August 10 2025

« RiskInboXPlus home

Links in “Technology”

  • FFIEC Advisory on Heartbleed Issue

    The FFIEC issued a press release on the heartbleed bug requires FIs and third-party service providers to those FIs to incorporate patches on systems and services, applications, and appliances using OpenSSL and upgrade systems as soon as possible to address the significant vulnerability. [4/11]

  • Heartbleed: Worst Bug Ever?

    Some experts are calling the Heartbleed bug the worst bug ever, in terms of the vastness of its reach and the sensitivity of the information potentially exposed. [4/10]

  • “Unlimited” Withdrawals: 12 Stolen Debit Cards = $40 Million Breach
    “Unlimited” Withdrawals: 12 Stolen Debit Cards = $40 Million Breach

    FFIEC's statements last week take a look at cyber-attacks on ATMs and card authorization and DDoS attacks on websites. In one, hackers targeted ATMs by installing malware that allowed for unlimited withdrawals, beyond the available balance, resulting in $40 million in fraud using only 12 stolen debit accounts. [4/9]

  • Most Common Form of RDC Fraud: Duplicate Presentment
    Most Common Form of RDC Fraud: Duplicate Presentment

    As remote deposit capture grows in popularity among consumers, not just businesses, the most common form of RDC fraud is "duplicate presentment," where the check is deposited via mobile device, then the paper check is deposited in a different bank as well. [4/8]

  • Video-enabled Bank Tellers: The Solution for Rural Markets?

    Via video monitors, human tellers can guide customers through electronic transactions, from establishing identity to accepting stacks of 30 checks. Some see it as a solution to banks retreating from unprofitable rural markets. [4/8]

  • RIP Windows XP, 2001-2014

    Why let Windows XP die and put the banking industry through such an upheaval? Windows XP "was a senior citizen five years ago. It's been on life support since then. It deserves to die with dignity." [4/8]

  • DDoS Attack Hits Core System Provider
    DDoS Attack Hits Core System Provider

    Distributed denial of service attack strikes Ellie Mae, a provider of core operating systems to mortgage originators, for two days last week. Attack comes on the heels of an FFIEC warning to financial institutions about DDoS attacks. [4/7]

  • FDIC Issues Technology Outsourcing Tools

    FDIC promotes three key companion guides to IT Handbook that provide practical ideas for banks to consider when they engage in technology outsourcing including IT provider selection tools, management tools for conducting performance risk of IT providers, and techniques for managing multiple service providers. [4/7]

  • Multi-state Probe of Security Breach at Experian Subsidiary

    Social security numbers of some 200 million people may have been breached. [4/4]

  • FFIEC Releases Statement on ATM Cyber-Attacks
    FFIEC Releases Statement on ATM Cyber-Attacks

    FFIEC issued a statement on risks associated with cyber-attacks on ATMs and card authorization systems as well as the risks from distributed denial of service (DDoS) attacks on public facing websites. They emphasized the need for monitoring, controls, and response management to achieve sufficient readiness. [4/4]

Newer Entries
Older Entries