Connect with us

Cyber Security

Military Vehicles Maker Navistar International Corporation Confirmed a Cyberattack

Published

on

Cyberattack

Navistar International Corporation, a manufacturer of trucks and military vehicles in the United States, has disclosed a cyberattack in which some data was stolen.

Navistar claimed it learned of a credible possible cybersecurity vulnerability to its information technology system on May 20, 2021, in a Form 8-K statement with the Securities and Exchange Commission (SEC).

Navistar acted quickly to control and limit the incident’s impact, as well as initiate an inquiry into the situation, enlisting the help of security and forensics professionals.

The corporation also made steps to improve the security of its IT infrastructure and preserve the data it houses, claiming that all of its systems have remained operational.

Navistar, on the other hand, “received a claim that certain data had been stolen from” its network on May 31.

The corporation is still looking into “the scope and effects of the cybersecurity incident” and has already alerted law police about it.

Navistar did not share technical information about the event, but given the increased number of ransomware cases in recent months in which attackers seized victim data to use as leverage, it’s possible that ransomware was involved.

Navistar, founded in 1986, manufactures trucks, buses, and diesel engines, as well as military vehicles through its Navistar Defense division.

Following a ransomware attack that prompted Colonial Pipeline to shut down distribution networks in early May, JBS USA, the US division of the world’s largest meat processing corporation, revealed last week that it had also halted operations in the United States and Australia.

A similar attack was also launched last week on Steamship Authority, the largest ferry service between Cape Cod and the Massachusetts Islands of Martha’s Vineyard and Nantucket. Molson Coors Beverage Company was hit by malware earlier this year.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/military-vehicles-maker-navistar-international-corporation-confirmed-a-cyberattack/

Big Data

World Mobile Token Ltd looks to raise $40M in Cardano-based native token sale

Published

on

World Mobile Token Ltd looks to raise $40M in Cardano-based native token sale

World Mobile Token Ltd, which is enabling a new global mobile network built on the sharing economy, announces the launch of its utility-based World Mobile Token (WMT) on the Cardano blockchain. The company aims to raise 40 million USD within the first five weeks of the public sale on top of the 5 million USD it has raised privately.

The KYC application opens on June 15th, when participants will be able to create their private WMT vaults. Applicants will be notified when they are approved and it’s their turn to purchase tokens with ADA, BNB, BTC, DAI, or ETH. Participants will need a Cardano address to make a purchase, and will have 24 hours to do so.

Globally 1.7 billion adults remain unbanked, according to the World Bank. Despite many of the technological advancements many of us take for granted, most traditional banks require a manual onboarding process and rely on credit bureaus to verify client identity. These manual, in-person procedures deny many demographics from basic services, such as the ability to open an account, apply for a loan and mortgage, or obtain access to other financial opportunities.

The World Mobile Network aims to bring sustainable connectivity to communities, in Africa and beyond, through the WMT sharing economy. The company sells affordable network nodes to local business owners and implements blockchain-based digital IDs, in turn empowering the African continent with greater economic freedom, digital inclusion, blockchain adoption, and connection to the Internet.

The World Mobile Network already operates in East Africa. Starting with Tanzania and Kenya, the company aims to bring sustainable connectivity to communities through the sharing economy. WMT will power the World Mobile Network ecosystem, allowing World Mobile Network users access to digital banking, healthcare, digital identification, and educational institutions.

“The launch of our native utility token on the most promising blockchain out there really pushes our vision forward,” says Sean Inggs, Director of World Mobile Token Ltd. “WMT will fuel our ecosystem to empower thousands to obtain access to basic necessities including identification, access to education, banking and other fundamental services.”

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.fintechnews.org/world-mobile-token-ltd-looks-to-raise-40m-in-cardano-based-native-token-sale/

Continue Reading

Big Data

BBVA Mexico claims first contactless biometric payment card from Visa issued in Latin America

Published

on

BBVA Mexico is launching a pair of new payment card offerings in collaboration with Visa, one of which features fingerprint biometrics for payment security.

