2014, Financial Services and Government - Information Management Today

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services

Financial Services Cybersecurity Insurance Risk

Emissary Panda APT group hit Government Organizations in the Middle East

Security Affairs

MAY 30, 2019

Chinese Cyber-Spies Target Government Organizations in Middle East. Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. defense contractors , financial services firms, and a national data center in Central Asia. Pierluigi Paganini.

Government

Government Financial Services Security Cybersecurity

France and Germany will block Facebook’s Libra cryptocurrency

Security Affairs

SEPTEMBER 16, 2019

France and Germany governments announced that they will block Facebook’s Libra cryptocurrency , the news was reported by French finance ministry Bruno Le Maire. “We reads a joint statement issued by the two governments, “I want to be absolutely clear: in these conditions, we cannot authorise the development of Libra on European soil.”

Financial Services

Financial Services Government IT Security

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike. Enacted in 2002 and updated by the Federal Information Security Modernization Act (FISMA) of 2014, FISMA requires agencies to implement a risk-based approach to security.

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

According to the experts, the threat actors are merely trying to monetize their efforts selling information that have no intelligence value for the Iranian Government. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Access

Access Financial Services Retail Insurance

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. government’s first swipe at the Trickbot group. This is not the U.S. “It is likely that Slavik (aka.

Ransomware

Ransomware Government Cybersecurity Blockchain

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. The price depends on the targeted industry, with the local government and financial sectors are the most requested ones. ” continues the report.

Marketing

Marketing Passwords Financial Services Access

Hundreds of malicious Chrome browser extensions used to spy on you!

Security Affairs

JUNE 20, 2020

Malicious Chrome browser extensions were used in a massive surveillance campaign aimed at users working in the financial services, oil and gas, media and entertainment, healthcare, government organizations, and pharmaceuticals. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Healthcare

Healthcare Financial Services Communications Security

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

Agent Tesla , first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from its operators’ targets.

Financial Services

Financial Services Retail Education Information Security

Recently disclosed Drupal CVE-2019-6340 RCE flaw exploited in the wild

Security Affairs

FEBRUARY 26, 2019

Hackers targeted dozens of Imperva’s customers, including organizations in the government and financial services sectors. “We’ve found dozens of attack attempts aimed at dozens of websites that belong to our customers using this exploit, including sites in government and the financial services industry.”

Financial Services

Financial Services CMS Government Security

California IT service provider Synoptek pays ransom after Sodinokibi attack

Security Affairs

JANUARY 5, 2020

Synoptek has more than 1,100 customers across multiple industries, including local governments, financial services, healthcare, manufacturing, media, retail and software. . ” T he IT service provider confirmed the attack but did not comment on whether it paid the ransom asked by the crooks. Pierluigi Paganini.

IT

IT Ransomware Financial Services Retail

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. The Order alleges that this vulnerability exposed over 800 million images dating back to 2003, including sensitive personal data, such as Social Security numbers and financial information.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

Maze ransomware gang discloses data from drug testing firm HMR

Security Affairs

APRIL 8, 2020

The research firm revealed that many of the government IDs exposed in the data breach have since expired. “Consider contacting CIFAS (the UK’s Fraud Prevention Service) to apply for protective registration. . “Consider contacting CIFAS (the UK’s Fraud Prevention Service) to apply for protective registration.

Ransomware

Ransomware Data breaches Encryption Financial Services

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

This action will result in protection for a wide range of organizations, including financial services institutions, government, healthcare, and other verticals from malware and human-operated campaigns delivered via the Trickbot infrastructure.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Security

Security Financial Services Ransomware Access

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The attackers are attempting to exploit the need to install additional security software when South Korean users visit government or financial services websites. .

Financial Services

Financial Services Government Security Phishing

Pitney Bowes revealed that its systems were infected with Ryuk Ransomware

Security Affairs

OCTOBER 18, 2019

The global shipping and mailing services company Pitney Bowes recently suffered a partial outage of its service caused by a ransomware attack. Pitney Bowes is a global technology company that provides commerce solutions in the areas of ecommerce , shipping, mailing, data and financial services. Pierluigi Paganini.

Ransomware

Ransomware IT Financial Services Access

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

See the Top Governance, Risk and Compliance (GRC) Tools. Other industry standards too can have the force of “pseudo-law” – notably, the NIST Cybersecurity Framework, which federal regulators often apply to financial-services firms and government contractors. PIPL Raises the Bar – And the Stakes.

Data Privacy

Data Privacy Compliance Privacy Security

CENTRAL BANK DIGITAL CURRENCIES

Thales Cloud Protection & Licensing

FEBRUARY 27, 2023

More than 130 Central Banks have been exploring CBDCs since 2014. CBDC Benefits With the introduction of CBDCs there are multiple benefits for Consumers, Government &Central Banks and other Financial institutions. This could ultimately benefit banks by reducing the risk of financial instability.

