fiserv – Computer Security Articles

A week in security (April 29 – May 5)

May 6, 2019 admin Electrum, Europol, Facebook, fiserv, git, healthcare, jenkins, mirrorthief, Mozilla, NIST, Security world, sextortion, Wall Street Market, Week in security

Credit to Author: Malwarebytes Labs| Date: Mon, 06 May 2019 15:21:13 +0000

A roundup of security news from April 29 – May 5, covering Electrum botnet, Wall Street Market takedown, privacy news, and the state of cryptojacking.

Categories:

Tags: Electrum europol facebook fiserv git healthcare jenkins mirrorthief mozilla NIST sextortion Wall Street Market

(Read more…)

The post A week in security (April 29 – May 5) appeared first on Malwarebytes Labs.

Independent Krebs

Credit Union Sues Fintech Giant Fiserv Over Security Claims

May 3, 2019 admin A Little Sunshine, American Banker, Ann Cave, Bessemer System Federal Credit Union, Charles Nerko, fiserv, Paul Schaus, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 03 May 2019 14:30:36 +0000

A Pennsylvania credit union is suing financial industry technology giant Fiserv, alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. The credit union said the investigation that fueled the lawsuit was prompted by a 2018 KrebsOnSecurity report about a glaring security weakness a Fiserv platform that exposed personal and financial details of customers across hundreds of bank Web sites.

Independent Krebs

Fiserv Flaw Exposed Customer Data at Hundreds of Banks

August 28, 2018 admin Aite Group, Allen Weinberg, data breaches, fiserv, Glenbrook Partners, Julie Conroy, Kristian Erik Hermansen, secureinternetbank.com, The Coming Storm

Credit to Author: BrianKrebs| Date: Tue, 28 Aug 2018 13:27:55 +0000

Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned.

Independent Krebs

What Is Your Bank’s Security Banking On?

March 6, 2018 admin A Little Sunshine, Associated Bank, Brent Hoeft, Columbia Bank, Customers Bank, FIS, fiserv, Jack Henry, Joe Smits, My Credit Union, The Coming Storm, United Airlines

Credit to Author: BrianKrebs| Date: Tue, 06 Mar 2018 21:24:17 +0000

A large number of banks, credit unions and other financial institutions just pushed customers onto new e-banking platforms that asked them to reset their account passwords by entering a username plus some other static identifier — such as the first six digits of their Social Security number, or a mix of partial SSN, date of birth or surname. Here’s a closer look at what may be going on (spoiler: small, regional banks and credit unions have grown far too reliant on the whims of just a few major online banking platform providers). You might think it odd that any self-respecting financial institution would seek to authenticate customers via static data like partial SSN for passwords, and you’d be justified for thinking that, too. Nobody has any business using these static identifiers for authentication because it’s all for sale on most Americans quite easily and cheaply in the cybercrime underground. The Equifax breach might have “refreshed” some of those data stores for identity thieves, but most U.S. adults have had their static details on sale for years now. On Feb. 16, KrebsOnSecurity reader Brent Hoeft shared a copy of an email he’d just received from his financial institution Associated Bank, which at $30+ billion in assets happens to be Wisconsin’s largest by asset size.