11.5 C
London
Sunday, October 22, 2017
Home Tags Barclays

Tag: Barclays

The alleged mastermind behind attacks on Lloyds and Barclays has been extradited back to the UK.
What's the future of cash? Analysis  Today marks the 50th anniversary of the Automated Teller Machine (ATM), the first of which was installed outside Barclays Bank, Enfield Town in north London.…
Fintech company is serving 100m customers of the world’s largest banks including Barclays, BBVA and Deutsche BankBarcelona - 4th May 2017- Strands, a leading provider of personal financial management (PFM) and machine learning solutions for banks, today announced that 500 banks and 100 million banking customers worldwide are using digital banking services powered by the company’s award-winning technology.The company is now active in 87 countries, and serves 500 of the world’s largest banks including; Barclays,... Source: RealWire
Warwickshire, 21 March 2017. Rant & Rave, the customer engagement specialists who work with half of the FTSE including Barclays, Sky and easyJet, has developed a customer feedback integration for Amazon Alexa, Amazon’s cloud-based voice service. For brands using Amazon Alexa, this will transform the way customer feedback is captured, enabling consumers to tell brands what they think of a product or service in real-time. Rant & Rave with Amazon Alexa will sit within a... Source: RealWire
While intercepting traffic from a number of infected machines that showed signs of Remote Admin Tool malware known as HawkEye, we stumbled upon an interesting domain.
It was registered to a command and control server (C2) which held stolen keylog data from HawkEye RAT victims, but was also being used as a one-stop-shop for purchasing hacking goods. WhiteHats on the prowl? Before diving into an analysis of the server, it is worth pointing out some interesting behavior spotted in several of the victims’ stolen accounts.

A group of WhiteHat hackers who call themselves Group Demóstenes were found to be working around the clock, trawling the internet and looking to exfiltrate stolen data from C2 servers. When such a server was found, the group looked for a backdoor that would give them control over the filesystem.

They would then monitor the incoming, stolen data.

Either manually or automatically, they would collect the stolen credentials and send emails to the victims’ accounts.

These emails contained an attachment with proof that the user’s machine has been compromised.
In addition, they advise the user to change passwords immediately and offer to help. Hi *********** Our SERVERS detected information from a server on the US, we don’t even know goverment or another sourse …. we send a file with all your logins and passwords of all your accounts from hxxp://www.p******op[.]biz/*******WE HAVE TESTING IN YOUR PAYPAL ACCOUNT. LOG IN TO YOUR ACCOUNT AND YOU WILL SEE TWO CANCELED BILLING (OUR JOB IS WHITE HAT NO HACK ….
Steal)Seme you verify this information. it’s better thing we hurt all change password on the other computer Because Called Computer Name PC USER-PCLocal Time: 03.10.2016. 18:45:02Installed Language: en-Net Version: 2.0.50727.5485Operating System Platform: Win32NTOperating System Version: 6.1.7601.65536Operating System: Microsoft Windows 7 Home PremiumInternal IP Address: 192.168.0.101External IP Address:Installed Anti virus: Avast AntivirusInstalled Firewall: have a keylogger harm report All That You write, messages, passwords or more. ¿Why we do it?We have a Cause Called Group Demóstenes looking for Ciber attacks and false info.Please Donate by PayPal at h**cg**an@gmail[.]com 5 USD or more, Because this is only our ingress. PLEASE WRITE ME AT THIS MAIL FOR KNOW IF YOU KNOW ABOUT THIS The email above appears in two languages, English and Spanish.

The name of the group appears to be of Portuguese origin, though it is not certain. The shopfront: the command and control servers Scanning for network services which are running on the C2, we discovered that it contains not only a back-end for storing stolen credentials but also a front-end for selling some of them, alongside many other “goods”. Browsing the domain that communicated with the HawkEye RAT samples disclosed a login page.

Given the fact that the server was newly operational, it allowed users to register an account and login to purchase the goods on offer. After registering on the C2 web application, there was no sign of the stolen data transferred from compromised machines.

