Hunton Privacy

FEBRUARY 22, 2021

Lastly, the Alert provides recommendations to secure data, noting that (1) regulated entities should review whether it is necessary to display any NPI (even redacted NPI) and (2) NPI should not be displayed on public-facing sites unless there is a compelling reason to do so.

Financial Services 86

Financial Services Insurance Cybersecurity Analytics 86

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 madhav Fri, 10/25/2024 - 06:09 The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.

Cybersecurity 62

Cybersecurity Financial Services Encryption Compliance 62

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. The post New York Department of Financial Services Issues First Guidance by a U.S. Issuance of the Framework is notable as it represents the first official guidance by a U.S. 1 See W.B.

Insurance 77

Insurance Financial Services Cybersecurity Risk 77

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Also Read: Best Encryption Tools & Software for 2021. Raising awareness about ransomware is a baseline security measure. A ransomware attack is about as bad as a cyber attack can get.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

erwin

JANUARY 7, 2021

Our predictions for 2021 are rooted in what we’ve learned from the past year and the relevance of data in getting us to where we are and where we need to go. Data Becomes a Matter of Life or Death: To say that data will be the difference between life and death in 2021 is not hyperbole. COVID changed everything.

Metadata 98

Metadata Government Compliance Artificial Intelligence 98

Security Affairs

DECEMBER 7, 2023

Nissan already notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre. “The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident.

Financial Services 124

Financial Services Data breaches Ransomware Access 124

Security Affairs

AUGUST 31, 2021

Finance is a decentralized lending protocol for individuals, institutions and protocols to access financial services. The security breach was confirmed by the company with a message via Twitter: C.R.E.A.M. — Cream Finance (@CreamdotFinance) August 30, 2021. peckshield) August 30, 2021. for the hacker.

Blockchain 115

Blockchain Financial Services Marketing Security 115

Security Affairs

SEPTEMBER 5, 2021

On Saturday, September 4, 2021, the ransomware gang added the bank to its leak site and published some screenshots as proof of the hack. The cybercriminals defined the security implemented by the bank terrible. “Pacific City Bank provides outstanding banking and financial services for businesses and consumers.

Ransomware 127

Ransomware Financial Services Archiving Security 127

Security Affairs

AUGUST 21, 2021

The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows PetitPotam vulnerabilities to take over Windows domains. financial organization on July 20, 2021, with its latest activity seen as recently as August 20. .

Ransomware 139

Ransomware Encryption Financial Services Manufacturing 139

Security Affairs

SEPTEMBER 10, 2023

. “Historically, approximately 10% to 15% of the DDoS attacks observed by Akamai have been aimed at customers in the financial services industry.” “However, since 2021, there has been a distinct and noticeable surge in the number of DDoS attacks against customers in this industry vertical.

Financial Services 132

Financial Services Ransomware Cybersecurity IT 132

Security Affairs

JUNE 5, 2021

Recently Cyber researchers for Cyble investigated an attack suffered by on May 30, 2021, by Nucleus Software, an India-based IT company in the Banking and Financial Services sector. The company reported the security breach to the Bombay Stock Exchange (BSE) and the National Stock Exchange of India (NSEI).

Ransomware 131

Ransomware Encryption File names Financial Services 131

Krebs on Security

JULY 1, 2021

Financial services giant Intuit this week informed 1.4 Intuit says the change is tied to an “exciting” and “free” new service that will let millions of small business employees get easy access to employment and income verification services when they wish to apply for a loan or line of credit.

Financial Services 346

Financial Services Government Authentication IT 346

Hunton Privacy

SEPTEMBER 1, 2021

On August 30, 2021, the U.S. Securities and Exchange Commission (“SEC”) announced that it had settled three administrative cases involving a total of eight registered broker-dealers and investment advisers for failures in their cybersecurity policies and procedures. 34-92807 , August 30, 2021.

Cybersecurity 113

Cybersecurity Financial Services Cloud Access 113

Hunton Privacy

JULY 12, 2021

On June 30, 2021, the New York State Department of Financial Services (“NYDFS,” the “Department”) issued guidance to all New York state regulated entities on ransomware (the “Guidance”), identifying controls it expects regulated companies to implement whenever possible.

Ransomware 102

Ransomware Security Financial Services Cybersecurity 102

Security Affairs

OCTOBER 28, 2021

Finance is a decentralized lending protocol for individuals, institutions and protocols to access financial services. — Cream Finance (@CreamdotFinance) October 27, 2021. pic.twitter.com/eLPMz3YEII — SlowMist (@SlowMist_Team) October 27, 2021. ETH and 60 tokens including HBTC, USDT, BUSD, etc.

Blockchain 92

Blockchain Financial Services Marketing Access 92

Krebs on Security

DECEMBER 13, 2022

“InfraGard connects critical infrastructure owners, operators, and stakeholders with the FBI to provide education, networking, and information-sharing on security threats and risks,” the FBI’s InfraGard fact sheet reads. That InfraGard member, who is head of security at a major U.S. Department of Defense.

Sales 362

Sales Energy and Utilities Communications Data breaches 362

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

The Last Watchdog

DECEMBER 12, 2023

Over-reliance on frameworks like the CVE program weakens organizations’ security posture and gives them an unrealistic sense of security. •No No critical findings were present among the Top 30 vulnerabilities for the Internet Software (or SaaS) industry, as defined by the public security scoring system CVSS.

