The financial sector faces evolving cybersecurity challenges that go beyond direct attacks on banking websites. In this session, Neftali Mañes, solutions engineer at Recorded Future, will examine how modern threat actors are targeting financial institutions through indirect methods, using supply chains and sophisticated techniques.

The session will explore four critical threat vectors:

• Why force a door if you have the keys? – How credential leaks and stolen authentication cookies have become the primary entry point for attacks, with 80% of detected financial sector intrusions using previously leaked credentials.
• Optimizing ROI – The shift toward supply chain attacks targeting network infrastructure and enterprise software rather than direct assaults.
• Outsourcing attacks – The rapid growth of attack-as-a-service models, where specialized interfaces and platforms enable threat actors to launch sophisticated campaigns without technical expertise.
• Industrializing the threat – The emergence of AI-powered attack methods, including deepfakes, automated code generation and polymorphic malware.