A forum-like web page opens up once a successful login is being processed. The C2 was meant to securely store the stolen data; however, it contained a crucial vulnerability which allowed researchers to download the stolen data. The C2 owners seem to have added six new Shell scripts on 22 November, just a week before the research started – a further indication of how new the operation is. Another item for sale is scam pages, and some are multilingual.

The attackers also reveal the scope of their victims, noting those who are registered to Amazon, Apple, Netflix and even National Bank of Australia and Barclays.

The listing of the year next to the banking information probably refers to how up-to-date the scam pages are in terms of the bank’s website updates. The attackers have spared no details and have added additional information regarding how one should act when using their services, and who to contact in the Support tab. To purchase goods in the private shop you must deposit money into your account on the website.

The attackers accept Bitcoins, PerfectMoney and WebMoney. Back to the stolen data As we described, HawkEye is a robust keylogger that can hijack keystrokes from any application being opened on the victim’s PC.
It can also identify login events and record the destination, username and password.
It is, however, limited to two-factor authentication and single sign-on. Stolen credentials on the server were found to be holding sensitive access passwords to government, healthcare, banking and payment web applications.

Among them is the following web server which belongs to the Pakistani government. As mentioned, hundreds of machines were found to be compromised by just one C2.

The following is a partial list of what was downloaded from the malicious server. Usually, careless threat actors forget to remove test files which might contain sensitive data.
In this case, we were able to obtain the attackers credentials from one very small file that was captured when searching related strings. Target geography The research is still ongoing and is currently affecting users located in APAC, such as Japan, Thailand and India, as well as parts of Eastern Europe such as Russia and Ukraine.
These breaches ain't bad for business... Bradford-based cyber security consultancy ECSC Group is planning to float on AIM next week (14 December). ECSC is bullish about its prospects, stating that the "recent proliferation of high-profile cyber security breaches affecting some of the world's most largest companies" has made cyber security a strategic issue for company boards. The firm wants to list on AIM in order to pull in investment that will allow it to accelerate its growth. More specially it plans to quadruple its headcount from 50 to 200 by the end of 2018 as well as open an Australian Security Operations Centre to facilitate round-the-clock global manned operations. Since its foundation 16 years ago, ECSC has attracted a raft of blue-chip clients including Barclays. ECSC is proposing to raise approximately £5m through a placing of just under 3 million new shares at a price of 167 pence per share.
If successful, this will give ECSC a market capitalisation of £15m.

The firm claims it is already profitable with annual revenue growth of 16.9 per cent between 2013–2016. Its board of directors on admission to AIM includes Nigel Payne, previously chief exec of Sportingbet plc, as non-executive chairman. ® Sponsored: Customer Identity and Access Management
Press Release Oracle Platinum Partner Certus Solutions [www.certus-solutions.com] has appointed Richard Summerfield as a Non-Executive Director. Richard is currently the Group HR Director at global telecoms provider JT [Jersey Telecom], an Oracle HCM customer of Certus-Solutions since 2015. JT is also currently using Certus-Solutions’ 'engage® Business Support Services’. Richard has over 20 years of corporate HR leadership experience, the last six as a member of JT's management board. Previously, he has worked at Ogier, Standard Bank, Zurich and Barclays. He was also a guest speaker at Oracle Openworld 2015 where he gave a customer view of the implementation of cloud HR products through Certus-Solutions. Richard Summerfield In his Non-Executive capacity, he will be ensuring that the company’s strategic business plans are robust, giving independent advice on senior recruitment and remuneration, and providing the personal ‘insight’ of an HR Cloud implementation customer. Commenting on his appointment, Tim Warner, Chairman (designate) and Chief Operating Officer of Certus Solutions says, “Richard brings with him both huge professional experience along with the unique insight of an Oracle HCM Cloud user. We like to think that the relationship we have built with him and his HR team over the last 18 months, and the quality of the Oracle HCM implementation, were key factors in him taking this new role. Adding Richard to the Board is a key step in defining the next chapter of our growth plans, where having stronger governance, independent advice and healthy challenge to the senior managers is crucial to our future success.” Building on Tim's words, Richard commented, “Certus-Solutions has grown rapidly through its ability to deliver leading edge Cloud solutions to major public and private sector clients alike, myself included.

