Security Affairs

APRIL 10, 2019

SAP released the April 2019 Security Patch Day that is included 6 Security Notes, two of which address High severity flaws in Crystal Reports and NetWeaver. SAP released 6 Security Notes as part of the April 2019 Security Patch Day, two of which address High severity flaws in Crystal Reports and NetWeaver.

Security 72

Security Financial Services Risk Access 72

Security Affairs

FEBRUARY 26, 2019

Threat actors in the wild are exploiting the recently patched CVE-2019-6340 flaw in the Drupal CMS to deliver cryptocurrency miners and other payloads. Just three days after the CVE-2019-6340 flaw in Drupal was addressed, threat actors in the wild started exploiting the issue to deliver cryptocurrency miners and other payloads.

Financial Services 82

Financial Services CMS Government Security 82

Security Affairs

MAY 15, 2019

SAP released SAP Security Patch Day for May 2019 that includes 8 Security Notes, 5 of which are updates to previously released Notes. ” reads the security advisory for the CVE-2019-0301. .” ” reads the security advisory for the CVE-2019-0301. SecurityAffairs – SAP Security Patch Day for May 2019 ).

Security 72

Security Financial Services Risk IT 72

Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. Unlawful Discrimination.

Insurance 66

Insurance Financial Services Compliance Retail 66

Security Affairs

APRIL 3, 2024

Resecurity researchers warn that a new Version of JsOutProx is targeting financial institutions in APAC and MENA via Gitlab abuse. Resecurity has detected a new version of JSOutProx , which is targeting financial services and organizations in the APAC and MENA regions.

Financial Services 105

Financial Services Phishing IT Information Security 105

Security Affairs

OCTOBER 19, 2023

The ransomware operation has been active since late December 2019, the FBI published two flash alert to warn of the operation of the group. This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. More details are expected to be released tomorrow.

Ransomware 113

Ransomware Financial Services Manufacturing Government 113

Krebs on Security

MAY 31, 2019

That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. ”

Financial Services 214

Financial Services Insurance Sales Authentication 214

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. First American Financial Corp.

Insurance 282

Insurance Risk Financial Services Mining 282

Data Protection Report

JANUARY 18, 2024

On January 3, 2024, the New York Department of Financial Services announced a consent order with GGT, where GGT agreed to pay NYDFS $8 million and to surrender its BitLicense (for cryptocurrency trading), due to alleged violations of NYDFS’ cybersecurity and its virtual currency regulations.

Cybersecurity 111

Cybersecurity Financial Services Compliance Encryption 111

Krebs on Security

AUGUST 13, 2021

. “This service is dedicated to individuals that have the need to possess complete privacy on the blockchain, offering a perspective from the opponent’s point of view in order for the user to comprehend the possibility of his/her funds getting flagged down under autocratic illegal charges.” AMLBot’s user interface.

Blockchain 306

Blockchain Analytics Marketing Ransomware 306

Security Affairs

FEBRUARY 19, 2024

pic.twitter.com/SvpbeslrCd — vx-underground (@vxunderground) February 19, 2024 LockBit is a prominent ransomware operation that first emerged in September 2019. Lockbit ransomware group administrative staff has confirmed with us their websites have been seized.

Energy and Utilities 113

Energy and Utilities Ransomware Agriculture Financial Services 113

Security Affairs

JANUARY 5, 2020

Synoptek, A California-based IT service provider decided to pay the ransom to decrypt its files after being infected with the Sodinokibi ransomware. Synoptek, a California-based provider of IT management and cloud hosting services paid the ransom to decrypt its files following a Sodinokibi ransomware attack. Pierluigi Paganini.

IT 70

IT Ransomware Financial Services Retail 70

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance 66

Insurance Paper Risk Analytics 66

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Additional guidance.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

HL Chronicle of Data Protection

FEBRUARY 25, 2020

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act).

Cybersecurity 104

Cybersecurity Financial Services Data breaches Insurance 104

Info Source

JULY 11, 2019

July 11, 2019 – Automation Anywhere , a global leader in Robotic Process Automation Software, today announced that Gartner, Inc. has named it a Leader in Gartner’s 2019 Magic Quadrant for RPA Software. [1]. 8 July 2019. Inaugural Magic Quadrant for RPA Software Recognizes Automation Anywhere. SAN JOSE, Calif.

Marketing 45

Marketing Financial Services IT Security 45

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Thales Cloud Protection & Licensing

SEPTEMBER 4, 2024

Initially, PSD2 was set to take full effect on September 14, 2019. PSD2 has had a profound impact on the financial ecosystem, reshaping the infrastructure for banks, fintechs, and businesses that rely on payment data to serve consumers better. Let's explore the details further.

Compliance 62

Compliance Authentication Financial Services Marketing 62

Security Affairs

SEPTEMBER 1, 2020

“The adversary is particularly interested in exploits related to VPNs and network appliances , including CVE-2019-11510, CVE-2019-19781, and most recently CVE-2020-5902; reliance on exploits such as these lends to an opportunistic operational model.” ” continues the report.

Access 97

Access Financial Services Retail Insurance 97

Data Protection Report

JUNE 2, 2021

On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. Affiliate #1 notified NYDFS on November 25, 2019.

