Earlier today the Securities and Exchange Commission voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies and business development companies (funds), as well as amendments to certain rules that govern investment adviser and fund disclosures. The SEC Chair Gary Genlser stated that the proposed rules and amendments
You probably heard the news this weekend about the new critical remote code execution vulnerability affecting Apache log4j 2. A remote code execution vulnerability is an attack that can be launched from anywhere in the world, as long as an affected system is available remotely. Why is important? The vulnerability affects millions of devices, including
- Next Generation Ransomware Attacks GalleryAlternative Asset Management, BEC, Business Email Compromise, Cloud, Cyber, Exploit, Hackers, Hedge Fund, Identity Theft, Investment Adviser, Malware, Microsoft, Microsoft Windows 10, Password, Phishing, PII, Privacy, Private Equity, Ransomware Attack, RIA, Vulnerability
Ransomware, the word alone evokes fear into many companies. How did this form of crime actually start? In 1989, Dr. Joseph L. Popp created the first ransomware called the "AIDS Trojan." This trojan virus encrypted files on a computer after rebooting a number of times. Fast forward to 2006, Archiveus, a computer virus that affected
Today the Securities and Exchange Commission (SEC) sanctioned eight firms in three actions for failures in their cybersecurity policies and procedures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm. A total of $800,000 were levied against these firms. In summary, the firms named in
- What is Ethical Hacking? Everything You Need to Know About Ethical Hacking—With Examples GalleryBusiness Email Compromise, Cloud, Cyber, Exploit, Hackers, Hedge Fund, Investment Adviser, Malware, Microsoft, Microsoft Windows 10, NTLM hash, OWASP, Password, Penetration Test, Phishing, Red Team, Technology, Vulnerability
Our founder Anand Mohabir was interviewed by Kindra Cooper, from Springboard, on the topic of Ethical hacking. “There’s a lot that comes into play when you’re trying to become an ethical hacker. You have to know how a network is designed and operated, how servers interact, how virtual machines, storage and firewalls work,” said Mohabir.
- 2021 SEC OCIE Cybersecurity Exam Priorities GalleryAlternative Asset Management, Awareness, Azure, BCP, BEC, Business Email Compromise, Cloud, coronavirus, Cyber, Exploit, Hackers, Hedge Fund, Identity Theft, Insider threats, Investment Adviser, Malware, OCIE, OWASP, Password, Penetration Test, Phishing, PII, Privacy, Private Equity, Regulatory, RIA, SEC, Table Top, Vulnerability, WFH, Work from home
Yesterday the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released its 2021 exam priorities. In the letter the SEC highlighted that their focus remains the same from prior years with a slight shift in priorities and adjustment of focus. The SEC stated that they will review whether firms have
- Solarwinds ORION delivers backdoor Trojan to worldwide networks GalleryAlternative Asset Management, Awareness, Cloud, Cyber, Exploit, Hackers, Hedge Fund, Identity Theft, Insider threats, Malware, Password, PII, Privacy, Remote Management, Reverse Shell, RMM, Vulnerability
Fireye detected that Solarwinds Orion is being used by attackers to steal sensitive company data. Fireye’s threat research division found that a highly sophisticated and evasive attacker compromised the Solarwind’s Orion IT monitoring and management platform to deliver a backdoor trojan. It is suspected that the campaign has started as early as April 2020 and
- Elteni is shortlisted for Best Cybersecurity Solution – 2021 Fund Intelligence Operations and Services Award Gallery
Elteni is shortlisted for Best Cybersecurity Solution – 2021 Fund Intelligence Operations and Services AwardAlternative Asset Management, Award, Cyber, Featured, Hedge Fund, Investment Adviser, Private Equity, Regulatory, RIA, Services, Technology
Yesterday The Office and Compliance Inspections and Examinations ("OCIE") issued an alert about safeguarding client accounts against credential compromise that highlighted the issue of "credential stuffing attacks". Credential stuffing is a type of cyber attack where many compromised user credentials are tried against systems to gain unauthorized access, using automated means. Over the past few
A service provider of SEI Investments Co., affected by a ransomware attack. SEI Investments Co., a fund administrator for several high-profile asset management firms experienced a breach, exposing the personal information of investors for approximately 100 clients. SEI stated that the breach occurred through one of their service providers that faced a ransomware attack. M.J.