Are you considering fleeing Zoom? Don’t be so quick to do so.

Elteni Zoom Vulnerability

Zoom has been under the spotlight over the past few weeks due to privacy and security issues. They were served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General’s Office. Headlines like this may make you want to “Zoom” for the hills, but hit the […]

Read more

Have you considered the work from home risks?

Work From Home

Have you made the decision to allow employees to work from home or are you still contemplating the idea? If work from home is or will be the preferred method for the unforeseeable future, there are some things you should do to maintain your compliance and security posture. Here are some risks you should be […]

Read more

CDPwn – Cisco patches 5 critical vulnerabilities that affect millions of devices.

CDPwn – Cisco patches 5 critical vulnerabilities

Five critical vulnerabilities found in various implementations of the Cisco Discovery Protocol (CDP) could allow attackers on a local network to take over enterprise devices, as discovered by IoT security company Armis. (It is important to note that attacks can not be performed remotely and requires attackers to have access to internal networks.) CDP is […]

Read more

The SEC’s OCIE Releases Their Observations From Examinations

Elteni OCIE Observations - Hedge Funds, Private Equity, RIA, Asset Management

On January 27, 2020 the Securities and Exchange Commission Commission’s Office of Compliance Inspections and Examinations issued examination observations related to cybersecurity and operational resiliency practices undertaken by market participants. We reviewed this alert and simplified it into major points that are easily digestible. The OCIE provided the following observations: Governance and Risk Management Senior leadership is […]

Read more

Citrix ADC CVE-2019-19781 Public Exploits Available

Elteni-Citrix-Pwned - Hedge Funds, Private Equity, RIA, Asset Management

On December 17, 2019, Citrix published an article describing vulnerability affecting the Citrix Application Delivery Controller (ADC) and Citrix Gateway formerly known as NetScaler ADC and Gateway. The vulnerability was assigned the following CVE number: CVE-2019-19781 : Vulnerability in Citrix Application Delivery Controller and Citrix Gateway leading to arbitrary code execution The vulnerability affects all product […]

Read more

CFTC issues alerts and expects responses!

CFTC - Hedge Funds, Private Equity, RIA, Asset Management

In December 2019, the U.S. government issued indictments against two hackers who were allegedly involved in a multiyear effort to penetrate the systems of several IT Vendors and Managed Services Providers (MSPs). The attack known today as the “Cloud Hopper Mega Hack” was first noticed in 2016, as indicated by the Wall Street Journal. Preview […]

Read more

Information Leakage and Improper Error Handling vulnerability found in Axcient / eFolder Synced Tool

This vulnerability was responsibly disclosed to Axcient/Anchor on November 4, 2019. Affected versions: > 2.7.1.1498 During a penetration test we came across a file sharing application called SynedTool. When performing some of the more simpler tests we identified that this application is vulnerable to an Information Leakage and Improper Error Handling vulnerability. The application allows […]

Read more

Shortlisted for the HFM US 2020 Awards – Best Cybersecurity Provider

HFM US 2020 Awards - Elteni (Hedge Fund Service Provider Award)

We’re honored to be shortlisted for the HFM US Technology Awards 2020 in the category of Best Cybersecurity Provider. THANK YOU for your support and appreciation, and encouraging us to be a little different. The awards ceremony will take place February 5, 2020. Wish us luck. We’re thrilled to be selected as a finalist. We […]

Read more

1 2 3