Call Us Today! (866) 435-8364

Hackers

Is this the end of LastPass?

LastPass, a popular password management service, has revealed that malicious actors have gained access to unencrypted customer data, including web URLs, email addresses, company names, billing addresses, telephone numbers, and IP addresses of LastPass customers, as well as encrypted copies of customer password vaults. This information was compromised using previously stolen data from a breach in

2023-01-05T11:35:48-05:00January 5th, 2023|Breaches, Cyber, Hackers, Identity Theft, Password, Phishing, PII, Privacy, Vulnerability|

NYDFS Proposed Enhancements – Second Amendment to 23 NYCRR 500

 On July 29, 2022, the New York Department of Financial Services (NYDFS) provided several potential enhancements to the existing Part 500 Cybersecurity Rules. The Draft Amendments can be divided into six categories: Assessments, Technical Requirements, Governance, Obligations for Larger Companies, Notifications, and Penalties.  Assessments  The Draft Amendments expand the current definition of Risk Assessment to

2022-08-02T12:26:48-04:00August 1st, 2022|BCP, Cyber, Hackers, NYDFS, Penetration Test, Regulatory, Vulnerability|

NYDFS’s first time charging a company for not adhering to their Cybersecurity Regulation Part 500 of Title 23

The New York Department of Financial Services ("NYDFS") has charged First American Insurance company with multiple section code violations pertaining to cyber security policies. This is NYDFS's first time charging a company for not adhering to their Cybersecurity Regulation Part 500 of Title 23. The charges held against First American are as follows: Deficient cybersecurity

2022-08-02T12:30:30-04:00January 7th, 2022|Cyber, Hackers, NYDFS, Rules, SEC|

Safeguards Rule will be updated to better protect consumer financial information from cyber attacks and security breaches

In October 2021, the Federal Trade Commission (FTC) stated that it would expand its Safeguards Rule in order to better protect consumer financial information from cyber attacks and security breaches. The revised Rule requirements will take effect on December 9, 2022. This is a significant development for private funds that were previously exempt from the

2022-01-07T18:10:50-05:00January 7th, 2022|Breaches, FTC, Hackers, NYDFS, Private Funds, Rules|

Apache Log4j 2 Vulnerability

You probably heard the news this weekend about the new critical remote code execution vulnerability affecting Apache log4j 2. A remote code execution vulnerability is an attack that can be launched from anywhere in the world, as long as an affected system is available remotely. Why is important? The vulnerability affects millions of devices, including

2021-12-13T08:08:37-05:00December 13th, 2021|Apache, Exploit, Hackers, Hedge Fund, Investment Adviser, Reverse Shell, Vulnerability|

Next Generation Ransomware Attacks

Ransomware, the word alone evokes fear into many companies. How did this form of crime actually start? In 1989, Dr. Joseph L. Popp created the first ransomware called the "AIDS Trojan." This trojan virus encrypted files on a computer after rebooting a number of times. Fast forward to 2006, Archiveus, a computer virus that affected

Critical Apple vulnerability exploited to eavesdrop!

Apple has released an emergency security update to address vulnerabilities in iOS and iPadOS for a zero-click zero day exploit that allows the installation of malware on a device. An attacker could exploit these vulnerabilities to take control of an affected device if they are unpatched. "Attacks like the ones described are highly sophisticated, cost

2021-09-14T18:12:31-04:00September 14th, 2021|Apple, Cyber, Exploit, Hackers, Identity Theft, PII, Privacy, Technology, Vulnerability|

The SEC issues fines for deficient cybersecurity programs!

Today the Securities and Exchange Commission (SEC) sanctioned eight firms in three actions for failures in their cybersecurity policies and procedures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm. A total of $800,000 were levied against these firms. In summary, the firms named in

What is Ethical Hacking? Everything You Need to Know About Ethical Hacking—With Examples

Our founder Anand Mohabir was interviewed by Kindra Cooper, from Springboard, on the topic of Ethical hacking. “There’s a lot that comes into play when you’re trying to become an ethical hacker. You have to know how a network is designed and operated, how servers interact, how virtual machines, storage and firewalls work,” said Mohabir.

2021 SEC OCIE Cybersecurity Exam Priorities

Yesterday the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released its 2021 exam priorities. In the letter the SEC highlighted that their focus remains the same from prior years with a slight shift in priorities and adjustment of focus. The SEC stated that they will review whether firms have

Go to Top