromising the software project’s shared hosting server and intercepting and redirecting update traffic destined for notepad-plus-plus.org, the software’s maintainer Don Ho confirmed on Monday. The attack timeline In early December 2025, security researcher
How state-sponsored attackers hijacked Notepad++ updates Read More »
A new framework helps banks sort urgent post-quantum crypto work from the rest 2026-01-22 at 04:57 By Sinisa Markovic Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out a scoring framework that helps banks rank systems and business use cases
A new framework helps banks sort urgent post-quantum crypto work from the rest Read More »
Banks built rules for yesterday’s crime and RegTech is trying to fix that 2025-12-17 at 08:32 By Sinisa Markovic Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with schemes that shift through accounts, intermediaries, and digital
Banks built rules for yesterday’s crime and RegTech is trying to fix that Read More »
Criminal networks industrialize payment fraud operations 2025-11-27 at 07:55 By Anamarija Pogorelec Fraud operations are expanding faster than payment defenses can adjust. Criminal groups function like coordinated businesses that develop tools, automate tasks, and scale attacks. New data from a Visa report shows how these shifts are reshaping risk across the financial sector. Fraud now
Criminal networks industrialize payment fraud operations Read More »
When every day is threat assessment day 2025-11-12 at 09:00 By Mirko Zorz In this Help Net Security interview, Paul J. Mocarski, VP & CISO at Sammons Financial Group, discusses how insurance carriers are adapting their cybersecurity strategies. He explains how ongoing threat assessments, AI-driven automation, and third-party risk management help maintain readiness. Mocarski also
When every day is threat assessment day Read More »
Hidden risks in the financial sector’s supply chain 2025-11-11 at 10:29 By Anamarija Pogorelec When a cyber attack hits a major bank or trading platform, attention usually turns to the institution. But new research suggests the real danger may lie elsewhere. BitSight researchers found that many of the technology providers serving the financial sector have
Hidden risks in the financial sector’s supply chain Read More »
Financial services can’t shake security debt 2025-11-04 at 07:30 By Anamarija Pogorelec In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” that keeps growing, according to Veracode’s 2025 State of Software Security report. Researchers analyzed data
Financial services can’t shake security debt Read More »
Securing real-time payments without slowing them down 2025-11-03 at 08:00 By Mirko Zorz In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, authentication, and better industry cooperation can help stay ahead of fraud. Singh also touches on
Securing real-time payments without slowing them down Read More »
You can’t audit how AI thinks, but you can audit what it does 2025-10-31 at 08:30 By Mirko Zorz In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and emerging
You can’t audit how AI thinks, but you can audit what it does Read More »
Early reporting helps credit unions stop fraudulent transfers faster 2025-10-29 at 08:48 By Mirko Zorz In this Help Net Security interview, Carl Scaffidi, CISO at VyStar Credit Union, discusses how credit unions are adapting to an evolving fraud landscape and strengthening payment security. As cybercriminals leverage social engineering and AI-driven tactics, Scaffidi explains how innovation
Early reporting helps credit unions stop fraudulent transfers faster Read More »
Behind the screens: Building security customers appreciate 2025-10-09 at 08:03 By Mirko Zorz In this Help Net Security interview, Jess Vachon, CISO at PRA Group, discusses the company’s multi-layered defense against fraud and its commitment to protecting customer trust. Vachon explains how PRA Group balances identity verification with a seamless customer experience. Vachon also reflects
Behind the screens: Building security customers appreciate Read More »
North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S. 2025-10-01 at 17:24 By Zeljka Zorz North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has broadened its scope to attempt to infiltrate a variety of industries worldwide, including finance, healthcare, public
North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S. Read More »
Boards are being told to rethink their role in cybersecurity 2025-09-01 at 08:03 By Sinisa Markovic Boards of directors are being told that cybersecurity is now central to business resilience and growth, and that they must engage more directly in the way their organizations manage risk. A new report from Google Cloud’s Office of the
Boards are being told to rethink their role in cybersecurity Read More »
Five ways OSINT helps financial institutions to fight money laundering 2025-08-22 at 09:31 By Help Net Security Here are five key ways OSINT tools can help financial firms develop advanced strategies to fight money laundering criminals. 1. Reveal complex networks and ownership structures Money launderers often use layered networks of offshore entities and shell companies
Five ways OSINT helps financial institutions to fight money laundering Read More »
Fighting fraud with AI: The new identity security playbook 2025-08-15 at 08:34 By Help Net Security In this Help Net Security video, Hal Lonas, CTO at Trulioo, talks about the rise of synthetic identity fraud and how it’s quickly becoming one of the biggest threats in financial crime. He breaks down how fraudsters are using
Fighting fraud with AI: The new identity security playbook Read More »
Why behavioral intelligence is becoming the bank fraud team’s best friend 2025-07-29 at 09:03 By Mirko Zorz In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how banks are using behavioral biometrics, device fingerprinting, and network intelligence to enhance fraud
Why behavioral intelligence is becoming the bank fraud team’s best friend Read More »
Financial firms are locking the front door but leaving the back open 2025-07-11 at 07:32 By Anamarija Pogorelec Financial institutions are building stronger defenses against direct cyberattacks, but they may be overlooking a growing problem: their vendors. According to Black Kite’s new report, third-party risk has become one of the biggest cybersecurity threats facing the
Financial firms are locking the front door but leaving the back open Read More »