On Wednesday three U.S. bank regulators issued an advance notice of proposed rulemaking (ANPR) calling on banks to do more with their cybersecurity programs. The Federal Reserve Board, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency have proposed a set of standards. The standards, which are open to discussion […]
Posted in Financial Services Security
Months after February’s high-profile $81 million heist at Bangladesh Bank, the global financial messaging system known as SWIFT said it has faced additional attempts to steal money starting in June. SWIFT messaging services are used and trusted by more than 11,000 financial institutions in more than 200 countries and territories around the world, according to […]
Posted in Data Breach, Financial Services Security
A former Google engineer has created an operating system for the financial service industry that uses blockchain, a component developed by Bitcoin. Known as Vault OS, the operating system creates a shared database in which participants can trace every transaction ever made. The ledger used is both tamperproof and transparent. That means transactions can be […]
Posted in Financial Services Security
According to the US Securities and Exchanges Commission chair, cyber hacking is the biggest risk facing the world’s financial markets today. US SEC Chair Mary Jo White made her comments Wednesday at a conference organized by the Reuters news service. She specifically cited the March 2016 theft of $81 million from the Bangladesh central bank. […]
Posted in Financial Services Security, Software Architecture and Design
SWIFT, the Society for Worldwide Interbank Financial Telecommunication, has issued a patch after identifying a vulnerability that may have lead to last month’s theft of theft of $81 million from a Bangladesh Bank account at the New York Federal Reserve Bank. “SWIFT is aware of a number of recent cyber incidents in which malicious insiders […]
Posted in Financial Services Security, Software Architecture and Design
Originally posted on SecurityWeek The former CISO of a large intelligence community agency once told me, “The number one challenge in IT Security is the carbon-based life form.” Needless to say, that comment has stuck with me as I read articles daily about hacks with their genesis found in credentials lifted from phishing schemes. Given […]
Posted in Data Breach, Financial Services Security, Internet of Things, Maturity Model (BSIMM)
The SWIFT secure financial messaging system is under U.S. government scrutiny after last week’s disclosure of the theft of millions from a Bangladesh Central Bank account at the Federal Reserve Bank of New York. Although smaller transfers between the Bangladesh bank and the federal reserve did go through, a large transfer of between $850-$870 million […]
Posted in Data Breach, Financial Services Security
Stung by early data breaches, some big banks have been quietly developing their own software products to protect their global assets. According to Reuters, U.S. banks, including Goldman Sachs Group, Morgan Stanley, and JPMorgan Chase, are beginning to sell technology developed internally. Others, such as Bank of America Corp and Citigroup say they do not […]
Posted in Financial Services Security
Criminal hackers looking to steal roughly a billion dollars from a bank in Bangladesh were stopped by a common mistake: a spelling error. Although smaller transfers between the Bangladesh central bank and the Federal Reserve Bank of New York did go through, a large transfer of between $850-$870 million was stopped at a transfer bank, […]
Posted in Financial Services Security
In his latest SearchSecurity article, Gary McGraw discusses the risks behind medical devices that are deeper than patient data, including patient safety risk and in worst cases, death, which can result in the corruption from devices used to preserve patient life. All of these risks around medical devices are caused by the simple fact that […]
Posted in Financial Services Security, Healthcare Security, Mobile Application Security
Get the latest Software Integrity news, thought leadership, and more.
