Hunton Privacy

OCTOBER 24, 2022

On October 18, 2022, the New York State Department of Financial Services (“NYDFS”) announced that EyeMed Vision Care LLC (“EyeMed”) agreed to a $4.5 The NYDFS’s consent order notes that EyeMed’s failure to comply with the Cybersecurity Regulation left EyeMed vulnerable to threat actors.

Cybersecurity 67

Cybersecurity Financial Services Risk Phishing 67

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

2024 Tech and Cybersecurity Forecast: Navigating New Frontiers in Business madhav Thu, 12/21/2023 - 05:15 People always want to comprehend what the future brings. 2024 promises to be a pivotal year, bringing transformative advancements and new challenges in tech and cybersecurity. This necessitates a shift in cybersecurity strategies.

Cybersecurity 83

Cybersecurity Blockchain Artificial Intelligence Encryption 83

Security Affairs

DECEMBER 15, 2023

Resecurity’s HUNTER (HUMINT) unit spotted the BianLian , White Rabbit , and Mario ransomware gangs collaborating in a joint extortion campaign targeting publicly-traded financial services firms. This is why it is critical to share such intelligence for further analysis with the broader cybersecurity community.

Ransomware 103

Ransomware Financial Services Cybersecurity Passwords 103

Data Protection Report

AUGUST 11, 2022

On July 29, 2022, the New York Department of Financial Services (NYDFS) announced a “pre-proposed outreach” of material proposed changes to almost every section of its cybersecurity regulations, and would affect each entity covered by the current regulations of 23 NYCRR Part 500. Cybersecurity Risk Assessments.

Cybersecurity 58

Cybersecurity Risk Passwords Compliance 58

The Last Watchdog

JULY 11, 2023

Having access to a partner focused in cybersecurity brings fresh perspectives and allows for an unbiased evaluation of the systems in use. By working together, a robust cybersecurity framework can be established to protect investor data.

IT 189

IT Encryption Risk Financial Services 189

The Security Ledger

DECEMBER 21, 2022

Paul speaks with Caleb Sima, the CSO of the online trading platform Robinhood, about his journey from teenage cybersecurity phenom and web security pioneer, to successful entrepreneur to an executive in the trenches of protecting high value financial services firms from cyberattacks. As Mobile Fraud Rises, The Password Persists.

Financial Services 52

Financial Services Cybersecurity Data breaches Authentication 52

Security Affairs

MARCH 19, 2022

The Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory warning of AvosLocker ransomware attacks targeting multiple US critical infrastructure. The advisory was published in coordination with the US Treasury Department and the Financial Crimes Enforcement Network (FinCEN). Consider installing and using a VPN.

Ransomware 98

Ransomware Passwords Encryption Financial Services 98

Data Protection Report

FEBRUARY 8, 2022

According to the settlement agreement, the AG concluded that EyeMed’s security practices did not meet the requirements of the SHIELD Act with respect to four requirements: authentication, password management, logging and monitoring, and data retention in the email account. SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Adopting the NIST Cybersecurity Framework.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

IT Governance

OCTOBER 13, 2023

October is both Cybersecurity Awareness Month in the US and European Cyber Security Month in the EU – twin campaigns on either side of the Atlantic that aim to improve awareness of the importance of cyber security both at work and at home, and provide tips on how to stay secure.

Phishing 105

Phishing Financial Services Manufacturing Personal data 105

eSecurity Planet

JUNE 16, 2022

However, basic cybersecurity tools and practices, like patching , strong passwords , and multi-factor authentication (MFA), “can prevent 80 to 90% of cyberattacks,” said Anne Neuberger, deputy national security advisor for cyber and emerging technologies, during a White House press conference in Sept. Types of Cyberattacks.

