March 16, 2020 / by Blogger / Awareness, BCP, Cisco, Cloud, coronavirus, Cyber, Exploit, Hackers, Hedge Fund, Insider threats, Investment Adviser, Malware, Microsoft, OCIE, Phishing, Regulatory, SEC, Vulnerability
Have you made the decision to allow employees to work from home or are you still contemplating the idea? If work from home is or will be the preferred method for the unforeseeable future, there are some things you should do to maintain your compliance and security posture. Here are some risks you should be […]
Read more
Cybersecurity Consulting and Advisory
Are you considering fleeing Zoom? Don’t be so quick to do so.
April 2, 2020 / by Elteni / Cloud, Cyber, Exploit, Hackers, Hedge Fund, Investment Adviser, Microsoft, Microsoft Windows 10, NTLM hash, Password, Privacy, Private Equity, Vulnerability
Zoom has been under the spotlight over the past few weeks due to privacy and security issues. They were served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General’s Office. Headlines like this may make you want to “Zoom” for the hills, but hit the […]
Read more
Have you considered the work from home risks?
March 16, 2020 / by Blogger / Awareness, BCP, Cisco, Cloud, coronavirus, Cyber, Exploit, Hackers, Hedge Fund, Insider threats, Investment Adviser, Malware, Microsoft, OCIE, Phishing, Regulatory, SEC, Vulnerability
Have you made the decision to allow employees to work from home or are you still contemplating the idea? If work from home is or will be the preferred method for the unforeseeable future, there are some things you should do to maintain your compliance and security posture. Here are some risks you should be […]
Read more
First Hedge Fund affected by the coronavirus
March 10, 2020 / by Elteni / BCP, coronavirus, Hedge Fund, Investment Adviser
The coronavirus has hit a well-known Hedge Fund’s NY based office. An employee at Point72 tested positive last week. Employees were told to work from home while the office undergoes a deep cleaning. Headlines like this may leave you wondering what you should be doing for your business. As a follow-up to our article sent […]
Read more
Is your investment adviser business ready to deal with coronavirus?
February 28, 2020 / by Blogger / Cyber, Hackers, Hedge Fund, Investment Adviser, Private Equity
When you hear coronavirus, what emotions does it invoke? Does it invoke any emotions whatsoever? Or is it just another thought that you pushed to the back of your mind? As an investment manager you are probably concerned about how it affects your portfolio, but have you thought about how it can affect your people […]
Read more
CDPwn – Cisco patches 5 critical vulnerabilities that affect millions of devices.
February 6, 2020 / by Blogger / Cisco, Cyber, Vulnerability
Five critical vulnerabilities found in various implementations of the Cisco Discovery Protocol (CDP) could allow attackers on a local network to take over enterprise devices, as discovered by IoT security company Armis. (It is important to note that attacks can not be performed remotely and requires attackers to have access to internal networks.) CDP is […]
Read more
The SEC’s OCIE Releases Their Observations From Examinations
January 30, 2020 / by Blogger / Cyber, Regulatory, SEC
On January 27, 2020 the Securities and Exchange Commission Commission’s Office of Compliance Inspections and Examinations issued examination observations related to cybersecurity and operational resiliency practices undertaken by market participants. We reviewed this alert and simplified it into major points that are easily digestible. The OCIE provided the following observations: Governance and Risk Management Senior leadership is […]
Read more
Citrix ADC CVE-2019-19781 Public Exploits Available
January 12, 2020 / by Blogger / Cyber, Exploit
On December 17, 2019, Citrix published an article describing vulnerability affecting the Citrix Application Delivery Controller (ADC) and Citrix Gateway formerly known as NetScaler ADC and Gateway. The vulnerability was assigned the following CVE number: CVE-2019-19781 : Vulnerability in Citrix Application Delivery Controller and Citrix Gateway leading to arbitrary code execution The vulnerability affects all product […]
Read more
CFTC issues alerts and expects responses!
January 9, 2020 / by Blogger / CFTC, Cyber, OCIE, Regulatory, SEC
In December 2019, the U.S. government issued indictments against two hackers who were allegedly involved in a multiyear effort to penetrate the systems of several IT Vendors and Managed Services Providers (MSPs). The attack known today as the “Cloud Hopper Mega Hack” was first noticed in 2016, as indicated by the Wall Street Journal. Preview […]
Read more
Information Leakage and Improper Error Handling vulnerability found in Axcient / eFolder Synced Tool
January 8, 2020 / by Blogger / Vulnerability, Vulnerability Disclosure
This vulnerability was responsibly disclosed to Axcient/Anchor on November 4, 2019. Affected versions: > 2.7.1.1498 During a penetration test we came across a file sharing application called SynedTool. When performing some of the more simpler tests we identified that this application is vulnerable to an Information Leakage and Improper Error Handling vulnerability. The application allows […]
Read more
Shortlisted for the HFM US 2020 Awards – Best Cybersecurity Provider
November 25, 2019 / by Blogger / Cyber
We’re honored to be shortlisted for the HFM US Technology Awards 2020 in the category of Best Cybersecurity Provider. THANK YOU for your support and appreciation, and encouraging us to be a little different. The awards ceremony will take place February 5, 2020. Wish us luck. We’re thrilled to be selected as a finalist. We […]
Read more