Call Us Today! (866) 435-8364

What is Ethical Hacking? Everything You Need to Know About Ethical Hacking—With Examples

2021-05-10T10:42:57-04:00April 13th, 2021|Business Email Compromise, Cloud, Cyber, Exploit, Hackers, Hedge Fund, Investment Adviser, Malware, Microsoft, Microsoft Windows 10, NTLM hash, OWASP, Password, Penetration Test, Phishing, Red Team, Technology, Vulnerability|

Our founder Anand Mohabir was interviewed by Kindra Cooper, from Springboard, on the topic of Ethical hacking. “There’s a lot that comes into play when you’re trying to become an ethical hacker. You have to know how a network is designed and operated, how servers interact, how virtual machines, storage and firewalls work,” said Mohabir.

2021 SEC OCIE Cybersecurity Exam Priorities

2021-03-04T00:36:42-05:00March 4th, 2021|Alternative Asset Management, Awareness, Azure, BCP, BEC, Business Email Compromise, Cloud, coronavirus, Cyber, Exploit, Hackers, Hedge Fund, Identity Theft, Insider threats, Investment Adviser, Malware, OCIE, OWASP, Password, Penetration Test, Phishing, PII, Privacy, Private Equity, Regulatory, RIA, SEC, Table Top, Vulnerability, WFH, Work from home|

Yesterday the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released its 2021 exam priorities. In the letter the SEC highlighted that their focus remains the same from prior years with a slight shift in priorities and adjustment of focus. The SEC stated that they will review whether firms have

CFTC issues an alert about potential Microsoft Azure and Office 365 compromise resulting from SolarWinds breach

2021-01-13T23:46:20-05:00January 13th, 2021|CFTC, Ransomware Attack, SEC|

On January 13, 2021, the Market Participant Division (MPD) of the CFTC sent an email to registrants informing them about an alert that was issued by the DHS Cybersecurity and Infrastructure Security Agency (CISA). In the alert CISA highlighted post compromise activity related to the SolarWinds Breach. More specifically, the alert highlighted that threat actors

Solarwinds ORION delivers backdoor Trojan to worldwide networks

2020-12-31T18:42:28-05:00December 14th, 2020|Alternative Asset Management, Awareness, Cloud, Cyber, Exploit, Hackers, Hedge Fund, Identity Theft, Insider threats, Malware, Password, PII, Privacy, Remote Management, Reverse Shell, RMM, Vulnerability|

Fireye detected that Solarwinds Orion is being used by attackers to steal sensitive company data. Fireye’s threat research division found that a highly sophisticated and evasive attacker compromised the Solarwind’s Orion IT monitoring and management platform to deliver a backdoor trojan. It is suspected that the campaign has started as early as April 2020 and

Elteni is shortlisted for Best Cybersecurity Solution – 2021 Fund Intelligence Operations and Services Award

2020-12-31T18:42:42-05:00December 10th, 2020|Alternative Asset Management, Award, Cyber, Featured, Hedge Fund, Investment Adviser, Private Equity, Regulatory, RIA, Services, Technology|

Cayman Islands Investment firm exposes sensitive client information!

2020-12-31T18:42:49-05:00December 6th, 2020|Alternative Asset Management, Awareness, Azure, Cloud, Cyber, Identity Theft, Microsoft, OCIE, Password, PII, Privacy, SEC|

A Cayman Islands investment firm's backups stored in a Microsoft Azure Blob Storage was not secured properly thus resulting in a potential leak of personal banking information, individual passport data, and other sensitive information. A researcher discovered the gaping hole left open by the firm’s Hong Kong based IT provider via a special search engine

OCIE issues a new alert: “Credential Stuffing”

2020-12-31T18:42:56-05:00September 16th, 2020|BEC, Business Email Compromise, Cyber, Hackers, Hedge Fund, OCIE, Password, Phishing, Private Equity, RIA, SEC|

Yesterday The Office and Compliance Inspections and Examinations ("OCIE") issued an alert about safeguarding client accounts against credential compromise that highlighted the issue of "credential stuffing attacks". Credential stuffing is a type of cyber attack where many compromised user credentials are tried against systems to gain unauthorized access, using automated means. Over the past few

Major service provider to the financial services industry was breached

2020-12-31T18:43:03-05:00July 29th, 2020|Alternative Asset Management, Exploit, Hackers, Hedge Fund, Investment Adviser, Ransomware Attack|

A service provider of SEI Investments Co., affected by a ransomware attack. SEI Investments Co., a fund administrator for several high-profile asset management firms experienced a breach, exposing the personal information of investors for approximately 100 clients. SEI stated that the breach occurred through one of their service providers that faced a ransomware attack. M.J.

Critical Wormable Vulnerability Affecting Windows DNS Servers

2020-12-31T18:43:05-05:00July 15th, 2020|Cyber, Exploit|

Critical Wormable Vulnerability Affecting Windows DNS Servers On July 14, 2020 Microsoft publicly disclosed a critical vulnerability affecting Windows DNS Server. As a reminder DNS (Domain Naming System) servers are used primarily to resolve IP addresses. DNS is used for locating and identifying computer services and devices on the internet, such as email servers,

OCIE issues a new Cybersecurity: Ransomware Alert

2020-12-31T18:43:11-05:00July 10th, 2020|Alternative Asset Management, Awareness, BEC, Business Email Compromise, Cloud, Cyber, Exploit, Hackers, Hedge Fund, Insider threats, Investment Adviser, Malware, OCIE, Penetration Test, Phishing, Private Equity, Ransomware Attack, Red Team, Regulatory, RIA, SEC, Vulnerability, WFH, Work from home|

Today the OCIE issued a Ransomware Alert, highlighting an uptick in sophisticated social engineering and other cyber campaigns, designed to infiltrate the networks of financial institutions to access sensitive information and/or to deploy ransomware. As a reminder, ransomware actors typically demand monetary payment for the return of data. We can spend time regurgitating what was

Go to Top