Kartwheel News

Cyber stories

Tag: Financial Services

Attacking the Organism: Financial Services

When it comes to high-value assets, few industries can come close to financial services. It’s not just the obvious fact that banks are giant warehouses of money—banks represent critical pieces of infrastructure that entire economies rely upon. Some of today’s largest financial institutions have more app developers than bankers. The way these companies interact with…

Read More

Top Attacks Against Financial Services Organizations 2017–2019

Authentication Attacks: Growing Every Year Credential stuffing and brute force attacks have been the biggest threats for financial services recently, and the trend shows no sign of slowing. This is unsurprising, given the capability that legitimate credentials represent for attackers. If attackers are able to guess or simply re-use already compromised credentials and gain access…

Read More

2021 APR Supplement: Of Sectors and Vectors | F5 Labs

So How Good Are Sectors for Predicting Risk? Based on these analyses, it appears that the answer is “not bad, but it depends.” On one hand, we can identify specific patterns that seem to map to characteristics about those sectors. We already knew that the Retail Trade sector is heavily targeted by attacks that are…

Read More

Steering a Cyber-Course Through Covid-19’s Troubled Waters

As Covid-19 drives a higher volume of transactions online, the dance between cyber-criminals and security professionals has stepped up a beat. Enterprises are re-assessing the robustness of their systems, while bad actors are on the look-out for vulnerabilities to exploit. Under lockdown measures, organisations have been forced to reassess their physical environments. Now they must…

Read More

DDoS Against a Financial Service: Analysis of a Massive Attack | F5 Labs

The two peaks appeared to be caused by the attackers targeting the company’s domain name, rather than a specific IP address. The customer uses a round robin DNS system with two IP addresses, each with a 90-second TTL (time-to-live). As the attackers’ DNS resolutions shifted with the round robin, for a brief period both IP…

Read More

Web Shells: Understanding Attackers’ Tools and Techniques | F5 Labs

Introduction Disclosures of breaches often include mention of a “web shell” to further attacker ends. As one example, the Clop ransomware group (also known as ‘Lace Tempest,’ TA505, and FIN11) has used web shells as part of their attack chains in both the Kiteworks Accellion FTA breach of 2020 and the plethora of breaches related…

Read More

Recent Posts

Recent Comments

No comments to show.