Endpoint //

Privacy

7/11/2018
03:25 PM
50%
50%

Banks Suffer an Average of 3.8 Data Leak Incidents Per Week

New study examines how financial services information gets sold and shared in the Dark Web.

It's no secret that financial services organizations are juicy targets for cybercrime, but new data shows how much more the bad guys are stealing from them: in the past year, there's been a 135% jump in bank data for sale on the Dark Web. 

A new report from IntSights Cyber Intelligence shows financial services is the number one most-attacked industry: from 2017 until the first half of 2018, the security firm found an average of 207 indictators of attacks - such as company IPs, domains, email, and data included in Dark Web chatter, malware, or target lists - on a US bank. In the first half of this year, that average hit 520.

"Based on our data of leaked banking information, we saw a 135% year-over year increase in financial data being sold on dark web black markets. For the first six months of 2018, we’ve seen an average of 98.9 incidents of data leakage per bank. That translates to 3.8 incidents per week per bank," IntSights wrote in its report.

Read the full report here.  

 

 

 

Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7715
PUBLISHED: 2019-03-26
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The main shell handler function uses the value of the environment variable ipcom.shell.greeting as the first argument to printf(). Setting this variable using the sysvar command results in a user-c...
CVE-2019-8981
PUBLISHED: 2019-03-26
tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the need_bytes value is mismanaged.
CVE-2019-10061
PUBLISHED: 2019-03-26
utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands.
CVE-2019-7711
PUBLISHED: 2019-03-26
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the (user controlled) shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addre...
CVE-2019-7712
PUBLISHED: 2019-03-26
An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf() without a proper check. An attacker may thus forge a path contain...