Post mortems on the Bangladesh Bank cyber theft excite concerns over the integrity of SWIFT transaction records. Although SWIFT wasn’t directly compromised, some banks’ interactions with the system apparently were.
The attempt against Vietnam’s Tien Phong Bank—said to have been blocked—had a different destination for funds transfers than did the Bangladesh Bank caper. In the Vietnamese case, the funds would have been sent to an account in Slovenia.
Symantec has published findings on a major cyber espionage campaign targeting Indian government and financial sector enterprises. No attribution is offered.
Another malicious app has found its way into the Google Play Store. This one, “Black Jack Fee,” serves up, according to Lookout researchers, a variant of the Acecard banking Trojan.
Symantec continues to deal with a cross-platform vulnerability discovered in its anti-virus products.
One approach to cyber vigilantism has grown familiar over recent weeks: substation of a “public service announcement” for a Locky ransomware payload. F-Secure looks at this grey hat move.
Criminal marketplaces have evolved, of course, into simulacra of legitimate markets. Their enterprises now have, an HPE report says, help desks, HR departments, and so on. They also have their own exposure to other criminals: the hacker forum Nulled.IO, a popular souk for stolen data, has itself been robbed of its data.
In a developing story, there’s some evident LinkedIn credentials have been compromised. The nature and severity of the incident are presently unclear.
Chinese authorities quietly interrogate US companies about security, interviewing Apple, Cisco, and Microsoft.
Catch the CyberWire's Podcast later this afternoon, with interviews, educational tips, and more on the stories of the day. (If you feel so inclined, please give us an iTunes review.) Today we'll hear from the University of Maryland's Jonathan Katz on breaking ransomware encryption. We'll also talk with our guest, John Michelsen of Zimperium, on how mobile devices might be defended from the inside.
A note to our readers: today and tomorrow we're in Washington, DC, covering DCOI 2016, the second annual US-Israeli cyber security summit. We're live-Tweeting the proceedings, and we'll have extensive reports in tomorrow's and Friday's issues.