To protect and nurture future growth, there is a requirement for greater investment in governance, best practice, and independent oversight.
I am delighted to join the Board at such an exciting time to help Certus realise its big ambitions to be a disruptor in the Oracle Cloud technology sector on a global basis”. About Certus SolutionsCertus Solutions is an Oracle® Platinum Partner and Oracle Education Partner.

A leading provider of implementation and business support services for Oracle Cloud based software for ERP, HCM and Payroll.

For more information regarding this press release and Certus Central Government activities please contact Mark Sweeny, Chief Executive Officer at Certus Solutions at mark.sweeny@certus-solutions.com +44 (0) 1483 610 220.
It's only a test Barclays is trialling smartphone cash withdrawals. The UK's first contactless mobile cash service will allow the bank's customers to withdraw up to £100 in-branch, with just a tap of their Android smartphone or contactless debit card.

The technology offers an alternative to traditional cash withdrawals from specially outfitted ATM machines. The service is initially being piloted in the North before rolling out to over 180 Barclays branches in the New Year.
It will be available on more than 600 in-branch machines.

Barclays customers with an Android smartphone or contactless debit card would need to tap their phone/card against the contactless reader before entering their PIN on the machine and withdrawing their cash as normal. The Contactless Cash functionality will only be available on NFC-enabled Android devices that have downloaded the latest version of Barclays Mobile Banking.

The facility is limited to Android smartphones, with iPhone fans left out in the cold.

Apple restricts the use of iPhones' NFC chips to its own Apple Pay facility and there's no hook-in that for third-party apps from banks or anyone else. Barclays claims Contactless Cash offers increased security because it removes the risk of magnetic card skimming and distraction fraud, since a smartphone never needs to leave a customer's hand. In a statement, Ashok Vaswani, chief exec of Barclays UK, said: "Our customers now expect to be able to use their smartphone to make their everyday purchases. We want taking out cash to be just as easy. With Contactless Cash customers can quickly and securely take out money with just a tap of their smartphone – a first for the UK." Cindy Proven, chief strategy and marketing officer at Thales e-Security, cautioned that the security of the system is reliant on making sure customer's smartphones are free of malware. "It's encouraging to see the payments industry continue its commitment to embracing digitalisation to improve efficiency of payments and further reduce the possibility of fraud with ATM withdrawals," Proven said. "However, with risks to mobile payments – such as malware already present on an end-user's device – it is critical that security remains front of mind when developing such innovations." ® Sponsored: Customer Identity and Access Management
It's not like the public will think any worse of you Top techies at British banks are being encouraged to share information about cyberattacks following revelations that the financial sector is under-reporting breaches to regulators. According to the UK's Financial Conduct Authority, only five attacks were reported in 2014, a figure that has soared to 75 so far this year.

