OPP A.I CyberSecurity Scoring
15/01/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for Online Payment Platform in 2026.
No incidents recorded for Online Payment Platform in 2026.
No incidents recorded for Online Payment Platform in 2026.
Shriram Finance is the country’s biggest retail NBFC offering credit solutions for commercial vehicles, two-wheeler loans, car loans, home loans, gold loans, personal and small business loans. We are part of the 50-year-old Shriram Group, a financial conglomerate that has emerged as a trusted partner in creating transformative experiences and lasting impressions in customers’ lives. In November 2022, Shriram Group’s entities – Shriram Transport Finance Company Limited, Shriram City Union Finance Limited , and Shriram Capital Limited – merged to form Shriram Finance Limited . As on September 30, 2024, with a network of 3,149 branches and a workforce of more than 77,764, Shriram Finance has combined Assets Under Management (AUM) worth ₹243,042 crores.
Our heritage, since founding a civil law notary practice in the 1940s to establishing the Curacao International Trust Company in the 1960s, is built on challenging paradigms and delivering exceptional service within the financial and professional services industry. Today, we continue to pioneer award-winning services and technology solutions that meet ever changing markets. A commitment to investing in people, and proprietary technologies, has resulted in our reputation as the industry’s preeminent service provider, reassuring clients that their critical administration functions are in safe hands. Our thought leadership and ability to quickly navigate complex change means our clients can depend on us as trusted advisors to make informed decisions in response to market conditions. Our Divisions Citco Fund Services & Investor Relations CFS is the global leader in services for the alternative investment industry. With over 2,000 funds under administration and net assets exceeding $840 billion, we provide full service fund administration, fund accounting, net asset value calculations, investor relations, and more. Governance Services Leveraging our extensive global office network Citco Governance Services provides customised solutions, including corporate and global subsidiary governance, secretarial services, financial accounting and reporting, tax and audit liaison, and market entry services. Banking, Depositary & Custody Services Citco Banks operate in strategic financial centres and provide Institutional and Fund of Funds clients access to the funds universe through multiple communication and online real-time global funds platforms. Citco Technology Management Through our eight global development centres, Citco Technology Management provides secure infrastructures and develops award-winning technology products that underpin our commitment to service excellence.
We are here. So you can stay ahead. For nearly two hundred years we have acquired and shared knowledge, developed global networks and adapted to modern everyday life. To us, it is important to combine profitability with responsibility. DNB is Norway's largest financial services group and one of the largest in the Nordic region in terms of market capitalisation. The Group offers a full range of financial services, including loans, savings, advisory services, insurance and pension products for retail and corporate customers. DNB’s bank branches in Norway, in-store postal and banking outlets, Post office counters, Internet banking, mobile services and international offices ensure that we are present where our customers are. We are a major operator in a number of industries, for which we also have a Nordic or international strategy. DNB is one of the world’s leading shipping banks and has a strong position in the energy sector, and the fisheries and seafood industry. As an international financial institution we offer a wide range of services from our offices around the globe. At DNB you can find career opportunities in many fields, and with offices in 22 countries we are dependent on employees with different backgrounds and skills - all equally important for DNB's performance.
People deserve more from their money. More visibility, more control, and more freedom. Since 2015, Revolut has been on a mission to deliver just that. Our powerhouse of products help our 65+ million customers get more from their money every day. As we continue our lightning-fast growth, 2 things are essential to our success: our people and our culture. In recognition of our outstanding employee experience, we've been certified as a Great Place to Work™. So far, we have 10,000+ people working around the world, from our offices and remotely, to help us achieve our mission. And we're looking for more brilliant people. People who love building great products, redefining success, and turning the complexity of a chaotic world into the simplicity of a beautiful solution.
