Home Tags Barclays

Tag: Barclays

Six years's porridge.

Dridex not a laundry soap btw; it's a Trojan An employee of Barclays Bank who laundered thousands of pounds on behalf of Moldovan cybercriminals was sentenced to six years and four months in prison yesterday.…
It's 2017: Is the splinternet nearer than ever? Analysis  Barclays has stopped offering free Kaspersky Lab products to new users in a move that shows, like Best Buy, commercial firms can be swayed by governmental stances on dealing with the Russian sof...
As NCSC warns on Russian antivirus, Barclays Bank ends offer of free Kaspersky Lab security software for customers.
The alleged mastermind behind attacks on Lloyds and Barclays has been extradited back to the UK.
What's the future of cash? Analysis  Today marks the 50th anniversary of the Automated Teller Machine (ATM), the first of which was installed outside Barclays Bank, Enfield Town in north London.…
Fintech company is serving 100m customers of the world’s largest banks including Barclays, BBVA and Deutsche BankBarcelona - 4th May 2017- Strands, a leading provider of personal financial management (PFM) and machine learning solutions for banks, today announced that 500 banks and 100 million banking customers worldwide are using digital banking services powered by the company’s award-winning technology.The company is now active in 87 countries, and serves 500 of the world’s largest banks including; Barclays,... Source: RealWire
Warwickshire, 21 March 2017. Rant & Rave, the customer engagement specialists who work with half of the FTSE including Barclays, Sky and easyJet, has developed a customer feedback integration for Amazon Alexa, Amazon’s cloud-based voice service. For brands using Amazon Alexa, this will transform the way customer feedback is captured, enabling consumers to tell brands what they think of a product or service in real-time. Rant & Rave with Amazon Alexa will sit within a... Source: RealWire
While intercepting traffic from a number of infected machines that showed signs of Remote Admin Tool malware known as HawkEye, we stumbled upon an interesting domain.
It was registered to a command and control server (C2) which held stolen keylog data from HawkEye RAT victims, but was also being used as a one-stop-shop for purchasing hacking goods. WhiteHats on the prowl? Before diving into an analysis of the server, it is worth pointing out some interesting behavior spotted in several of the victims’ stolen accounts.

A group of WhiteHat hackers who call themselves Group Demóstenes were found to be working around the clock, trawling the internet and looking to exfiltrate stolen data from C2 servers. When such a server was found, the group looked for a backdoor that would give them control over the filesystem.

They would then monitor the incoming, stolen data.

Either manually or automatically, they would collect the stolen credentials and send emails to the victims’ accounts.

These emails contained an attachment with proof that the user’s machine has been compromised.
In addition, they advise the user to change passwords immediately and offer to help. Hi *********** Our SERVERS detected information from a server on the US, we don’t even know goverment or another sourse …. we send a file with all your logins and passwords of all your accounts from hxxp://www.p******op[.]biz/*******WE HAVE TESTING IN YOUR PAYPAL ACCOUNT. LOG IN TO YOUR ACCOUNT AND YOU WILL SEE TWO CANCELED BILLING (OUR JOB IS WHITE HAT NO HACK ….
Steal)Seme you verify this information. it’s better thing we hurt all change password on the other computer Because Called Computer Name PC USER-PCLocal Time: 03.10.2016. 18:45:02Installed Language: en-Net Version: 2.0.50727.5485Operating System Platform: Win32NTOperating System Version: 6.1.7601.65536Operating System: Microsoft Windows 7 Home PremiumInternal IP Address: IP Address:Installed Anti virus: Avast AntivirusInstalled Firewall: have a keylogger harm report All That You write, messages, passwords or more. ¿Why we do it?We have a Cause Called Group Demóstenes looking for Ciber attacks and false info.Please Donate by PayPal at h**cg**an@gmail[.]com 5 USD or more, Because this is only our ingress. PLEASE WRITE ME AT THIS MAIL FOR KNOW IF YOU KNOW ABOUT THIS The email above appears in two languages, English and Spanish.

The name of the group appears to be of Portuguese origin, though it is not certain. The shopfront: the command and control servers Scanning for network services which are running on the C2, we discovered that it contains not only a back-end for storing stolen credentials but also a front-end for selling some of them, alongside many other “goods”. Browsing the domain that communicated with the HawkEye RAT samples disclosed a login page.

Given the fact that the server was newly operational, it allowed users to register an account and login to purchase the goods on offer. After registering on the C2 web application, there was no sign of the stolen data transferred from compromised machines.

A forum-like web page opens up once a successful login is being processed. The C2 was meant to securely store the stolen data; however, it contained a crucial vulnerability which allowed researchers to download the stolen data. The C2 owners seem to have added six new Shell scripts on 22 November, just a week before the research started – a further indication of how new the operation is. Another item for sale is scam pages, and some are multilingual.

The attackers also reveal the scope of their victims, noting those who are registered to Amazon, Apple, Netflix and even National Bank of Australia and Barclays.

The listing of the year next to the banking information probably refers to how up-to-date the scam pages are in terms of the bank’s website updates. The attackers have spared no details and have added additional information regarding how one should act when using their services, and who to contact in the Support tab. To purchase goods in the private shop you must deposit money into your account on the website.

The attackers accept Bitcoins, PerfectMoney and WebMoney. Back to the stolen data As we described, HawkEye is a robust keylogger that can hijack keystrokes from any application being opened on the victim’s PC.
It can also identify login events and record the destination, username and password.
It is, however, limited to two-factor authentication and single sign-on. Stolen credentials on the server were found to be holding sensitive access passwords to government, healthcare, banking and payment web applications.

