VB Migration

Tag: banking

  • VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

    Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the most prevalent banking trojans of the moment, so while the arrest might not have a significant impact on cybercrime overall, it is good news: it sends the important message…

  • VB2016 video: Neverquest: Crime as a Service and On the Hunt for the Big Bucks

    Earlier this month, Spanish police officers arrested a Russian national on suspicion of creating the Neverquest banking trojan. Neverquest, also known as Vawtrak, is one of the most prevalent banking trojans of the moment, so while the arrest might not have a significant impact on cybercrime overall, it is good news: it sends the important message…

  • VB2016 paper: Modern attacks on Russian financial institutions

    Today, we publish the VB2016 paper “Modern attacks on Russian financial institutions” ( here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton Cherepanov. In it, they look at a number of groups that have performed sophisticated attacks against a number of Russian financial institutions. The work of these…

  • VB2016 paper: Modern attacks on Russian financial institutions

    Today, we publish the VB2016 paper “Modern attacks on Russian financial institutions” ( here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton Cherepanov. In it, they look at a number of groups that have performed sophisticated attacks against a number of Russian financial institutions. The work of these…

  • When it comes to online banking, sub-optimal encryption isn’t our biggest concern

    Malware authors and scammers won’t attack the crypto. Under the headline “no zero-day necessary”, Xiphos has published a rather scary blog post on the state of SSL security within the UK’s finance industry. It concludes that more than 50% of UK-owned retail banks have weak SSL implementations on their online banking sites, with 14% of…

  • VB2015 video: Making a dent in Russian mobile banking phishing

    Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks. In the last few years, mobile malware has evolved from a mostly theoretical threat to a very serious one that affects many users. Indeed, several talks at VB2015 dealt with various aspects of mobile security in general and that…

  • POODLE is the brown M&Ms of security

    Just because it won’t be exploited, doesn’t mean you shouldn’t patch it. There is a famous story about the rock band Van Halen whose lists of requirements when performing a show included some M&Ms — but “absolutely no brown ones”. The story is true and has little to do with childish rock star behaviour. The…

  • Does it matter if my banking password is ‘Prague’?

    Users do choose weak passwords, but they aren’t as big a problem as we think. This week, I spent a few days at the Cyber Security Summit Financial Services conference in Prague, discussing the state of security with people who work in the financial sector. Unsurprisingly, a common topic of discussion was that group of…

  • Box-ticking mentality leads to insecurity

    Credit card company fails to understand how authentication works. Security experts often bemoan a ‘box-ticking’ mentality and argue that in many cases ticking boxes doesn’t address the real issues. In some cases, it can even make things less secure. Yesterday I received a call from what was probably my credit card company. The caller asked…

  • Dutch citizens keep extra cash at hand following DDoS attacks

    Month-long attacks had significant impact. 25% of Dutch citizens have followed advice to keep extra cash at home, following a recent spate of DDoS attacks on Dutch banks. At the beginning of April, customers of Dutch bank ING reported that the balance of their online bank account wasn’t what they expected it to be, with…