Financial Services

Financial Services Access Risk Security

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security Affairs

SEPTEMBER 10, 2018

defense contractors and financial services firms worldwide. The hackers attempted to inject malicious JavaScript code into the government websites connected to the data center. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. We informed the company about the issue via CN-CERT.”

Communications

Communications Financial Services Government Phishing

eIDAS 2.0 REGULATION WILL CHANGE IDP USE CASES INCLUDING ID CAPTURE IN THE EU

Info Source

JULY 18, 2023

By Petra Beck, Senior Analyst Capture Software, Infosource Key Takeaways The expanded eIDAS (electronic Identification, Authentication and Trust Services) 2.0 It will become mandatory for government agencies and businesses in select verticals within the next 2 years. regulation is entering implementation stage in the EU.

Authentication

Authentication e-Delivery B2C Marketing

FFIEC Announces Plans to Update Cybersecurity Guidance in Wake of Cybersecurity Assessments

Hunton Privacy

NOVEMBER 4, 2014

The Report also contains observations on the overall cybersecurity preparedness of financial institutions, including findings on the current risk management, governance, threat intelligence, cybersecurity controls, incident response, and third party management practices of financial institutions.

Cybersecurity

Cybersecurity Financial Services Risk Government

New York Banking Regulator Announces New Cybersecurity Assessment Process

Hunton Privacy

DECEMBER 11, 2014

On December 10, 2014, the New York State Department of Financial Services (the “Department”) announced that it issued an industry guidance letter to all Department-regulated banking institutions that formally introduces the Department’s new cybersecurity preparedness assessment process.

Cybersecurity

Cybersecurity Financial Services Insurance Information Security

SEC Releases Observations from Recent Cybersecurity Examinations of Broker-Dealers and Advisers

Hunton Privacy

FEBRUARY 6, 2015

Conducted by the SEC Office of Compliance Inspections and Examinations (“OCIE”) from 2013 through April 2014, the examinations inspected the cybersecurity practices of 57 registered broker-dealers and 49 registered investment advisers through interviews and document reviews.

Cybersecurity

Cybersecurity Insurance Financial Services Risk

Was RI Advice a watershed for cybersecurity law in Australia or a damp squib?

Data Protection Report

MAY 25, 2022

The decision has been labelled as a watershed decision in Australia – a ‘first of its kind’ case that puts financial services firms, and more broadly, corporate Australia, on notice that failures to adequately understand and manage cybersecurity and cyber resilience risks will no longer be tolerated by Australia’s regulatory agencies.

Cybersecurity

Cybersecurity Risk Financial Services Retail

Slack Launched Encryption Key Addon For Businesses

Security Affairs

MARCH 18, 2019

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Using Slack EKM, IT admins can revoke access to data within a particular Slack channel, for example, rather than disrupting all users on the entire platform. Pierluigi Paganini.

Encryption

Encryption Risk Financial Services Privacy

Former FTC Counsel Markus Heyder Joins Centre for Information Policy Leadership at Hunton

Hunton Privacy

MARCH 11, 2014

Federal Trade Commission, will be joining as Vice President and Senior Policy Counselor, effective March 17, 2014. Immediately prior to his government work, Heyder was associated with Lovells (now Hogan Lovells) in Chicago, where he focused on privacy law, consumer financial services law, financial privacy law and e-commerce.

Privacy

Privacy Financial Services Data Privacy Information Security

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions

Reltio

MAY 14, 2019

He co-founded Agile Solutions in 2014 to help clients obtain value from data by better combining business, data and technology strategy. If you ask people about data management and all they talk about is governance then you know they are only being driven by regulation or a concern. Kate Tickner, Reltio.

Big data

Big data Government Cloud IT

Singapore Parliament Passes Personal Data Protection Act

Hunton Privacy

OCTOBER 17, 2012

The new law will apply only to data processing in the private sector as data processing by public agencies (or organizations acting on behalf of public agencies) are already subject to internal government rules. Reportedly, the bill will become law in January 2013, enforceable after 18 months, in mid-2014.

Personal data

Personal data Financial Services Data Privacy Data breaches

Google TAG report Q1 details about nation-state hacking and disinformation

Security Affairs

MAY 28, 2020

The report includes recent findings on government-backed phishing, threats, and disinformation campaigns, as well as information about actions the tech giant has taken against accounts coordinated influence campaigns. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes Google.

Financial Services

Financial Services Government Phishing Marketing

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

Security Affairs

NOVEMBER 17, 2019

Chinese white hat hackers have a long story of success, they won several international hacking contests in the past, but in 2018 the Chinese government prohibited Chinese experts in participating this kind of competition abroad. Since the decision of the Chinese Government, the TianfuCup was set up for the first time in the fall of 2018.