But the numbers fail to give the full picture. US regulations oblige banks to disclose breaches, and reporting is more consistent as a result.
In the UK, only breaches that have a material impact need be revealed – something open to interpretation. Jacob Ginsberg, senior director at Echoworx, argued that the EU’s General Data Protection Regulation (GDPR) directive, which comes into force before Brexit, will remove banks’ ability to keep quiet about some security problems. “Articles 31 and 32 of the GDPR would bring EU regulation more in line with US banking regulation, with forced disclosures shoving these conversations out into the open, hopefully to everyone’s benefit,” said Ginsberg, who argues banks could benefit from increased openness and sharing about security problems. “Hackers communicate with each other, they share tools and are constantly learning. With banks unwilling to disclose the attacks they’ve come under, we are missing out on the opportunity to collaborate and learn about what is and isn’t working, which would help us gain useful insights.
In fact, many bank security officers would prefer attacks to be more openly discussed, as they see the obvious value." A security supplier who declined to be named told Reuters: "Banks are dramatically under-reporting attacks, they do what's legally required but out of embarrassment or fear of punishment they aren't giving the whole picture." Attacks on banks linked through the SWIFT banking messaging system have increased concerns about the resilience of UK financial institutions even though hackers seem to be concentrating on attacking banks in the developing world. Mark James, security specialist at ESET, expressed some sympathy for the dilemma banks face. “Financial organisations suffer cyberattacks on a daily basis,” he said. “Reporting every one of those attempts would indeed clog systems with lots of unnecessary information. “However, the problem of course is perceived security, as more and more breaches happen and more malware is being used to target financial systems, then the damage caused when things go wrong can be so great decisions will be made to keep it quiet.” Troels Oerting, group chief information security officer at Barclays and former head of Europol's Cyber Crime Unit, told Reuters that Barclays shares all its relevant information on attacks with regulators. Banks' sharing of information with authorities has improved over recent years, he added.

ESET’s James agreed that sharing information – something senior techies at merchant banks have practiced informally for years – is key to staying ahead of the growing number of threats financial services firms face. “Sharing information enables better defences,” James explained. "It provides authorities and regulators a better understanding of the wider picture and should help investment in the correct placement of funds to combat future attacks “In addition to this, the public have a right to know what a company is doing regarding security and privacy, because only then can they make an informed decision based on facts.”®
Banks are not providing enough details on cyber-attacks in order to downplay security fears, say insiders. By Matthew BroersmaBritish banks are "dramatically under-reporting" computer attacks due to their fear of bad publicity, according to several IT security firms who provide services to them.Staff from five computer security firms that provide services and advice to United Kingdom banks said they have seen first-hand examples of banks choosing not to report security breaches, according to a Reuters report citing unnamed individuals. Law Enforcement Left in the Dark While the banks did not break the law, their reporting practices are overly conservative and mean the public is unaware of the true extent of the risks to which banking IT systems are exposed, the firms said."Banks are dramatically under-reporting attacks, they do what's legally required but out of embarrassment or fear of punishment they aren't giving the whole picture," said one source.Barclays' head of information security, Troels Oerting, who joined the bank in February of last year, said banks' sharing of data with authorities has improved since then and that Barclays provides all relevant information on attacks to regulators. Oerting was previously head of Europol's Cyber Crime Unit.The comments will, however, add to concerns that information-gathering on computer attacks is inadequate, following a National Audit Office (NAO) report last month that found a lack of coordination in government data-gathering on breaches. The government earlier this month opened a National Cyber Security Centre (NCSC) to help centralize computer defenses, including reporting, but the NAO said more reforms would be necessary. Sharp Rise in Attacks British financial institutions reported only five network-based attacks in 2014, rising to 75 so far this year, according to the Financial Conduct Authority (FCA).But IT security experts have said that such figures do not reflect the growing focus on banks and financial institutions by online thieves.They say the growing sophistication of malware such as Odinaff and Carbanak, which target banks and other financial institutions, shows a heavy investment in the coordination, development and deployment of computer attack tools.Investigators looking into the theft of $81 million using the SWIFT payment network said the attack showed a similar level of expertise.Industry observers say that as banks make it ever-easier for their customers to conduct network-based transactions, they present a natural target for online criminals."These attacks require a large amount of hands on involvement, with methodical deployment of a range of lightweight back doors and purpose built tools onto computers of specific interest,” said Symantec in a report on Odinaff earlier this month. "Although difficult to perform, these kinds of attacks on banks can be highly lucrative."
Cheeky pair cuffed after National Crime Agency and Met Police team-up A pair of cybercriminals responsible for laundering millions of pounds stolen using a banking trojan have been sentenced to a combined total of 12 years in prison. Pavel Gincota, 32, and Ion Turcan, 35, are both Moldovan nationals with Romanian citizenship.