Cybersecurity 71

Cybersecurity Insurance Financial Services Phishing 71

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. According to the consent order, the matter began when NSC reported a cybersecurity event to NYDFS on October 23, 2019. The second incident occurred in March of 2019.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. billion per month.

Insurance 89

Insurance Data breaches Financial Services Passwords 89

Hunton Privacy

MARCH 11, 2021

On March 3, 2020, the New York Department of Financial Services (“NYDFS”) announced it had entered into a settlement with Residential Mortgage Services, Inc. (“RMS”) RMS”) related to allegations that RMS violated the NYDFS Cybersecurity Regulation in connection with a 2019 data breach. Read the full NYDFS settlement.

Data breaches 97

Data breaches Cybersecurity Financial Services Personal data 97

Collibra

FEBRUARY 11, 2020

Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. There are several areas that the international financial services regulatory community is engaged in that touch on third party personal data relationships.

Financial Services 59

Financial Services Digital transformation Personal data Compliance 59

IT Governance

NOVEMBER 23, 2023

Although the total number of data breaches – or rather, in those reported – decreased by 24% between 2019 and 2022 in the finance sector, the number of incidents increased by 99%. So to account for seasonality, we’ve only looked at Q2–Q4 for all four years (2019–2022). million (about £4.70

Risk 85

Risk Data breaches Authentication Financial Services 85

Security Affairs

APRIL 30, 2020

Security experts from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe. Researchers from Cybereason Nocturnus team discovered a new piece of Android malware dubbed EventBot that targets banks, financial services across Europe.

Financial Services 113

Financial Services Libraries Encryption Authentication 113

Security Affairs

JUNE 6, 2024

LockBit is a prominent ransomware operation that first emerged in September 2019. The FBI is informing victims of LockBit ransomware it has obtained over 7,000 LockBit decryption keys that could allow some of them to decrypt their data. The NCA reached out to victims based in the UK providing support to help them recover encrypted data.

Energy and Utilities 115

Energy and Utilities Ransomware Agriculture Encryption 115

Data Matters

DECEMBER 4, 2019

On November 18, 2019, the UK Jurisdiction Taskforce, which is part of The English Law Society’s LawTech Delivery Panel , published its Legal Statement on the status of cryptoassets and smart contracts (the Legal Statement).

Blockchain 60

Blockchain Financial Services Healthcare Marketing 60

Data Matters

DECEMBER 4, 2019

On November 18, 2019, the UK Jurisdiction Taskforce, which is part of The English Law Society’s LawTech Delivery Panel , published its Legal Statement on the status of cryptoassets and smart contracts (the Legal Statement).

Blockchain 60

Blockchain Financial Services Healthcare Marketing 60

Hunton Privacy

SEPTEMBER 1, 2021

34-92806 ; and In the Matter of KMS Financial Services, Inc. , Release No. According to the SEC order against KMS Financial Services Inc., On August 30, 2021, the U.S. These failures led to email account takeovers that exposed personal information of thousands of customers at each firm. 34-92807 , August 30, 2021.

Cybersecurity 113

Cybersecurity Financial Services Cloud Access 113

Krebs on Security

MAY 3, 2019

A Pennsylvania credit union is suing financial industry technology giant Fiserv , alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. based Fiserv [ NASDAQ:FISV ] is a Fortune 500 company with 24,000 employees and $5.8 billion in earnings last year.

Security 189

Security Passwords Financial Services Sales 189

The Last Watchdog

MAY 17, 2021

In pulling off that milestone hack, Paige Thompson took advantage of CapOne’s lack of focus on cloud security as the banking giant rushed headlong into leveraging Amazon Web Services. Luckily, Thompson left an easy trail for the FBI to follow and affect her arrest in August 2019. Protecting workloads.

Cloud 214

Cloud Security Risk Financial Services 214

Thales Cloud Protection & Licensing

NOVEMBER 27, 2018

The cybersecurity regulation ( 23 NYCRR 500 ) adopted by the New York State Department of Financial Services (NYDFS) is nearly two years old. The 2017 bill, the first of its kind, will be fully implemented as of March 1st, 2019. Even though these regulations only apply to New York, financial institutions across the U.S.

Cybersecurity 71

Cybersecurity Financial Services Encryption Data Privacy 71

Security Affairs

SEPTEMBER 1, 2021

The sanctioned entities are Cetera (Advisor Networks, Investment Services, Financial Specialists, Advisors, and Investment Advisers), Cambridge Investment Research (Investment Research and Investment Research Advisors), and KMS Financial Services. ” Follow me on Twitter: @securityaffairs and Facebook.

Financial Services 88

Financial Services Cybersecurity Cloud Security 88

Security Affairs

JANUARY 18, 2019

Oracle released the first critical patch advisory for 2019 that addresses a total of 284 vulnerabilities, 33 of them are rated “critical”. The bug affected the OCA’s Diameter Signalling Router component and its Communications Services Gatekeeper. ” reads the d escription provided by.

Financial Services 73

Financial Services Libraries Mining Retail 73

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Security Affairs

MARCH 17, 2020

Advantage and Argus seem to be the same company working under two different names, they offer funding and startup capital to business owners without access to traditional lending and financial services. The researchers discovered the unsecured database in December 2019.

Financial Services 113

Financial Services Access Privacy Security 113