Call Us Today! (866) 435-8364

Vulnerability Disclosure

The SEC proposes new Cybersecurity rules

Earlier today the Securities and Exchange Commission voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered investment companies and business development companies (funds), as well as amendments to certain rules that govern investment adviser and fund disclosures. The SEC Chair Gary Genlser stated that the proposed rules and amendments

SEC Charges First American Financial Corporation With Cybersecurity Disclosure Controls Failures

On June 15, 2021 “The Securities and Exchange Commission (“SEC”) announced settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.” On May 24, 2019, Brian Krebs notified First American Financial Corporation of a vulnerability with its

2021-06-15T12:53:23-04:00June 15th, 2021|Cyber, OCIE, Privacy, Regulatory, SEC, Vulnerability, Vulnerability Disclosure|

Palo Alto Networks Vulnerability – CVE-2020-2021

On June 29, 2020 Palo Alto Networks published a notice about a critical vulnerability affecting their devices. https://security.paloaltonetworks.com/CVE-2020-2021. The vulnerability, which is listed as an issue affecting the way SAML (Security Assertion Markup Language) authentication happens, can be exploited by remote attackers to gain access to the device. Dissecting this vulnerability, Palo Alto states that

Information Leakage and Improper Error Handling vulnerability found in Axcient / eFolder Synced Tool

This vulnerability was responsibly disclosed to Axcient/Anchor on November 4, 2019. Affected versions: > 2.7.1.1498 During a penetration test we came across a file sharing application called SynedTool. When performing some of the more simpler tests we identified that this application is vulnerable to an Information Leakage and Improper Error Handling vulnerability. The application allows

2020-07-13T12:54:45-04:00January 8th, 2020|Vulnerability, Vulnerability Disclosure|
Go to Top