InfoSecBulletin Cybersecurity for mankind
The European Union’s central bank will perform its first cyber resilience stress test on 109 banks under its supervision in 2024. The test will evaluate the banks’ capacity to handle a cyber-attack successfully, rather than just preventing it.
“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
The ECB evaluated banks’ IT risk management in November 2023 and found little progress in the sector. This announcement follows that evaluation.
It found “serious supervisory concerns that confirm the need to continue on-site inspections in conjunction with tailored discussions between banks and supervisors.”
How Will the Cyber Resilience Stress Test Work?
In the stress test scenario, a cyber-attack will have successfully disrupted the bank’s daily business operations. Supervisors will watch the bank’s response and recovery measures, including their ability to activate emergency procedures and restore normal operations.
Additionally, 28 banks will go through a more detailed evaluation, where they will need to provide additional information about how they dealt with the cyber-attack.
This will also check if there is enough coordination with other supervisory activities. These 28 banks represent various business models and geographies to reflect the euro banking system.
Supervisors will discuss the stress test results and lessons with each bank as part of the 2024 Supervisory Review and Evaluation Process, which evaluates a bank’s risk profile. The main findings will be published in summer 2024.
In October 2023, Lloyd’s of London predicted that a cyber-attack on a major financial services payment system could cause global economic losses of $3.5 trillion.