Ransomware 141

Ransomware Cybersecurity Phishing Encryption 141

Data Matters

AUGUST 5, 2019

More State Privacy and Cybersecurity Legal Developments on the Horizon. The two NY laws detailed above show that, despite slow progress in Congress on omnibus federal privacy legislation, state regulators continue to push their own privacy and cybersecurity initiatives forward.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Krebs on Security

JANUARY 25, 2022

Although he didn’t technically have an account with MSF, their authentication system is based on email addresses, so Jim requested that a password reset link be sent to his email address. ” According to the Native American Financial Services Association (NAFSA), a trade group in Washington, D.C.

Financial Services 217

Financial Services IT Data breaches Authentication 217

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. 7. Improper certification of compliance with the Cybersecurity Regulation. Over-Retention/Failure to Dispose.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

eSecurity Planet

SEPTEMBER 30, 2021

Underground services are cropping up that are designed to enable bad actors to intercept one-time passwords (OTPs), which are widely used in two-factor authentication programs whose purpose is to better protect customers’ online accounts. By using the services, cybercriminals can gain access to victims’ accounts to steal money.

Authentication 107

Authentication Phishing Financial Services Passwords 107

Krebs on Security

FEBRUARY 9, 2023

Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. In September 2021, the Kremlin issued treason charges against Ilya Sachkov , formerly head of the cybersecurity firm Group-IB. companies and government entities.

Ransomware 193

Ransomware Government Cybersecurity Blockchain 193

Krebs on Security

NOVEMBER 16, 2022

financial services firm Ameriprise uses the domain ameriprise.com; the Disneyland Team’s domain for Ameriprise customers is [link] [brackets added to defang the domain], which displays in the browser URL bar as ? For example, one domain the gang has used since March 2022 is ushank[.]com com — which was created to phish U.S.

Phishing 273

Phishing Authentication Financial Services Access 273

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Rocket Software

AUGUST 17, 2020

Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Multi-factor authentication (MFA) is any password that requires multiple steps or components to facilitate logging in. It isn’t a specific means of confirmation, but it can include various password components.

Authentication 52

Authentication Financial Services Passwords Insurance 52

Security Affairs

JUNE 11, 2021

These included logins for social media, online games, online marketplaces, job-search sites, consumer electronics, financial services, email services, and more. Most of the stolen files (50%+) were text files, some of them containing software logs, passwords, personal notes, and other sensitive information.

Computer and Electronics 113

Computer and Electronics Archiving Encryption Passwords 113

Security Affairs

JUNE 26, 2021

Threat actors carried out brute-force and password spraying attacks in an attempt to gain access to Microsoft customer accounts. The hackers also targeted non-governmental organizations and think tanks, as well as financial services. In all, 36 countries were targeted.” ” reads the post published by Microsoft.

Financial Services 94

Financial Services Access Authentication Passwords 94

Adam Levin

NOVEMBER 30, 2018

Regis, Westin, Sheraton, W Hotels or anywhere else that operates on Marriot’s Starwood guest reservation database, it’s time to redouble your cybersecurity and privacy efforts, because this compromise is one of biggest we’ve seen—dwarfed only by the Yahoo breach that affected 2 billion users. If you’ve made reservations at the St.

Financial Services 66

Financial Services Encryption Passwords Communications 66

IT Governance

MARCH 11, 2024

According to a listing on a popular hacking forum, the database includes customers’ names, email addresses, hashed passwords, and more. The claim is yet to be verified. Data breached: 36 million records.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

The Last Watchdog

NOVEMBER 9, 2020

The infamous Mirai botnet self-replicated by seeking out hundreds of thousands of home routers with weak or non-existent passwords. Mirai ultimately was used to carry out massive Distributed Denial of Service (DDoS) attacks. From there Mirai spread voraciously between other types of consumer IoT devices, as well as corporate computers.

IoT 279

IoT Passwords Artificial Intelligence Risk 279

Data Matters

MAY 17, 2022

Statement by President Biden on our Nation’s Cybersecurity (March 21, 2022). Defense Information Technology , Cybersecurity & Infrastructure Sec. In response, the Biden Administration has made cybersecurity defense a key agenda item. Strengthening American Cybersecurity Act of 2022, S. Agency (Feb. 14,028, 86 Fed.