The Smart Key is the first contactless Visa credit card with biometrics offered in the region, according to the announcement. It, along with the Aqua card is made with up to 86 percent recycled material. Both are issued without personalized data printed on the card, while the Aqua card also features a dynamic verification code (CVV).

The bank has 23.7 million customers, 54 percent of whom use the digital channel through the BBVA Mexico App. Of those customers, 5.4 million have credit cards, and 21.2 million have debit cards.

Contactless biometric payment cards from Thales with Fingerprint Cards sensors were certified by Visa last year.

Visa Senior VP and Head of Global Clients Mark Jamison says that “consumer expectations are getting higher and higher and they expect fast and frictionless payment experiences. They are embracing the speed, hygiene and security that contactless payments offer and are becoming more familiar with new forms of biometric authentication in their digital experiences.”

Smart Key biometric payment cards are expected to launch soon for its Patrimonial and Private Banking clients, before becoming available to all clients.

“It is more than a card, this new next-generation device will arrive to transform the means of payment,” states BBVA Mexico General Director of Customer Solutions Hugo Nájera Alva. “We are the first bank in Mexico and on the American continent to put in the hands of our clients a credit card with the latest technology in biometric identification. Through the fingerprint you have access to the most secure, personal and easy-to-use payment experience.”

BBVA has been rapidly adopting biometrics, adding Nok Nok technology to its mobile banking services and Veridas for onboarding across its global operations.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.fintechnews.org/bbva-mexico-claims-first-contactless-biometric-payment-card-from-visa-issued-in-latin-america/

Continue Reading

Cyber Security

Cybersecurity Degrees in Missouri

Published

on

Cybersecurity Degrees in Missouri
Cybersecurity Degrees in Missouri

Cybersecurity Degrees in Missouri- This article outlines the opportunities accessible at Missouri cybersecurity schools. It also includes details on various types of cybersecurity training offered in the state. In recent years, many businesses and corporations have made significant investments in Missouri’s cybersecurity sector. This is due in large part to the high number of educational institutions that offer cybersecurity degrees and serve as hubs for cybersecurity firms.

Table of Contents

Cybersecurity Development in Missouri

Missouri, particularly in its two major cities of St. Louis and Kansas City, is a hotbed of cybersecurity activity. Since the formation of the Midwest Cyber Center in 2016, the state’s cybersecurity development has gradually increased. It is a St. Louis-based nonprofit that supports newer cybersecurity professionals with education, scholarships, internships, and many industry and university connections.

The Missouri Office of Administration – Cybersecurity is in charge of cybersecurity in Missouri. This is an excellent opportunity for aspiring cybersecurity specialists to get a position with the government in this competitive but rewarding area.

The state of Missouri has a strong cybersecurity culture. Within the state, there are numerous cybersecurity communities, including a chapter of the Information Systems Security Association. They’ll get together in Kansas City. This is a fantastic opportunity to meet and network with other cybersecurity professionals.

Cybersecurity professionals in Missouri, on the other hand, can take advantage of the numerous conferences and workshops available. The Missouri Digital Government Summit and the travelling IT expo SecureWorld, which comes to St. Louis every fall, are two examples. In a word, there is a lot of progress in the field of cybersecurity within Missouri’s boundaries.

Cybersecurity Education in Missouri

In Missouri, there are several options for cybersecurity education. It all depends on the type of degree you want to pursue and, to some extent, your plans after graduation. Missouri, in general, has a number of good colleges with specific cybersecurity programmes or networks.

The Cybersecurity and Information Technology Innovation Lab at the University of Missouri St. Louis is one of the most well-known of them. The National Science Foundation named this school a Nation Center of Academic Excellence shortly after this lab was finished.

