Call Us Today! (866) 435-8364

Phishing

Phantom Extortion Phishing Targeting Financial Services Firms!

Recently a few of our clients were recipients of phishing email leveraging scare tactics, also known as the Phantom Extortion Scam. This scam involves cyber criminals sending fake emails or messages to individuals or businesses, claiming that there has been a security breach or incident involving sensitive client or organization data. The cyber criminals then

Is this the end of LastPass?

LastPass, a popular password management service, has revealed that malicious actors have gained access to unencrypted customer data, including web URLs, email addresses, company names, billing addresses, telephone numbers, and IP addresses of LastPass customers, as well as encrypted copies of customer password vaults. This information was compromised using previously stolen data from a breach in

2023-01-05T11:35:48-05:00January 5th, 2023|Breaches, Cyber, Hackers, Identity Theft, Password, Phishing, PII, Privacy, Vulnerability|

Next Generation Ransomware Attacks

Ransomware, the word alone evokes fear into many companies. How did this form of crime actually start? In 1989, Dr. Joseph L. Popp created the first ransomware called the "AIDS Trojan." This trojan virus encrypted files on a computer after rebooting a number of times. Fast forward to 2006, Archiveus, a computer virus that affected

What is Ethical Hacking? Everything You Need to Know About Ethical Hacking—With Examples

Our founder Anand Mohabir was interviewed by Kindra Cooper, from Springboard, on the topic of Ethical hacking. “There’s a lot that comes into play when you’re trying to become an ethical hacker. You have to know how a network is designed and operated, how servers interact, how virtual machines, storage and firewalls work,” said Mohabir.

2021 SEC OCIE Cybersecurity Exam Priorities

Yesterday the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released its 2021 exam priorities. In the letter the SEC highlighted that their focus remains the same from prior years with a slight shift in priorities and adjustment of focus. The SEC stated that they will review whether firms have

OCIE issues a new alert: “Credential Stuffing”

Yesterday The Office and Compliance Inspections and Examinations ("OCIE") issued an alert about safeguarding client accounts against credential compromise that highlighted the issue of "credential stuffing attacks". Credential stuffing is a type of cyber attack where many compromised user credentials are tried against systems to gain unauthorized access, using automated means. Over the past few

2020-12-31T18:42:56-05:00September 16th, 2020|BEC, Business Email Compromise, Cyber, Hackers, Hedge Fund, OCIE, Password, Phishing, Private Equity, RIA, SEC|

OCIE issues a new Cybersecurity: Ransomware Alert

Today the OCIE issued a Ransomware Alert, highlighting an uptick in sophisticated social engineering and other cyber campaigns, designed to infiltrate the networks of financial institutions to access sensitive information and/or to deploy ransomware. As a reminder, ransomware actors typically demand monetary payment for the return of data. We can spend time regurgitating what was

Have you considered the work from home risks?

Have you made the decision to allow employees to work from home or are you still contemplating the idea? If work from home is or will be the preferred method for the unforeseeable future, there are some things you should do to maintain your compliance and security posture. Here are some risks you should be

Phishing attack evades detection

Inform your HR departments, internal recruiting teams, and hiring managers to be on the lookout for emails that come from someone submitting a resume for an open position in your firm. Why? There has been a significant increase in the use of this type of email attack to deliver malware. What makes these emails different?

2020-07-13T12:54:59-04:00August 30th, 2019|Cyber, Malware, Phishing|

“New” phishing campaigns – leveraging scare tactics (Ransomware 3.0)

We got an email today that we thought was very interesting. Most of the email phishing campaigns that we've seen thus far, and the most common ones our clients typically get fall into two buckets: click a link or open an attachment. We all know how effective some of these campaigns are. Lots of people

2020-04-27T10:35:19-04:00February 6th, 2019|Cyber, Phishing|
Go to Top