ELTENI'S CYBER SCOOP Latest News In this newsletter, we highlight the Compliance issues with the SEC’s rule on material incident disclosure, The Department of Justice's continued efforts to combat the exploitation of widespread vulnerabilities and the increased sophistication of deepfake cyber incidents. REGULATORY CORNER Companies are not complying with the new SEC cybersecurity incident rule
ELTENI'S CYBER SCOOP Latest News In this newsletter, we highlight the FINRA regulatory oversight report, law enforcement continuing their crackdown on cyber criminals and the impact of Artificial Intelligence on cybersecurity. REGULATORY CORNER FINRA Publishes 2024 Regulatory Oversight Report In January, FINRA published their 2024 Annual Regulatory Oversight Report, which was formally known as the
ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover an SEC Director’s op-ed on disclosure rules. A major international cybersecurity crackdown by law enforcement. The SEC op-ed on disclosure rules. REGULATORY CORNER SEC Director of Corporation Finance weighs in on Cybersecurity Disclosures Rules The Director of the SEC’s Division of Corporation Finance provided his
ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover additional regulatory rules being approved for Clearing Agencies. Also, the numbers are in, and enforcement actions are up, including SEC settled charges against a broker-dealer and a software company for allegedly providing misleading information regarding cyber incidents. Lastly, the proposed cybersecurity rules for RIAs
ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover a major cybersecurity revelation. The SEC has taken action against SolarWinds Corporation and its CISO, Timothy G. Brown, for alleged fraud and internal control lapses tied to cybersecurity risks. Want to download this in pdf? Enter the password from the email you received.
Recently a few of our clients were recipients of phishing email leveraging scare tactics, also known as the Phantom Extortion Scam. This scam involves cyber criminals sending fake emails or messages to individuals or businesses, claiming that there has been a security breach or incident involving sensitive client or organization data. The cyber criminals then
LastPass, a popular password management service, has revealed that malicious actors have gained access to unencrypted customer data, including web URLs, email addresses, company names, billing addresses, telephone numbers, and IP addresses of LastPass customers, as well as encrypted copies of customer password vaults. This information was compromised using previously stolen data from a breach in
Earlier today the Securities and Exchange Commission voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies and business development companies (funds), as well as amendments to certain rules that govern investment adviser and fund disclosures. The SEC Chair Gary Genlser stated that the proposed rules and amendments
You probably heard the news this weekend about the new critical remote code execution vulnerability affecting Apache log4j 2. A remote code execution vulnerability is an attack that can be launched from anywhere in the world, as long as an affected system is available remotely. Why is important? The vulnerability affects millions of devices, including
Ransomware, the word alone evokes fear into many companies. How did this form of crime actually start? In 1989, Dr. Joseph L. Popp created the first ransomware called the "AIDS Trojan." This trojan virus encrypted files on a computer after rebooting a number of times. Fast forward to 2006, Archiveus, a computer virus that affected
