Attacks/Breaches

5/16/2018
12:49 PM
50%
50%

Hackers Stole Funds from Mexican Banks

Attack targeted nation's bank payment system with shades of SWIFT heist.

Mexican central bank officials confirmed this week that a cyberattack against its payments system resulted in millions of dollars in losses to domestic banks.

The attacks reportedly were spotted in late April, and appear to be similar to those waged against the SWIFT inter-bank messaging system. Alejandro Diaz de Leon, head of Mexico's central bank, said the attacks resulted in illicit transactions of $18 million to $20 million.

Mexico's central bank in the wake of the attacks has created a cybersecurity division, and a one-day waiting period on electronic funds transfers of more than $2,500 has been instituted, according to reports.

Read more here and here

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESET,  7/12/2018
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14394
PUBLISHED: 2018-07-19
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.
CVE-2018-14395
PUBLISHED: 2018-07-19
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.
CVE-2018-14399
PUBLISHED: 2018-07-19
libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content] JSON data to the index.php?m=member&c=index&a=register URI.
CVE-2018-14401
PUBLISHED: 2018-07-19
CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read.
CVE-2018-14402
PUBLISHED: 2018-07-19
axmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::parse_start_namespace function in lib/jitana/util/axml_parser.cpp.