Finance & Banking, Fraud Management & Cybercrime, Fraud Risk Management Limited Advances in Mandating Customer Compensation for Financial Scams Suparna Goswami (gsuparna) • December 26, 2025 Ken Palla, Fraud Expert and Former Director at MUFG Bank In 2025, financial scams and synthetic identity fraud persisted with little indication of decline,…
On December 25, coinciding with global Christmas celebrations, the Everest ransomware group released a statement on its dark web leak site alleging a breach of Chrysler systems, a prominent American automobile manufacturer. The group claims to have extracted a staggering 1,088 GB (over 1 TB) of data, which they characterize…
Recent cybersecurity alerts highlight the exploitation of a critical vulnerability in Citrix NetScaler application delivery control (ADC) and Gateway appliances by numerous threat actors, including affiliates of the notorious LockBit ransomware group. This new wave of attacks takes advantage of CVE-2023-4966, a severe flaw that has allowed adversaries to infiltrate…
Emotet Malware Adopts New Wi-Fi Hacking Methodology Emotet, an infamous trojan responsible for numerous botnet-driven spam campaigns and ransomware attacks, has evolved its attack techniques by exploiting already infected devices to identify new victims connected to nearby Wi-Fi networks. Researchers at Binary Defense have identified a new strain of Emotet…
In one of the most significant data breaches in modern history, Yahoo has revised the estimated number of compromised accounts from 1 billion to an astonishing 3 billion. This information comes in the wake of an investigation following Verizon’s acquisition of Yahoo and indicates a breach that affected every account…
In the evolving landscape of healthcare, the surge of mergers and acquisitions (M&A) presents heightened vulnerabilities in cybersecurity and data privacy for both buyers and sellers, according to attorney Jonian Rafti from Proskauer. He emphasizes that while entities are often focused on financial gains, they must also be acutely aware…
On December 26, 2025, Turkey’s National Intelligence Organization (MIT) initiated a significant operation resulting in the apprehension of four individuals implicated in cyber espionage. These suspects are accused of unlawfully accessing sensitive information from various public institutions, amplifying concerns over rising cybersecurity threats aimed at government databases in light of…
A recent cybersecurity incident involving a North Korean state-sponsored group known as Diamond Sleet has emerged as a significant threat to businesses. This group has been distributing a compromised version of a legitimate application developed by the Taiwanese company CyberLink, leveraging a supply chain attack to target downstream customers. According…
The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security has issued a critical warning concerning a new ransomware threat targeting various industries associated with critical infrastructure. This advisory was prompted by a recent cyberattack that impacted a natural gas compression facility through a spear-phishing incident,…