Cybersecurity 97

Cybersecurity Government Authentication Ransomware 97

Security Affairs

MAY 10, 2022

Compromised credentials will be visible in the “Logs” section with additional details about each victim such as IP address, User-Agent, Username, Password, and etc. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing 72

Phishing Retail Financial Services Data breaches 72

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The company pointed out that exposed files did not contain passwords that could be used to access financial accounts.

Data breaches 121

Data breaches Encryption Financial Services Access 121

The Last Watchdog

NOVEMBER 13, 2018

Cybersecurity vendors, of course, have been responding. Bad actors are standing up these virtual bots by the million, cheaply and stealthily, via Amazon Web Services, Microsoft Azure and Google Cloud. Stolen usernames and passwords are loaded up on botnets, which then relentlessly test them on account logon pages.

Security 140

Security Digital transformation B2C B2B 140

eSecurity Planet

AUGUST 22, 2023

Here are some data breach prevention and response practices that have stood the test of time, followed by a reference list of some vendor resources that can help you improve your own cybersecurity and incident response capabilities. See the Top Cybersecurity Employee Training Programs 4. This varies between organizations.

Data breaches 81

Data breaches Big data Cybersecurity Security 81

Adam Levin

NOVEMBER 17, 2020

Make sure your smartphone, tablet and laptop are password-protected, particularly if you’re in the habit of carrying them around wherever you go. Create long and strong passwords. Never use duplicate usernames or passwords across any of your online accounts to limit your exposure in case of a data breach. Lock your devices.

Retail 97

Retail e-Delivery Passwords Phishing 97

eSecurity Planet

SEPTEMBER 10, 2021

CloudPassage’s 2021 AWS Cloud Security Report found that misconfiguration of cloud platforms (71 percent), exfiltration of sensitive data (59 percent), and insecure APIs (54 percent) are the top cloud security threats facing cybersecurity professionals. Read more: Best Cybersecurity Awareness Training for Employees in 2021.

Cloud 106

Cloud Security Encryption Risk 106

Data Protection Report

APRIL 2, 2020

On March 10, 2020, the New York Department of Financial Services (NYDFS) issued guidance to all of its regulated institutions engaged in virtual currency business activity, requiring them to have plans for preparedness to manage the possible operational and financial risks posed by the COVID-19 pandemic.

Risk 59

Risk Communications Authentication Financial Services 59

Krebs on Security

APRIL 11, 2024

Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense , whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.

Encryption 249

Encryption Passwords Access Financial Services 249

IT Governance

JANUARY 16, 2024

GB database includes names, email addresses, phone numbers and passwords. Key dates 7 January 2024 – EU Cybersecurity Regulation enters into force The EU’s Cybersecurity Regulation , which sets out measures for a high common level of cyber security at EU institutions, bodies, offices and agencies, entered into force on 7 January.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Protection Report

OCTOBER 1, 2019

Private information” is also separately defined to mean user name or e-mail address in combination with the password or security question and answer—without any need for “personal information.”. Biometric information that is used to authenticate or ascertain the individual identity.

Security 40

Security Financial Services Passwords Risk 40

KnowBe4

MARCH 28, 2023

A leader tasked with cybersecurity can get ahead of the game by understanding where we are in the story of machine learning (ML) as a hacking tool," Tyson writes. "At At present, the most important area of relevance around AI for cybersecurity is content generation. He doesn't just cover one angle. He covers it from all angles!

Phishing 84

Phishing Security awareness Insurance Cybersecurity 84

The Last Watchdog

DECEMBER 6, 2022

Consider that some 80 percent of hacking-related breaches occur because of weak or reused passwords, and that over 90 percent of consumers continue to re-use their intrinsically weak passwords. Authentication systems that leverage machine learning and biometric technology are now ready to replace legacy password-centric technologies.

Authentication 203

Authentication Passwords Artificial Intelligence Financial Services 203