The duo made over £2.5m in criminal profits using the banking trojan Dridex, the National Crime Agency and London's Metropolitan Police Service revealed. The pair were charged with conspiracy to possess false identification and conspiracy to launder money, while Gincota was also charged with a separate money laundering offence in relation to a cyber fraud in Germany in 2012, in which the victim lost €25,000. Both Gincota and Turcan pleaded guilty to all of the charges against them, and were sentenced yesterday at the Old Bailey to five years and eight months and seven years respectively. Over a two-year period the pair “funded a luxury lifestyle” with their ill-gotten gains, garnered from over 220 bank accounts which they had accessed after infecting their victim's machines. According to Court News UK (behind paywall), the investigation into the pair began in June 2015 "after more than half a million pounds was stolen from a medical research company and laundered through a series of Barclays accounts." They were reportedly already under investigation by the National Crime Agency when they were arrested by the Met in February 2015 for being in possession of multiple false identity documents.

During a search of their home in Yiewsley, West Drayton, the cops seized further fraudulent documents and several electronic devices. Forensic examination of these devices by the NCA's National Cyber Crime Unit (NCCU) confirmed that a laptop belonging to Gincota had been used to control the bank accounts through which the money was laundered. Steve Brown, senior investigating officer at the NCCU said: “Pavel Gincota and Ion Turcan were serial money launderers who processed millions of pounds worth of stolen money through hundreds of bank accounts to fund their lifestyles. “Those involved in the most serious types of organised crime depend on the services provided by money launderers like Gincota and Turcan to hide their criminal profits,” added Brown. He continued: “The NCA will continue to work closely with our partners to prevent organised criminals from accessing the proceeds of their crimes and to bring them to justice.” ®
Gov.UK missing out on the real value? We're shocked, we tell you...
Shocked! Analysis It is a truth universally acknowledged that executives in the financial sector are capable of making the most exciting innovations boring, and in this respect their approach to the blockchain has been exemplary. During 2008's financial crash, a nine-page paper titled Bitcoin: A Peer-to-Peer Electronic Cash System [PDF] was published to the cryptography and policy mailing list at metzdowd. The paper, attributed to Satoshi Nakamoto, offered cypherpunks and anarcho-capitalists a chance to realise their fantasy of a decentralised digital money; in practice, fiat currency backed not by government but by cryptography and collective consent. You know this story: it was going to change the world, and then it wasn't, and around the time bankers realised it wasn't going to change anything they struck upon the notion of getting it to work for them - though with very little idea how. According to Gartner's hype-cycle, this sets blockchain technology near the peak of inflated expectations at the moment, ahead of 4D printing (What? - Ed) but behind virtual reality. Speaking to The Register, fintech consulant Diana Biggs said it seemed "pretty evident that blockchain is very hyped at the moment" and noted a "marked change" from even two years ago, "when no financial institution or professional services firm would speak about it openly." A lot of the discussion (or hype) in the space is also quite surface level, outside of specialist circles, which I would attribute to a number of factors, including the early stage of the technology, the complexity and a lack of understanding [about the technology itself.] Late last week, almost eight years after the Bitcoin paper's publication, Rupert Scofield admitted to The Register over a breakfast briefing in Soho that he really didn't understand what the blockchain was, nor its relationship to Bitcoin, but he believed it was important for fintech companies to look into it. Scofield, the president of Finca International — a microfinance business which seeks to make small loans to businesses in the developing world — is not the first person to be as bewildered at what the business case for the blockchain is as he was excited one could be found. Blockbuster cool Earlier this year, even Blighty's Chief Scientist could be caught advocating that a GDS-built blockchain in the UK could help Her Majesty's Government “collect taxes, deliver benefits, issue passports, record land registries, assure the supply chain of goods and generally ensure the integrity of government records and services.” Sir Mark Walport's 88-page report made little mention of how this would actually be of greater business value for the cited use-cases than a simple transactional database.

