Security Threat Alert - Windows 7 and older version security threats
intelligence from US National Security Agency
(NSA) published on 5th June 2019 revealed that various versions of old windows Operating Systems including Windows7 are highly susceptible to malware (Bluekeep) and ransomware attack. Hence Organizations across the globe are being warned and advised to urgently upgrade to more recent secure OS.
that concerned stakeholders that manages the organization’s IT infrastructures,
computers systems especially servers and Automated Teller Machines (ATMs) should
ensure that they are upgraded to a more recent compatible and secured version.
The required security patches and antivirus updates are applied on all Windows
Operating System accordingly.
Advisory - Threat Intelligence Keyboard Smash Testing Scheme
intelligence has identified a common criminal scheme affecting North American
acquirers and merchants recently. According to Visa Payment Fraud Disruption
(PFD), this scheme has been operational since January 2019 and involves testing
activity using numerous Card Acceptor IDs (CAIDS) ----- Please see the detail
in the attached CBN circular dated June
- Global security intelligence/threat
updates revealed that;
- 5,432 cards were stolen between 20th May 2019 and 26th May
2019 from various financial institutions across the globe including Alpha,
Arizona, American Express, Bankcomer, Banco, Bradesco, Bank of America,
Bank of Scotland, Barclays, Chase, Citi, Capital One, DBS, Gold, HSBC, ITAU,
Metabank, Santander, Unicred, Wells Fargo etc.
- 9,093 cards were stolen between 9th May 2019 and 13th
May2019 from various financial institutions across the globe including Banco, Bradesco, Bank of America, ITAU, HSBC,
American Express, Barclays, ABSA, Well Fargo, CHASE BANK USA, Unicred.
Metabank, Citi etc.
We recommend that
all financial organizations should ensure that the card data environment (CDE)
are monitored and protected against unauthorised access and transfer of data.
They should adhere with the PCIDSS framework and secure the entire network from
hacking and cyber-attack.