Insights

Neil Gibb walks us through a typical day undercover as a physical cyber security specialist and shares Valuable advice for defending against physical threat actors.

Among the various standards and regulations designed to protect data, the Payment Card Industry Data Security Standard (PCI DSS) stands out as a critical framework, especially in the financial sector. But why does PCI DSS matter?

Financial service organisations are prime targets for cybercriminals, given their handling of sensitive personal data and large sums of money. Unfortunately, several cyber security myths within the financial services sector impede effective defence strategies. Below, we debunk these common myths and offer insights into building a resilient cyber security posture.

The digital finance landscape is evolving rapidly, with fintech at the forefront. However, as fintech companies continue to break new ground, they also navigate a minefield of cyber security threats. This blog looks into the cyber security challenges faced by the fintech sector and outlines how with the help of Integrity360 they can mitigate these risks to ensure a secure digital finance ecosystem.

A month ago, Ponemon and IBM released the Cost of a Data Breach 2021 report, an annual study on the cost of data breaches and the modern threat landscape. The report not only highlighted that the cost of data breaches is on the rise but also showed that enterprises are taking longer to contain security incidents. 

TrickBot is a banking trojan that was first detected in September 2016 and since that time had been developed to incorporate the targeting of multiple geographies and online services. The malware was developed to gain unauthorized access to customer bank accounts to facilitate fraudulent transactions, but also targeted users of online services such as Salesforce and cryptocurrency services. The malware was reportedly delivered via spam emails containing malicious attachments, including those distributed by the Necurs botnet, and via the RIG exploit kit. In some cases, TrickBot used an exploit called EternalBlue (affects CVE-2017-0144) or Windows API calls to propagate in a local network. The functions and activities of TrickBot are reportedly very similar to the Dyre banking trojan, and it was assessed by researchers to be linked to this trojan, including that at least one of the developers of Dyre was involved in the development of TrickBot.

Integrity360 is aware of an increased in DDoS attacks globally which we would like to remind our clients to remain vigilant about.

While the effects of the Coronavirus develop, businesses across the world are turning to remote working to ensure the safety of their employees as well as the continuity of their services.

Data breaches in the financial services sector are never taken lightly considering the potentially devastating fallout that can take place in their aftermaths. The recent data breach reported by Capital One is being treated no differently.

5 of the biggest trends hitting cyber security right now

For an industry dominated by computers and servers, cyber security in general is about as shapeless as sand. Hackers and security specialists alike bring something new to the table every day and it’s up to businesses to stay on top of it all.

Red Teams are an increasingly popular form of defence and are essential to complying with the TIBER-EU framework.