Even Scofield's notion of using the blockchain for Finca's “back room” would be obviously better handled by MySQL – something the CEO acknowledged. Yet the hype regarding the blockchain remains. Earlier this year, London-based fintech company GovCoin Systems partnered with Barclays, RWE npower and University College London to trial blockchain tech for the Department for Work and Pensions (DWP).

This trial was subsequently slammed by the Open Data Institute, although it did so on privacy grounds. Painfully slow and expensive? We must have it A more pointed criticism, however, may be the unsuitability of the blockchain to store or process payments at all, because it is very slow and very expensive.
In recording every Bitcoin transaction that has ever occurred, forever, it is meeting the business necessity of establishing trust and user belief in that digital currency. The blockchain prevents double-spending in digital currencies by ensuring that everyone knows where every Bitcoin is all of the time.

Transactions of Bitcoin take place by updating the blockchain so everyone knows that the Bitcoin in question is located somewhere new, with cryptographic hash values computed to validate its location. While this novel method of preventing double-spending has been applauded, the protocol regarding the distribution of information along the blockchain also limits transactions to seven per second.

Compared with the thousands of transactions per second conducted by the payments company VISA, this is crippling quality for. Suggestions for increasing the speed of Bitcoin transactions are regular subjects of debate in the Bitcoin community, but there may always be a critical limit to the speed of transactions as a product of the blockchain's trust requirements. As there is no need to require so much trust from the DWP or any other government department, these transaction limits may be improved — but when trust isn't an issue, the business value of a distributed ledger also seems to evaporate. A statement emailed to The Register after Friday's breakfast briefing with Finca, and attributed to Scofield, accepted that “the financial sector has not properly come to terms with the opportunities that blockchain might present to businesses, and financial institutions need to put a lot more energy into bringing in experts who can make sense of the business case in a rational and sensible way.” A blockchain advisor at Secure Trading, Mustafa Al-Bassam, who is also a doctoral researcher at UCL, told The Register that “sometimes industry receives investment because investors are excited by the buzzwords, despite the fact that blockchain might be incompatible with what they want". Al-Bassam added, “There is large amount of interesting innovation happening in Industry with blockchain and smart contract technology. “For instance, some companies have been looking at smart contracts for financial instruments such as loans, or using a blockchain for inter-bank settlement.

These use cases could be more economically efficient than traditional approaches by removing administration costs or middlemen that take a fee. “Apart from financial use cases of this technology, there are also use cases for internet security,” he said. “For example, the transparency property of distributed ledgers make it quite useful for certificate transparency to make rogue certificates easily detectable.” Not that this has stopped the big corporations from having a go, with Microsoft offering a blockchain-as-a-service product on Azure, and IBM open-sourcing its own blockchain code earlier this year too. Earlier this year, Gartner fellow Ray Valdes told The Register that 2016 was “the year of pointless blockchain projects.” He added that IBM and Microsoft's blockchain-as-a-service efforts were confusing and missed the business-case yet again.

Centralised blockchain hubs defeated the trust problem that the blockchain was invented to solve. Valdes said it was futile trying to pick winners in today's saturated blockchain hypezone because the zone was at a stage similar to that of the web in 1995, back when the first wave of innovators started to build services and win millions of customers. Potential use-cases exist, as Al-Bassam noted, but they don't seem to be on the market yet. Biggs told The Register that her personal opinion was that "there is exciting potential for this technology, but perhaps not in the ways most people think.

And ultimately, new or old technology, it will all come down to business processes, policy and regulation to define what changes and benefits we will get out of this." She added: "In terms of a new underlying protocol, that will also depend on consensus and adoption, and to a much greater extent than in the early days of the internet as we are today more cognisant of the enormity of the potential impact of such technologies and thus more committed to trying to get it right." ®