Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

Cyberthreats Targeting Financial Services, According to Fortinet Threat Report for Q2 of 2019

Cyberthreats Targeting Financial Services, According to Fortinet Threat Report for Q2 of 2019

By Anthony Giandomenico, Senior Security Strategist and Researcher, FortiGuard Labs

Every quarter, Fortinet’s Threat Landscape Report highlights threats targeting various industries, including the financial services sector. In Q2 of 2019, threat activity across the internet hit its highest point ever, and those new trends and developments revealed increased cybercriminal intent to exploit the financial industry. Organizations are encouraged to explore this threat intelligence report to stay in the know and better protect their institutions from current as well as future risk.

Threat Actors Employ Evasive Anti-Analysis Techniques

Many of today’s more nefarious malware tools use anti-analysis techniques: features for evading antivirus, sandbox and other threat-detection measures to slip past their target organizations’ defenses. While these techniques are not new, their popularity appears to be growing.

For example, a new variant of the Dridex banking Trojan was discovered in June 2019. This malware was able to successfully evade several traditional antivirus tools by leveraging 64-bit DLLs disguised using the file names of legitimate Windows functions. Each time a victim logged in, the file names and associated hashes were changed, complicating signature-based detection on infected host systems even further.

In addition to evasive Trojans, a number of downloaders with built-in, sophisticated evasion techniques were also spotted last quarter. One example, AndroMut, was used by the Russian-speaking TA505 group in a campaign that targeted employees working at financial organizations in the U.S. and elsewhere. This downloader’s anti-analysis features consisted of sandboxing and emulator verification, checks for mouse movement, and debuggers.

Similarly, two other downloaders – Brushaloader and a new version of JasperLoader – were reported to have employed advanced evasion techniques like location verification, as well as sleep timers for delayed malware execution.

The growing use of anti-analysis and expansive evasion tactics presents a challenge to financial organizations and highlights the need for layered defenses. These defenses must span beyond traditional threat detection and include more than just signature and behavior-based techniques.

Cyber Criminal Organizations Are Also Targeting Online Transactions

Many major events in Q2 highlighted the growing number of attacks focused on trusted third parties.

Magecart, an umbrella term for multiple cybercriminal organizations that have been using card-skimming software to exfiltrate data from ecommerce websites. These groups insert JavaScript skimmers into third-party components that websites rely on for critical business functions, such as content management and payment services. These skimmers then capture payment data from behind the scenes.

In May, more than 185,000 payment cards were stolen from various ecommerce sites using JS/Cryxos.PWS!tr, a lightweight JavaScript skimmer. At the beginning of Q2, this variant showed steady activity, followed by a large spike in June. Most victims of this exploit were in the U.S. However, other pockets of victims were observed in Australia, Britain, France and Italy.

Threat intelligence plays a critical role in helping financial institution stay ahead of the latest threat trends and challenges. Government mandates like GDPR make organizations using third-party services primarily responsible for protecting customer data, and failure to protect critical payment data can result in serious consequences and fines. Threat intelligence plays an essential role in providing critical insights and providing guidance on how and where to implement third-party risk management.

Final Thoughts

Cyber criminals are constantly evolving their attack strategies and techniques to increase their accuracy, evade detection and achieve their malicious goals. Financial institutions must continually leverage threat intelligence, like that provided by Fortinet’s Quarterly Threat Landscape Report – in conjunction with advanced security tools – to identify looming threats and thwart the impact of advancing cyberattacks.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post