Call Us Today! (866) 435-8364

Business Email Compromise

2024 January Newsletter

ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover an SEC Director’s op-ed on disclosure rules. A major international cybersecurity crackdown by law enforcement. The SEC op-ed on disclosure rules. REGULATORY CORNER SEC Director of Corporation Finance weighs in on Cybersecurity Disclosures Rules The Director of the SEC’s Division of Corporation Finance provided his

2023 December Newsletter

  ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover additional regulatory rules being approved for Clearing Agencies. Also, the numbers are in, and enforcement actions are up, including SEC settled charges against a broker-dealer and a software company for allegedly providing misleading information regarding cyber incidents. Lastly, the proposed cybersecurity rules for RIAs

2023 November Newsletter

  ELTENI'S CYBER SCOOP Latest News In this newsletter, we uncover a major cybersecurity revelation. The SEC has taken action against SolarWinds Corporation and its CISO, Timothy G. Brown, for alleged fraud and internal control lapses tied to cybersecurity risks. Want to download this in pdf? Enter the password from the email you received.

Next Generation Ransomware Attacks

Ransomware, the word alone evokes fear into many companies. How did this form of crime actually start? In 1989, Dr. Joseph L. Popp created the first ransomware called the "AIDS Trojan." This trojan virus encrypted files on a computer after rebooting a number of times. Fast forward to 2006, Archiveus, a computer virus that affected

The SEC issues fines for deficient cybersecurity programs!

Today the Securities and Exchange Commission (SEC) sanctioned eight firms in three actions for failures in their cybersecurity policies and procedures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm. A total of $800,000 were levied against these firms. In summary, the firms named in

What is Ethical Hacking? Everything You Need to Know About Ethical Hacking—With Examples

Our founder Anand Mohabir was interviewed by Kindra Cooper, from Springboard, on the topic of Ethical hacking. “There’s a lot that comes into play when you’re trying to become an ethical hacker. You have to know how a network is designed and operated, how servers interact, how virtual machines, storage and firewalls work,” said Mohabir.

2021 SEC OCIE Cybersecurity Exam Priorities

Yesterday the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released its 2021 exam priorities. In the letter the SEC highlighted that their focus remains the same from prior years with a slight shift in priorities and adjustment of focus. The SEC stated that they will review whether firms have

OCIE issues a new alert: “Credential Stuffing”

Yesterday The Office and Compliance Inspections and Examinations ("OCIE") issued an alert about safeguarding client accounts against credential compromise that highlighted the issue of "credential stuffing attacks". Credential stuffing is a type of cyber attack where many compromised user credentials are tried against systems to gain unauthorized access, using automated means. Over the past few

2020-12-31T18:42:56-05:00September 16th, 2020|BEC, Business Email Compromise, Cyber, Hackers, Hedge Fund, OCIE, Password, Phishing, Private Equity, RIA, SEC|

OCIE issues a new Cybersecurity: Ransomware Alert

Today the OCIE issued a Ransomware Alert, highlighting an uptick in sophisticated social engineering and other cyber campaigns, designed to infiltrate the networks of financial institutions to access sensitive information and/or to deploy ransomware. As a reminder, ransomware actors typically demand monetary payment for the return of data. We can spend time regurgitating what was

Three UK-based Private Equity firms lose 1.3 million dollars to cyber criminals

  The team at Check Point identified that cyber criminals - dubbed the Florentine Banker - targeted three Private Equity firms and stole over $1.3 million dollars, with only about half the money recovered. The cyber criminals launched an email spear-phishing campaign targeting executives, and other high-profile employees in an attempt to gain access to

Go to Top