Financial Services

Financial Services Government Security Cybersecurity

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

Data Matters

MAY 17, 2022

Attorney General described a recent takedown of a Russian government-sponsored botnet called Cyclops Blink before it was weaponized and caused damage. and foreign government agencies. government reported a significant rise in hacks perpetrated against private companies by nation-state-sponsored threat actors.

Cybersecurity

Cybersecurity Government Authentication Ransomware

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Increasingly, thought leaders, professional organizations, and government agencies are beginning to provide answers. Creating an enterprise-wide governance structure. Creating an Enterprise-Wide Governance Structure. Aligning cyber risk with corporate strategy.

Cybersecurity

Cybersecurity Risk Passwords Authentication

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

The government alleges the men reside in North Korea but were frequently stationed by the DPRK in other countries, including China and Russia. million in August 2020 from a financial services company based in New York. Warrants obtained by the government allowed the FBI to seize roughly $1.9

Financial Services

Financial Services Phishing Blockchain Government

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

And by de I'm an analyst at Javelin strategy and research where I do security risk and fraud for the financial services industry. But looking at these different villages and if you remember to 2014 Around that time before that or so, car hacking was starting to be in the news, people were talking about it.

Computer and Electronics

Computer and Electronics IT Security Mining

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

ForAllSecure

APRIL 19, 2023

Then the Obama administration and in 2014, we published that that's when I went back to MIT to a former classmate, actually the guy who lived across the hall from me in my dorm, and we co-founded the cams cybersecurity at MIT Sloan. VAMOSI: Michael mentioned financial services. We've been experimenting now with with ml.

Analytics

Analytics Communications Computer and Electronics IT

Iran announced to have foiled a second cyber-attack in a week

Security Affairs

DECEMBER 15, 2019

A few days ago, the Iranian telecommunications minister Mohammad Javad Azari Jahromi, announced that the Islamic Republic had recently thwarted a “highly organized cyber attack” targeting its government infrastructure. defense contractors , financial services firms, and a national data center in Central Asia.

Government

Government Financial Services IT Security

#ModernDataMasters: Steve Whiting, Chief Operations Officer

Reltio

JULY 23, 2019

He believes in an agile approach to data-driven solutions and co-founded Agile Solutions in 2014 to deliver that vision. When we set Agile up in 2014 we had a small selection of spreadsheet-based systems and processes. How did you get into data management and what drove you to set up a data management company?

MDM

MDM Cloud Analytics Marketing

Historic Charges: First Enforcement Action Filed by New York Department of Financial Services Under Cybersecurity Regulation

Emissary Panda APT group hit Government Organizations in the Middle East

Webinars

Trending Sources

France and Germany will block Facebook’s Libra cryptocurrency

Webinars

2024 Cybersecurity Laws & Regulations

Iran-linked APT group Pioneer Kitten sells access to hacked networks

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

15 billion credentials available in the cybercrime marketplaces

Hundreds of malicious Chrome browser extensions used to spy on you!

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Recently disclosed Drupal CVE-2019-6340 RCE flaw exploited in the wild

California IT service provider Synoptek pays ransom after Sodinokibi attack

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Maze ransomware gang discloses data from drug testing firm HMR

Microsoft partnered with other security firms to takedown TrickBot botnet

Lazarus malware delivered to South Korean users via supply chain attacks

Pitney Bowes revealed that its systems were infected with Ryuk Ransomware

Security Compliance & Data Privacy Regulations

CENTRAL BANK DIGITAL CURRENCIES

Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

eIDAS 2.0 REGULATION WILL CHANGE IDP USE CASES INCLUDING ID CAPTURE IN THE EU

FFIEC Announces Plans to Update Cybersecurity Guidance in Wake of Cybersecurity Assessments

New York Banking Regulator Announces New Cybersecurity Assessment Process

SEC Releases Observations from Recent Cybersecurity Examinations of Broker-Dealers and Advisers

Was RI Advice a watershed for cybersecurity law in Australia or a damp squib?

Slack Launched Encryption Key Addon For Businesses

Former FTC Counsel Markus Heyder Joins Centre for Information Policy Leadership at Hunton

#ModernDataMasters: Lewis Ownes, CEO Agile Solutions

Singapore Parliament Passes Personal Data Protection Act

Google TAG report Q1 details about nation-state hacking and disinformation

Tianfu Cup 2019 Day 1 – Chinese experts hacked Chrome, Edge, Safari, Office365

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

An Approach to Cybersecurity Risk Oversight for Corporate Directors

U.S. Indicts North Korean Hackers in Theft of $200 Million

The Hacker Mind Podcast: DEF CON Villages

The Hacker Mind Podcast: EP 69 Self-Healing Operating Systems

Iran announced to have foiled a second cyber-attack in a week

#ModernDataMasters: Steve Whiting, Chief Operations Officer

Stay Connected