Financial Services 100

Financial Services Risk Communications Marketing 100

Thales Cloud Protection & Licensing

JANUARY 26, 2021

The Future of Payments Security. Tue, 01/26/2021 - 09:17. Even when banking organizations are upgrading security posture to safeguard sensitive financial information, hackers can steal the data intelligently by tying known vulnerabilities together, and making it turn out to be a potential attack.

Security 143

Security Retail Authentication Big data 143

Security Affairs

MARCH 14, 2024

Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre. The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident.

Data breaches 104

Data breaches Financial Services Ransomware Government 104

Security Affairs

AUGUST 26, 2021

Software firm Kaseya addressed Kaseya Unitrends zero-day vulnerabilities that were reported by security researchers at the Dutch Institute for Vulnerability Disclosure (DIVD). On July 26, security researchers warned of three new zero-day vulnerabilities in the Kaseya Unitrends service. Pierluigi Paganini.

Authentication 105

Authentication Financial Services Cloud Security 105

eSecurity Planet

JANUARY 21, 2021

It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. IT governance and security.

Compliance 67

Compliance Risk Government Retail 67

IBM Big Data Hub

AUGUST 1, 2023

We are bringing the power of foundation models with the availability of a GPU as a service on IBM Cloud offering to help organizations tap into artificial intelligence (AI) in a secured environment while aiming to mitigate third- and fourth-party risk.

Financial Services 63

Financial Services Computer and Electronics Cloud Digital transformation 63

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Financial Services 91

Financial Services Cybersecurity Cloud Security 91

Security Affairs

AUGUST 23, 2021

Razer is a very popular computer peripherals manufacturer that designs, develops, and sells consumer electronics, financial services, and gaming hardware, including gaming mouses and keyboards. The flaw was discovered by the security researcher jonhat that disclosed it via Twitter: Need local admin and have physical access?

Computer and Electronics 137

Computer and Electronics Manufacturing Financial Services Access 137

DLA Piper Privacy Matters

APRIL 20, 2021

were published by the PBOC (the PRC banking regulator) and came into force on 8 April 2021. This introduces a data lifecycle security framework, and represents the key guideline for handling personal and other financial information by financial institutions (i.e. Level 3: personal financial information.

Compliance 111

Compliance Security Financial Services Data collection 111

Krebs on Security

JANUARY 25, 2022

But Jim has long had a security freeze on his credit file with the three major consumer credit reporting bureaus , and none of the lenders seemed willing to proceed without at least a peek at his credit history. ” According to the Native American Financial Services Association (NAFSA), a trade group in Washington, D.C.

Financial Services 214

Financial Services IT Data breaches Passwords 214

Security Affairs

OCTOBER 13, 2022

defense contractors , financial services firms, and a national data center in Central Asia. In the recent attacks, the APT group leveraged the Log4j vulnerabilities ( CVE-2021-44228 and CVE-2021-45105 ) to install web shells on target servers. The group also targeted a hospital in South East Asia. Pierluigi Paganini.

File names 137

File names Financial Services Manufacturing Libraries 137

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The security breach was first reported by BleepingComputer that also shared a copy of the data breach notification letter sent to the impacted customers.

Data breaches 123

Data breaches Encryption Financial Services Access 123

The Last Watchdog

DECEMBER 21, 2021

In 2021, on-premises Microsoft Exchange Server mailboxes commanded a 43 percent global market share as compared to 57 percent for cloud Exchange mailboxes, according to this report from Statista. Clearly, due diligence from any company continuing to rely on Microsoft Exchange servers is in order, strictly from a security standpoint.

Cloud 222

Cloud Financial Services Communications Ransomware 222

Security Affairs

DECEMBER 2, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint advisory that provides technical details about the gang’s operations, including tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware. ” reads the report.

Ransomware 91

Ransomware Financial Services Manufacturing Phishing 91

Security Affairs

APRIL 16, 2023

In 2021, CISA added Remcos to the list of top malware strains due to its use in mass phishing attacks using COVID-19 pandemic themes targeting businesses and individuals. Remcos is a legitimate remote monitoring and surveillance software developed by the company BreakingSecurity.

Phishing 95

Phishing Financial Services Education Cybersecurity 95

Security Affairs

JULY 27, 2021

Experts found three new zero-day flaws in the Kaseya Unitrends service and warn users to avoid exposing the service to the Internet. Security researchers warn of three new zero-day vulnerabilities in the Kaseya Unitrends service. An employee published the alert on an online analyzing platform. Pierluigi Paganini.

Financial Services 109

Financial Services Authentication Cloud Government 109

Thales Cloud Protection & Licensing

NOVEMBER 22, 2021

Tue, 11/23/2021 - 06:13. Consumers have come to expect a hyper-personalized experience that is fast, convenient and secure. Digital-only banks and Fintechs are expected to grow “at a compound annual rate of about 23.41%” from 2021-2026. To compete, financial institutions are investing heavily in digital transformation.

Digital transformation 71

Digital transformation Financial Services Customer Experience Risk 71

Security Affairs

NOVEMBER 15, 2021

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. ” concludes the report. Pierluigi Paganini.

Financial Services 135

Financial Services Access Security IT 135

eSecurity Planet

AUGUST 22, 2021

Cloudflare last month fought off a massive distributed denial-of-service (DDoS) attack by a botnet that was bombarding 17.2 million requests per second (rps) at one of the internet infrastructure company’s customers in the financial services space. That prediction proved correct. Mirai Still on the Loose.

Financial Services 142

Financial Services IoT Education Passwords 142

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. This resolution highlights the SEC’s continued focus on cybersecurity.

Cybersecurity 66

Cybersecurity Financial Services Risk Compliance 66