Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

UK Fintech company Finastra hit by a cyber attack

The financial technology firm Finastra announced it has suffered a ransomware attack that took down its some of its systems. Finastra, the UK leading financial technology provider, announced that some of its servers were shut down in response to a ransomware attack that the company detected. Finastra provides financial software and services to more than 9,000 customers […]

Finastra

The financial technology firm Finastra announced it has suffered a ransomware attack that took down its some of its systems.

Finastra, the UK leading financial technology provider, announced that some of its servers were shut down in response to a ransomware attack that the company detected.

Finastra provides financial software and services to more than 9,000 customers worldwide, it has over 10,000 employees and $1.9 billion in revenues.

The company did not disclose details of the attack, it only announced to have detected an anomalous activity on its systems.

Cybersecurity blogger Brian Krebs reported that the company suffered a security breach that led to the disruption of some services. Krebs said the company’s response to the incident suggests that it was a ransomware attack.

“Earlier today, our teams learned of potentially anomalous activity on our systems. Upon learning of the situation, we engaged an independent, leading forensic firm to investigate the scope of the incident. Out of an abundance of caution and to safeguard our systems, we immediately acted to voluntarily take a number of our servers offline while we continue to investigate.” reads the data breach notification published by the company.

“At this time, we strongly believe that the incident was the result of a ransomware attack and do not have any evidence that customer or employee data was accessed or exfiltrated, nor do we believe our clients’ networks were impacted.”

The company immediately started the activities to resolve the problem and launched an internal investigation. Finastra also engaged a leading forensic firm to investigate the extent of the incident. The company also informed the relevant authorities and impacted customers.

“Following Friday’s incident, and detection of potentially anomalous activity in our systems, we have successfully contained the threat. At this time, we do not have any evidence that customer or employee data was accessed or exfiltrated.” reads an update provided today. “Remediation work is continuing around the clock, and Finastra aims to restart production in a controlled manner as soon as is safe to do so. We will keep you fully informed as we progress.”

Experts from cyber-security firm Bad Packets speculate attackers might have exploited the CVE-2019-11510 vulnerability to compromise unpatched Pulse Secure VPN servers at the Fintech firm. 

https://twitter.com/bad_packets/status/1241057036168646656

Bad Packets revealed that at least until January 11, 2020, four Citrix vulnerable servers were exposed online.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Finastra, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]