Risk Alert: Pirated copy of popular app being used to spread information-stealing malware WHAT HAPPENED? Malware that steals your passwords, credit cards, and crypto wallets is being promoted through search results for a pirated copy of the CCleaner Pro Windows optimization program. This new malware distribution campaign, discovered by Analysts [...]
QuickBooks Customers Targeted in Ongoing Series of Phishing Attacks WHAT HAPPENED? Intuit has warned that customers of its widely used software program QuickBooks are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings. Intuit received multiple reports [...]
April 2022 Cyber Recap The ever-changing cybersecurity landscape can be hard to keep up with. The introduction of new technologies such as cryptocurrency and the ever-changing nature of threats from hackers require constant attention. Below are some "quick hits” from April, including some noteworthy updates and developments that might be helpful [...]
Did you know? Ransomware attack costs can be seven times higher than ransom Did you know? Collateral consequences of a ransomware attack include costs that are roughly seven times higher than the ransom demanded by the threat actors, according to a recent analysis conducted by researchers at Check Point. This [...]
Recent Cyber Attacks Prove that MFAs are not All Created Equal WHAT HAPPENED? Within the past few months, two hacker groups, a data extortion gang known as Lapsu$ and elite Russian-state threat actors known as Cozy Bear, have successfully bypassed multifactor authentications (“MFA”). MFA is a defense mechanism companies and [...]
March 2022 Cyber Recap WHAT HAPPENED? Significant changes are on the horizon for cybersecurity requirements for investment advisers and other companies in critical infrastructure. March 9th, 2022: On March 9th, 2022, the SEC proposed rules and amendments surrounding cybersecurity for RIAs and public companies to enhance disclosures regarding cybersecurity risks management, strategy, [...]
CISA Issues “Shields Up” Advisory WHAT HAPPENED? The Cybersecurity & Infrastructure Security Agency’s (“CISA”) issued a “Shields Up” message to every U.S. organization in response to Russia’s unprovoked attack on Ukraine, which included cyber attacks on the Ukrainian government and critical infrastructure. According to CISA, there are no specific or [...]
Cybersecurity Risk Management WHAT HAPPENED? On February 9th, 2022, the SEC announced its proposed rule 206(4)-9 under the Advisers Act and new rule 38a-2 under the Investment Company Act (collectively, the “proposed cybersecurity risk management rules”). The proposed cybersecurity risk management rules codify the requirement for advisers to maintain comprehensive cybersecurity [...]
SEC Commissioner Signals Regulatory Changes are underway for Cybersecurity WHAT HAPPENED? SEC Chair Gensler spoke at Northwestern Pritzker School of Law’s Annual Securities Regulation Institute yesterday, where he focused on the Commission’s cybersecurity initiatives and a potential cybersecurity regulatory overhaul. Cybersecurity has been a long-standing priority for the SEC and the recent [...]
Phishing Via Gmail Accounts WHAT HAPPENED? A survey conducted by Barracuda surveyed 10,500 organizations and found that 35% of them had at least one bait attack email in September 2021 alone. Bait attacks are becoming more frequent, and it appears that bad actors who distribute this special kind of phishing email prefer [...]