Yesterday the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released its 2021 exam priorities. In the letter the SEC highlighted that their focus remains the same from prior years with a slight shift in priorities and adjustment of focus. The SEC stated that they will review whether firms have
Yesterday The Office and Compliance Inspections and Examinations ("OCIE") issued an alert about safeguarding client accounts against credential compromise that highlighted the issue of "credential stuffing attacks". Credential stuffing is a type of cyber attack where many compromised user credentials are tried against systems to gain unauthorized access, using automated means. Over the past few
Today the OCIE issued a Ransomware Alert, highlighting an uptick in sophisticated social engineering and other cyber campaigns, designed to infiltrate the networks of financial institutions to access sensitive information and/or to deploy ransomware. As a reminder, ransomware actors typically demand monetary payment for the return of data. We can spend time regurgitating what was
On June 29, 2020 Palo Alto Networks published a notice about a critical vulnerability affecting their devices. https://security.paloaltonetworks.com/CVE-2020-2021. The vulnerability, which is listed as an issue affecting the way SAML (Security Assertion Markup Language) authentication happens, can be exploited by remote attackers to gain access to the device. Dissecting this vulnerability, Palo Alto states that
The team at Check Point identified that cyber criminals - dubbed the Florentine Banker - targeted three Private Equity firms and stole over $1.3 million dollars, with only about half the money recovered. The cyber criminals launched an email spear-phishing campaign targeting executives, and other high-profile employees in an attempt to gain access to
Zoom has been under the spotlight over the past few weeks due to privacy and security issues. They were served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General’s Office. Headlines like this may make you want to “Zoom” for the hills, but hit the
When you hear coronavirus, what emotions does it invoke? Does it invoke any emotions whatsoever? Or is it just another thought that you pushed to the back of your mind? As an investment manager you are probably concerned about how it affects your portfolio, but have you thought about how it can affect your people
