. home.aspx



Legit tools exploited in bank heists

May 22, 2018 / Warwick Ashford

Cyber criminals attacking the finance and other industry sector are continuing to exploit legitimate administration tools to hide their activities, highlighting the need for threat hunting, a report reveals. Common IT administration tools are being hijacked to act as invisibility cloaks for cyber criminals targeting financial institutions, according to a report by security firm Carbon Black. The report is based on a survey of CISOs at 40 financial institutions and notes that cyber attacks against financial institutions are most often conducted for the purpose of yielding illicit financial gain and are typically undetectable, global and instantaneous. During the past three years, the report said researchers have seen a tremendous amount of innovation from cyber criminals, with marked evolution in attack methods in the past six months. “Cyber criminals are leveraging new techniques, tactics and procedures (TTPs) specific to maintaining persistence and countering incident response,&...