Longer lifespans are changing the way we exist. Instead of the traditional stages of learn, work, and retire, we now have the potential for a more fulfilling, multi-stage life. With this opportunity comes the need to plan for it. We enable financial professionals, brokers, agents, advisors, and employers to energize clients and employees to seize the possibilities longevity brings. So, no matter where someone is on their journey, we can help them pursue the freedom to live the life they want. Transamerica. Live your best life. Securities distributed by Transamerica Capital, Inc. Social terms: https://www.transamerica.com/social-media-guidelines
In a world shaped by increasingly interconnected risks, Moody’s helps customers develop a holistic view of these risks to advance their business and act decisively. With a rich history of expertise in global markets and a diverse workforce in more than 40 countries, Moody’s unites the brightest minds to turn today’s risks into tomorrow’s opportunities.
Postal Savings Bank of China Co., Ltd. also known as PSBC is a commercial retail bank founded in 2007 and headquartered in Beijing. It provides basic financial services, especially to small and medium enterprises, rural[1] and low income customers. As of December 31, 2017, PSBC has 39,798[2] branches covering all regions of China. PSBC was set up with an initial capital of RMB20 billion in 2007 from the State Post Bureau. Today it has RMB1.5 trillion in deposits and the second largest number of branches, after the Agricultural Bank of China. During the Global Financial Crisis, the government took several measures to spread its national economic stimulus plan specifically to rural areas. This included using microfinance services provided by the Postal Savings Bank as a tool for national development and poverty reduction. The bank with its extremely broad reach also assists China’s credit cooperatives in their microcredit schemes. On December 8, 2015, China Postal Savings Bank, through issuing pro-float stock, received an injection of investment from the Temasek Holdings of Singapore, UBS, the Canada Pension Plan Investment Board, the International Finance Corporation, Morgan Stanley, DBS Bank, Tencent, Ant Financial Services Group, China Life and China Telecom, with a total investment of 45.1 billion yuan. These "strategic investors" together held a 16.92% stake in the company at the time of purchase. The stock was listed through an initial public offering on the Stock Exchange of Hong Kong on September 30, 2016. Prior to its listing, it was the largest unlisted Chinese bank.[3] Xuewen Zhang and Hong Lao serve as Vice Presidents of the bank and co-executive directors.
We are a community of 50 million who think—and feel—differently about investing. Together, we’re changing the way the world invests. For over 50 years, Vanguard has helped people pursue their financial goals with a spotlight on long-term value and low costs. We’ve made it a focus to put investors first, so whether you’re saving for your first home or investing for a comfortable retirement, we’re here to help you succeed. Community guidelines: vgi.vg/sgl1
KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries. For additional information about KKR (NYSE: KKR), please visit www.kkr.com. For additional information about Global Atlantic Financial Group, please visit www.globalatlantic.com. KKR will never request personal information, account details, payments and transfers over digital chat applications, social media, email or through SMS: https://www.kkr.com/security-and-fraud-awareness
Latest updates, reports, and threat intel affecting the global network.
Our latest tests reveal the best payment gateways and online payment systems include takepayments, Stripe, Worldpay, and Shopify.
We rounded up the top payment processors and online payment processing services you should know.
Water Saci and RelayNFC drive advanced Brazil-targeted attacks using WhatsApp worm tactics and real-time NFC payment theft.
A lawsuit filed by Nebraska Attorney General Mike Hilgers over the 2024 Change Healthcare data breach has been allowed to proceed after...
By Katherine K. Chan. THE BANGKO SENTRAL ng Pilipinas (BSP) will implement a payment system that works around the clock starting in 2026 as...
It brings together Mastercard's payment fraud insights with threat intelligence from Recorded Future to enable cybersecurity and fraud teams...
Key Takeaways. Over 86% of households are now connected to the internet. Cybersecurity incidents in India rose from 10.29 lakh in 2022 to...
The development of a non-Western payment system is gathering pace. BRICS countries are moving their focus from the ambitious goal of...
The lakehouse provider aims to unify security data and respond to AI threats faster without replacing existing tools.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.