The NSA has also acknowledged the Missouri University of Science and Technology for similar achievements. It has an interdisciplinary Intelligent Systems Center, which is a collection of research labs on the Missouri S&T campus that offers a variety of cybersecurity testing and development options.

Overall, no matter your level of experience, Missouri has a multitude of cybersecurity educational possibilities.

ASSOCIATE’S DEGREE

Several schools in Missouri offer associate degrees in cybersecurity. Metropolitan Community College, St. Louis Community College, and St. Charles Community College are among these colleges. In the state of Missouri, all associate’s degrees in cybersecurity must be obtained on campus.

BACHELOR’S DEGREES

Campus-Based Degrees Cybersecurity Degrees in Missouri

Missouri has an excellent spread of bachelor’s degrees in cybersecurity. Degrees are offered by Fontbonne University, Lindenwood University, the University of Central Missouri, University of Missouri St. Louis, and more.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/cybersecurity-degrees-in-missouri/

Continue Reading

Cyber Security

Cybersecurity in the Financial Services Industry

Published

on

Cybersecurity in the Financial Services Industry
Cybersecurity in the Financial Services Industry

Cybersecurity in the Financial Services Industry- Every customer and client’s personally identifiable information (PII) is given to financial services providers such as banks, credit unions, credit card companies, and investment businesses. Home address, Social Security number, banking information, phone number, email address, and income information are all included. Because of the great value of this data on the darknet, fraudsters are attracted to this area.

The worldwide financial services sector was estimated to be worth $22 trillion in 2019. Non-cash payments have been steadily increasing in this industry. Non-cash payments are growing in popularity as the internet and mobile phones become more widely used in emerging countries, as well as a global shift toward real-time payment mechanisms.

Internet banking, smartphone apps, and rapid payments all necessitate the use of new technology. Increased technological use necessarily expands the attack vector for the industry and provides new vulnerabilities.

The increasing incidence of cyberattacks on financial services firms reflects how this industry has resorted to technology to solve many of its challenges. Many financial organisations rely on big data to grow their market share. Financial organisations may better understand their consumers and attract new ones by tapping into social media, consumer databases, and news feeds.

Because of the inherent dangers of technology, academia is under pressure to produce fresh and growing crops of highly competent security specialists. The financial industry may have fumbled at the start of the fight to keep one step ahead of cyber bad actors. “While financial institutions are aware that security is a concern, many are unprepared and unaware of how to resist fraudsters’ increasingly sophisticated tactics,” according to a blog post on the University of San Diego website. “Recent surveys portray a picture of an industry that sees the writing on the wall but frequently works with the technological equivalent of whiteout,” according to RSA.

Table of Contents

Cybersecurity in the Financial Services Industry

The financial services industry, without a doubt, requires more qualified cybersecurity personnel. The present cybersecurity skills shortage affects all business sectors, but financial services organisations are generally high-profile targets and must be especially attentive when it comes to cybersecurity. Financial firms are subject to an ever-increasing number of cybersecurity rules and regulations as custodians of sensitive client PII. Financial firms are encouraged to contribute significant investment and collaboration to strengthen cybersecurity preparedness, response, and resiliency throughout the sector due to regulatory pressure and the need to safeguard brand reputation.

Financial services firms can be divided into two categories. Those who have been harmed by a cyberattack and those who will be harmed in the future. Financial institutions are finding it increasingly difficult to protect client data, and many have faced multiple breaches.

From 2009 to 2019, some of the most well-known names in the industry were penetrated on many occasions. During this time, American Express and SunTrust Bank were both hacked five times, while Capital One and Discover were both hacked four times.

The average cost per breach in financial services in 2019 was $5.86 million, according to the IBM Security Cost of a Data Breach Report. This is only second to the healthcare business in terms of cost per breach, and it is approximately 1.5 times that of the public sector.

In the financial services industry, hacking and malware are the most common sources of data breaches. Insider threats and unintentional disclosures, on the other hand, are on the rise. Over the next few years, rising cloud adoption is projected to amplify these challenges.

