In December 2019, the U.S. government issued indictments against two hackers who were allegedly involved in a multiyear effort to penetrate the systems of several IT Vendors and Managed Services Providers (MSPs). The attack known today as the “Cloud Hopper Mega Hack” was first noticed in 2016, as indicated by the Wall Street Journal. Preview
This vulnerability was responsibly disclosed to Axcient/Anchor on November 4, 2019. Affected versions: > 2.7.1.1498 During a penetration test we came across a file sharing application called SynedTool. When performing some of the more simpler tests we identified that this application is vulnerable to an Information Leakage and Improper Error Handling vulnerability. The application allows
We’re honored to be shortlisted for the HFM US Technology Awards 2020 in the category of Best Cybersecurity Provider. THANK YOU for your support and appreciation, and encouraging us to be a little different. The awards ceremony will take place February 5, 2020. Wish us luck. We're thrilled to be selected as a finalist. We
So, you are thinking of moving to the public cloud, or have already made the move. While there are many benefits (we will not list them) to moving to the public cloud, proceed with caution. The biggest threat to cloud security does not come in the form of bots or zombie networks or hackers, it
October is National Cybersecurity Awareness Month. Our goal this month is to provide you meaningful information to help you make well-informed, conscious decisions about how you should be protecting yourself and company from cyber threats. To start this month off we felt it was important for everyone to become familiar with the term “attack surface”.
Phillip Capital Inc. ("PCI")., a Chicago-based brokerage firm was ordered to pay $1.5 million dollars due to a cyber attack. Per the CFTC, PCI allowed "cyber criminals to breach PCI email systems, access customer information, and successfully withdraw $1 million in PCI customer funds." The order also finds that "PCI failed to disclose the cyber
Inform your HR departments, internal recruiting teams, and hiring managers to be on the lookout for emails that come from someone submitting a resume for an open position in your firm. Why? There has been a significant increase in the use of this type of email attack to deliver malware. What makes these emails different?
New York State SHIELD (Stop Hacks and Improve Electronic Data Security) will go into Effect March 21, 2020. This gives businesses a little less than nine months to become familiar with it and prepare for it entails. What is the SHIELD Act? The Stop Hacks and Improve Electronic Data Security (SHIELD) Act redefines data security
Are you blocking websites today? If you are, they are most likely sites such as file sharing, public email, social media, and other non-business related websites.If you do not have a web filtering solution or have avoided blocking websites for the sake of keeping your employees happy, you should reconsider. Many of these sites, especially
Alert On May 23, 2019, the Office of Compliance Inspections and Examinations ("OCIE") issued the alert "Safeguarding Customer Records and Information in Network Storage - Use of Third Party Security Features". In this alert the OCIE 'identified security risks associated with the storage of electronic customer records and information by broker-dealers and investment advisers in
