Tag Archive for: digital

The New FDIC InTREx Security Procedures: The Impact on Banks’ Digital Strategy

/in


The use of technology continues to change in banking, and with it changes in cybersecurity risks. To address these changes, the FDIC updated the Information Technology Risk Examination (InTREx) procedures.

Updates include the requirement for banks to notify the FDIC within 36 hours of any computer security incident. InTREx also evaluates whether banks notify law enforcement and customers in these cases. It also applies to third-party organizations serving banks.

These rules are bound to impact banks’ digital strategy. Here are some questions to ask bank security staff to make sure they’re in compliance with the updates.

In most cases, community banks adding digital tools will use vendors, so it’s important to understand these rules. The InTREx exam procedures can help protect banks and their customers by gaining a deeper understanding of their vendors. It’s paramount in keeping customer trust to know where their data is, what controls protect it, who has access to it, and what happens when a failure occurs.

With this updated guidance, is your bank reviewing existing vendors as part of your vendor review process, especially for critical or high-risk vendors? Make sure they’re updating contact information, getting current due diligence packets, and understanding any new technology partners they’ve engaged with since the last review, as sometimes these would be considered fourth-party vendors.

Even if your bank relies more heavily on vendors, the risk responsibility does not fall entirely on them. Banks bear the responsibility to make sure they fully understand the risks of each relationship. Contractually, there may be language to help the bank financially in case of a vendor breach.

It’s critical to understand the information each vendor has and make sure your bank gets status reports, remains in touch and conducts timely reviews. Don’t focus on responsibility from a financial perspective alone — make sure your bank accounts for reputational risk to the institution, as well.

How Should Banks Better Secure Their Data?
As chief information security officers would advise, all data should be secured consistently and at the highest level based on its defined…

Source…

Vietnamese Hackers Hit Digital Marketers With Info Stealers

/in


Anti-Phishing, DMARC
,
Endpoint Security
,
Fraud Management & Cybercrime

Under Fire: US, UK and India; Attackers Often Wield DarkGate Info-Stealing Malware

Jayant Chakravarti (@JayJay_Tech) •
October 20, 2023    

Vietnamese Hackers Hit Digital Marketers With Info Stealers
Image: Shutterstock

Cybercrime groups in Vietnam are targeting the digital marketing sector in the United Kingdom, United States and India with multiple malware strains, including the widely used DarkGate information stealer, security researchers report.

See Also: Defending Against the Rising Tide of Fraud: Resilience Strategies for Businesses


Security firm WithSecure’s Detection and Response Team said it tracked multiple Vietnamese cybercrime groups running social engineering campaigns in September, designed to trick marketing professionals into downloading malicious files masquerading as job descriptions and salary details.


Schemes used by attackers included using fake job openings at Corsair, a computer memory and hardware manufacturer, to convince individuals to download a malicious file called Job Description of Corsair.docx. They also used job openings at Indian finance company Groww as bait in India.


The Vietnam-based groups likely purchased the information-stealing malware from cybercrime marketplaces and used them interchangeably when attacking specific sectors or groups, researchers said. The malware samples used in the campaigns included the well-known DarkGate info stealer, as well as Ducktail, Lobshot and Redline.


Researchers said attackers’ tactics and choice of malware overlapped heavily, making it difficult to attribute any given…

Source…

Cyber security threats, corruption prevention in Zim… safeguarding the nation’s digital future

/in


Digital threats … Cyber security stands as Zimbabwe’s stalwart guardian against the encroachment of corruption in the digital age.

NESTLED in the lush, green heart of Africa, Zimbabwe boasts a rich tapestry of cultures and breathtaking landscapes, fertile soil and strong people.

Yet, as this resilient nation marches forward, it confronts two formidable challenges that define our era: the relentless spectre of corruption and the ever-evolving landscape of cyber security threats.

In this captivating journey, as we commemorate Cyber Awareness Month we will examine the intricacies of Zimbabwe’s struggle to fortify its digital borders, refine its statecraft, and craft resilient strategies to combat corruption amidst a complex cyber landscape and the inherent threats posed to its stability and prosperity.

A crack in the crystal

Until recently, cyber attacks against the private sector were skyrocketing year-over-year in terms of direct cost and sheer volume. Now, critical infrastructure is seemingly under constant attack, from the energy sector and the power grid to the financial, nuclear, and even health sectors.

Most of these intrusions are likely simple attempts at positioning for real attacks — including full-scale cyber war — a way of testing vulnerability and response. A scaled operation executed by sophisticated attackers would easily bleed the cloud and deny, degrade, or destroy the information currently housed in computers and networks, disrupting everything from the economy to supply chains to national defence to air travel.

Such attacks have the potential to cripple the technological systems upon which we have become reliant, but a worst-possible scenario would see cyber attacks as a forerunner to conventional assaults targeting critical physical infrastructure, natural resources and those in positions of local and national power. The country could be thrown into darkness in a matter of hours.

Complicating these risks is the fact that corruption in Zimbabwe has seamlessly transitioned into the digital realm, leaving an indelible stain on the nation’s…

Source…

Why Antivirus Internet Security is Vital in Today’s Digital World

/in


With our increasing reliance on technology and the internet, we are more vulnerable to various cyber threats such as viruses, malware, spyware, and phishing scams. These threats not only put our personal information at risk but also pose a significant threat to businesses and organizations. Antivirus internet security software is designed to protect our devices from these malicious attacks by detecting and removing any potential threats. It works by continuously scanning your device and monitoring all incoming data for any signs of viruses or other harmful programs. In addition to detecting and removing existing threats, antivirus software also provides real-time protection against new emerging ones.

The Importance of Antivirus Internet Security

1. Protection against Malware: Malware is short for “malicious software” and refers to any program or code that is intended to harm your computer or steal sensitive information without consent. This includes viruses, worms, Trojans, ransomware, spyware, adware, and more. Antivirus software acts as a shield against these types of malware by identifying them before they have a chance to infect your system.

2. Safeguards Online Transactions: The rise of e-commerce has made online shopping an essential part of our lives. With this comes the risk of falling victim to fake websites or getting scammed through fraudulent transactions.
Antivirus internet security software can protect you from these cyber threats by maintaining a secure connection and keeping your personal information, such as credit card details, safe from hackers.

3. Identity Theft Protection: With the rise of social media and online platforms, it has become easier for cybercriminals to gather personal information about individuals and use it for identity theft. Antivirus software can help prevent this by safeguarding your personal data and alerting you if any suspicious activity is detected.

4. Protects Against File Corruption: A virus or…

Source…