According to industry statistics, 75% of breaches include hacking and malware, 18% involve unintentional exposure, 6% involve insider risks, and 2% involve physical breaches.

Cyberattacks on financial institutions provide minimal direct harm to consumers. Consumers are protected by US federal law, which compels banks to refund clients who tell them within 60 days of an erroneous transaction appearing on their statement, as long as they utilise reasonable procedures to secure their information.

The federal government, on the other hand, provides fewer guarantees to banks. The Financial Stability Oversight Council of the US Department of the Treasury is in charge of monitoring the financial system’s stability. Critics allege that the council isn’t doing enough to prepare for cyberattacks that might jeopardise large banks’ solvency.

Case Study: Cybersecurity and Financial Services

Data security is being impacted by the growing usage of rented cloud data servers. The major data breach suffered by Capital One in 2019 is an example of the security complications brought by using third-party servers in an organization’s computing architecture.

“Authorities allege a Seattle software developer was responsible for the hacking of Capital One and got the personal data of over 100 million people in what seems to be one of the largest breaches of a significant bank in history,” according to a July 2019 Fox News report.

Paige Thompson, 33, was detained in Seattle after strewn about the internet and social networking sites with information regarding the incident. “Thompson blogged on the information sharing site GitHub about her theft of information from the servers hosting Capital One data,” the US Attorney’s Office said on July 29. A misconfigured web application firewall allowed access to the data, allowing the breach to take place. A GitHub user who saw the post informed Capital One to the likelihood of a data breach on July 17, 2019. Capital One alerted the FBI after discovering an unauthorised access to its data on July 19, 2019.”

“A Capital One insider informed Fox News that the 100 million people affected by the attack include every existing customer, every prior customer, and anybody who’s ever applied for a Capital One card,” according to the Fox News storey.

“Data included approximately 140,000 Social Security numbers and approximately 80,000 bank account numbers on US consumers, and roughly 1 million Social Insurance Numbers (SINs) for Canadian credit card customers,” said Brian Krebs, a leading cybersecurity researcher, on his website, KrebsonSecurity.com.

Ray Watson, a cybersecurity researcher at cloud security business Masergy, is quoted by Krebs. “The attacker was a former employee of the web hosting company involved, which is known as insider threats,” Watson explained. “She allegedly obtained privilege escalation by using web application firewall credentials. In addition, comparable data breaches frequently involve the use of Tor and an overseas VPN for obfuscation.”

Thompson worked as a software developer at Amazon at the time of the incident. Capital One’s data was stored on an Amazon-rented server.

When data is hosted on a third-party server, malicious insider conduct, such as this one, is more difficult to regulate. Outsourcing computing infrastructure is cost-effective for financial services companies, as it is for many other businesses. This added complexity puts more pressure on security teams to create solutions that address insider risks while also incorporating their rented cloud infrastructure.

What Makes Cybersecurity Challenging Within the Financial Services Field?

The financial services industry is particularly concerned about cybersecurity because, as the cliché goes, “that’s where the money is.” In today’s world, there are a plethora of complex and clever techniques to defraud others of their money. Still, nothing appeals to the criminal psyche more than electronically diverting funds from someone else’s account into their own.

As the number of attacks rises, regulators take notice and take action to put more pressure on the industry to find solutions. Regulatory and compliance standards are both a huge barrier and the single most essential reason why people trust the financial sector with their money.

Author Ashlyn Burgett points out in an interesting blog article on the KirkpatrickPrice website that the financial industry has been burdened with the following regulatory monitoring in only the last two years, in addition to current cybersecurity laws:

  • New York State Department of Financial Services Cybersecurity Requirements Regulation for Financial Services Companies Part 500 (NY CRR 500) of Title 23.
  • US Securities and Exchange Commission (SEC) issued interpretive cybersecurity guidance.
  • National Cybersecurity Center of Excellence (NCCoE) released the NIST Cybersecurity
  • Practice Guides SP 1800-5, SP 1800-9, and SP 1800-18.
  • 24 US states passed bills or resolutions related to cybersecurity.

