Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Big Banks Vulnerable to Web, Mobile Attacks
#1
Quote:Nearly all of the largest 100 banks are vulnerable to web and mobile attacks, which give hackers access to sensitive data, according to ImmuniWeb.

“We leveraged an enhanced methodology from our previous research that covered web and mobile application security of the world largest companies from the FT 500 list,” the report said. “For the purpose of this research, we carefully studied external web applications, APIs and mobile apps of the S&P Global list that contains the world's largest financial organizations from 22 countries.”

According to the findings, 85 e-banking web applications failed a GDPR compliance test and 49 failed a PCI DSS test. “Only three main websites (Credit Suisse, Danske Bank and Handelsbanken) out of 100 had the highest grades 'A+' both for SSL encryption and website security,” the report said.

“Given the non-intrusive nature of the research and formidable resources available to the top banks studied in the research, the findings urge financial institutions to revise their existing approaches to application security,” said Ilia Kolochenko, CEO and founder of ImmuniWeb.

“Most of the data breaches involve or start with insecure web and mobile apps that are too frequently under prioritized by future victims. Unfortunately, most cybersecurity teams today carry a burdensome duty to meet compliance and regulatory requirements as the first priority and simply lack available resources to tackle other essential tasks. Eventually, they become low-hanging fruits for cybercriminals.”

Researchers detected 29 active phishing campaigns targeting customers of the financial institutions. “Phishing websites either spread banking malware aimed to steal e-banking credentials or provide fraudulent login forms aimed to steal victim’s credentials. Most of the malicious websites were hosted in the US,” the report said.

[Image: vU5QDpw.png]
Reply
#2
Not really surprising
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  700,000 WordPress Sites Vulnerable to Takeover, No Fix Available mrtrout 0 104 11-12-2024 , 11:32 PM
Last Post: mrtrout
  Philips healthcare infomatics solution vulnerable to SQL injection mrtrout 0 649 11-08-2021 , 02:20 AM
Last Post: mrtrout
  Indian Banks and Finance Companies Targeted by Multi-Staged JSOutProx RAT Malware mrtrout 0 1,392 10-24-2021 , 02:44 AM
Last Post: mrtrout
  Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws Bjyda 0 1,077 03-28-2021 , 12:06 PM
Last Post: Bjyda
  The Ursnif Trojan has hit over 100 Italian banks Bjyda 0 1,068 03-05-2021 , 12:25 AM
Last Post: Bjyda



Users browsing this thread: 3 Guest(s)