Among them is the following web server which belongs to the Pakistani government. As mentioned, hundreds of machines were found to be compromised by just one C2.

The following is a partial list of what was downloaded from the malicious server. Usually, careless threat actors forget to remove test files which might contain sensitive data.
In this case, we were able to obtain the attackers credentials from one very small file that was captured when searching related strings. Target geography The research is still ongoing and is currently affecting users located in APAC, such as Japan, Thailand and India, as well as parts of Eastern Europe such as Russia and Ukraine.
These breaches ain't bad for business... Bradford-based cyber security consultancy ECSC Group is planning to float on AIM next week (14 December). ECSC is bullish about its prospects, stating that the "recent proliferation of high-profile cyber security breaches affecting some of the world's most largest companies" has made cyber security a strategic issue for company boards. The firm wants to list on AIM in order to pull in investment that will allow it to accelerate its growth. More specially it plans to quadruple its headcount from 50 to 200 by the end of 2018 as well as open an Australian Security Operations Centre to facilitate round-the-clock global manned operations. Since its foundation 16 years ago, ECSC has attracted a raft of blue-chip clients including Barclays. ECSC is proposing to raise approximately £5m through a placing of just under 3 million new shares at a price of 167 pence per share.
If successful, this will give ECSC a market capitalisation of £15m.

The firm claims it is already profitable with annual revenue growth of 16.9 per cent between 2013–2016. Its board of directors on admission to AIM includes Nigel Payne, previously chief exec of Sportingbet plc, as non-executive chairman. ® Sponsored: Customer Identity and Access Management
Press Release Oracle Platinum Partner Certus Solutions [www.certus-solutions.com] has appointed Richard Summerfield as a Non-Executive Director. Richard is currently the Group HR Director at global telecoms provider JT [Jersey Telecom], an Oracle HCM customer of Certus-Solutions since 2015. JT is also currently using Certus-Solutions’ 'engage® Business Support Services’. Richard has over 20 years of corporate HR leadership experience, the last six as a member of JT's management board. Previously, he has worked at Ogier, Standard Bank, Zurich and Barclays. He was also a guest speaker at Oracle Openworld 2015 where he gave a customer view of the implementation of cloud HR products through Certus-Solutions. Richard Summerfield In his Non-Executive capacity, he will be ensuring that the company’s strategic business plans are robust, giving independent advice on senior recruitment and remuneration, and providing the personal ‘insight’ of an HR Cloud implementation customer. Commenting on his appointment, Tim Warner, Chairman (designate) and Chief Operating Officer of Certus Solutions says, “Richard brings with him both huge professional experience along with the unique insight of an Oracle HCM Cloud user. We like to think that the relationship we have built with him and his HR team over the last 18 months, and the quality of the Oracle HCM implementation, were key factors in him taking this new role. Adding Richard to the Board is a key step in defining the next chapter of our growth plans, where having stronger governance, independent advice and healthy challenge to the senior managers is crucial to our future success.” Building on Tim's words, Richard commented, “Certus-Solutions has grown rapidly through its ability to deliver leading edge Cloud solutions to major public and private sector clients alike, myself included.

To protect and nurture future growth, there is a requirement for greater investment in governance, best practice, and independent oversight.
I am delighted to join the Board at such an exciting time to help Certus realise its big ambitions to be a disruptor in the Oracle Cloud technology sector on a global basis”. About Certus SolutionsCertus Solutions is an Oracle® Platinum Partner and Oracle Education Partner.

A leading provider of implementation and business support services for Oracle Cloud based software for ERP, HCM and Payroll.

For more information regarding this press release and Certus Central Government activities please contact Mark Sweeny, Chief Executive Officer at Certus Solutions at mark.sweeny@certus-solutions.com +44 (0) 1483 610 220.
It's only a test Barclays is trialling smartphone cash withdrawals. The UK's first contactless mobile cash service will allow the bank's customers to withdraw up to £100 in-branch, with just a tap of their Android smartphone or contactless debit card.

The technology offers an alternative to traditional cash withdrawals from specially outfitted ATM machines. The service is initially being piloted in the North before rolling out to over 180 Barclays branches in the New Year.
It will be available on more than 600 in-branch machines.

Barclays customers with an Android smartphone or contactless debit card would need to tap their phone/card against the contactless reader before entering their PIN on the machine and withdrawing their cash as normal. The Contactless Cash functionality will only be available on NFC-enabled Android devices that have downloaded the latest version of Barclays Mobile Banking.

The facility is limited to Android smartphones, with iPhone fans left out in the cold.

Apple restricts the use of iPhones' NFC chips to its own Apple Pay facility and there's no hook-in that for third-party apps from banks or anyone else. Barclays claims Contactless Cash offers increased security because it removes the risk of magnetic card skimming and distraction fraud, since a smartphone never needs to leave a customer's hand. In a statement, Ashok Vaswani, chief exec of Barclays UK, said: "Our customers now expect to be able to use their smartphone to make their everyday purchases. We want taking out cash to be just as easy. With Contactless Cash customers can quickly and securely take out money with just a tap of their smartphone – a first for the UK." Cindy Proven, chief strategy and marketing officer at Thales e-Security, cautioned that the security of the system is reliant on making sure customer's smartphones are free of malware. "It's encouraging to see the payments industry continue its commitment to embracing digitalisation to improve efficiency of payments and further reduce the possibility of fraud with ATM withdrawals," Proven said. "However, with risks to mobile payments – such as malware already present on an end-user's device – it is critical that security remains front of mind when developing such innovations." ® Sponsored: Customer Identity and Access Management