In general, third-party vendors play an important role in the financial sector. The industry is nothing more than a mash-up of multiple business partners collaborating to provide the illusion of a unified set of services. The financial services industry faces a significant problem in managing vendor risk. Many smaller organisations perform a variety of business services behind the scenes at every large well-known financial service company. The act of assessing, auditing, and controlling each of these businesses adds to the overall cyber risk.

Consumers are increasingly requesting cashless and frictionless banking services. They want apps that are simple to use while yet being safe. They want to transfer and receive money electronically at the press of a button, but they also want such transactions to be secure. Keeping up with the newest in computer and application security technology can be difficult for financial services businesses, which supports the industry’s demand for highly qualified security personnel.

Cybersecurity Solutions for the Financial Services Industry

The financial sector is struggling to keep up with technological advancements. Legacy systems that would be expensive to change, while inconvenient for clients, could represent a serious threat to financial institutions. Hackers, on the other hand, frequently benefit from new technology that make attacking legacy systems easier.

Many banking organisations, for example, have yet to implement two-factor authentication (2FA). 2FA is most typically implemented by sending a temporary code to a customer’s cell phone, which is required to log into their account. The hacker would require access to both the computer or account credentials as well as the cell phone in this situation. Several banks do not employ two-factor authentication for account access. The most common explanation given is that 2FA is inconvenient for their consumers.

To provide the convenience that customers want, businesses must use cutting-edge computer science technologies. Developers of apps and software are under constant pressure to improve the client experience, and security might fall behind in the development process. To properly maintain a DevSecOps environment where security is shared across all elements of development and operations, security specialists with the latest programming and security capabilities are required.

Companies like Nyotron have developed methodologies to protect against even zero-day exploits, based on the idea that bad actors can use an infinite number of illegitimate or malicious behaviours to attack a target but only a finite number of legitimate activities that should be allowed on financial systems. These new operating system-centric technologies work as a white list of allowed behaviour, preventing any system behaviour that does not follow a prescribed set of functions in a logical order. This strategy guards against behavioural anomalies and, as a result, many cyber-attacks.

Leaders in the financial services industry must accept that hackers will discover ways to exploit flaws. These flaws can be found in computer systems and networks, as well as processes and procedures. Building a technological firewall is only the first line of defence.

Human behaviour is the weakest link in cybersecurity, according to study after study. Cybercriminals use social engineering as a common tactic. For decades, phishing emails have made it possible to download malware. Cybercriminals are increasingly turning to social media platforms to collect information that can be used to groom or exploit workers of financial institutions. Scammers apply pressure to obtain credentials or other sensitive information to allow the installation of harmful software after establishing a connection with or manipulating an employee at the targeted organisation.

Many financial firms believe that forming internal or external penetration teams is beneficial. Exercises with a red team and a blue team can reveal cyber weaknesses while also offering useful training for internal cyber defenders.

Conclusion

The financial industry is targeted on all sides by cybercriminals, second only to healthcare in the hierarchy of most cybersecurity threats. Sensitive data, especially valuable PII, is the lifeblood of this industry. Regulators maintain a close eye on cyber occurrences in this industry and are prepared to impose ever-stricter laws and restrictions. Customers demand a seamless, frictionless, and cashless online and mobile app experience. Financial services, like all industries, is affected by a global cybersecurity skills shortage.

These characteristics combine to create what may be described as a perfect storm of cyber-threat settings. Under the circumstances, this industry should be commended for offering a degree of protection that the majority of customers find acceptable. But how much will it cost? Many people believe that the underlying costs of compliance and resilience will be too expensive for some financial service companies in the long run. If this occurs, only the largest companies will be able to survive, reducing competition in the industry. In the long run, this is bad news for consumers.

This market is primed for innovation that will go beyond the current state of affairs and provide a safer way to conduct financial transactions.

Further reading 

Hands-On Cybersecurity for Finance: Identify vulnerabilities and secure your financial services from security breaches. By Dr. Erdal Ozkaya and Milad Aslaner. A comprehensive guide that will give you hands-on experience to study and overcome financial cyber-threats.

Elementary Information Security. By Richard E. Smith. Elementary Information Security provides a comprehensive yet easy-to-understand introduction to the complex world of cybersecurity and technology.

Third-Party Cyber Risk for Financial Services: Blind Spots, Emerging Issues & Best Practices. Report by BitSight and CeFPRO.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/cybersecurity-in-the-financial-services-industry/

Continue Reading
Blockchain1 hour ago

Michael Burry Warns of the ‘Greatest Speculative Bubble of All Time’

Aviation1 hour ago

Longtime friends make company history as Cougar Helicopters’ 1st all-female flight crew

Aviation1 hour ago

Emirates Now Operates Nearly 90% Of Pre-Pandemic Network

Aviation2 hours ago

JetBlue launches flights to Los Cabos

Aerospace2 hours ago

Op-ed | NOAA is stalling U.S. space traffic management

Aviation2 hours ago

Lufthansa Looks To Repay State Aid

Cleantech2 hours ago

Lincoln Announces 4 New EVs Coming, Audi Halts New Internal Combustion Engine Development

Crowdfunding2 hours ago

UK-based BaaS Fintech 10x Future Technologies Finalizes Oversubscribed $187M Round led by BlackRock, Others

AR/VR2 hours ago

Review: Eternal Starlight

Publications2 hours ago

New Report Finds That Facebook Still Runs Discriminatory Ads

Crowdfunding2 hours ago

Nutmeg Delivers Returns to Crowdfunding Investors, Industry Needs More News Like This

Aviation2 hours ago

Canadian airlines return to Puerto Vallarta after 4-month hiatus

AR/VR2 hours ago

‘ALTDEUS: Beyond Chronos’ Episode Yamato DLC Comes to Quest, Trailer Here

AR/VR2 hours ago

5 VR Headsets Making Headlines in 2021

AR/VR2 hours ago

“Only” a LUT creator

Esports2 hours ago

Mousesports unveils academy CS:GO roster

Aviation2 hours ago

Cathay Pacific Carried Just 774 Passengers Per Day In May

Aviation2 hours ago

Mid-Canada Mod Center Modernizes Falcon 50 Aircraft Flight Deck with Universal Avionics InSight Display System

Esports2 hours ago

LEC power rankings: 2021 Summer Split week one

Esports2 hours ago

3 for 2 deal on some of this year’s top titles like Resident Evil Village, Hades, Marvel’s Spider-Man: Miles Moales and more.

AI2 hours ago

AI-driven hedge fund rules out Bitcoin for lack of ‘fundamentals’

Aviation3 hours ago

Royal Canadian Air Force Foundation to Support Canada’s Future Leaders with Unique Scholarship Program

Aviation3 hours ago

Bombardier Delivers First Global 7500 Aircraft in Indonesia

Energy3 hours ago

Инвертор Solis обеспечивает питание первой углеродно-нейтральной АЗС фирмы Sinopec с BIPV

Cleantech3 hours ago

Kansas City Engages Community To Expand Electric Vehicle Infrastructure

Esports3 hours ago

Pokémon TCG Chilling Reign set now available across the West

Energy3 hours ago

ALYI Publishes EV Rideshare Update With IQST, UN and Revolt Token Highlights

Esports3 hours ago

Pinnacle Cup II to feature $100,000 prize pool; Entropiq, MIBR among invitees

Crowdfunding3 hours ago

Apple to Offer Healthcare

Aviation3 hours ago

The Story Of The Boeing 757

Trending