Education, Financial Services and Information Security

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. Educate Insureds and Insurance Producers. The post New York Department of Financial Services Issues First Guidance by a U.S. regulator concerning the increasingly critical issue of cyberinsurance. 1 See W.B.

Insurance

Insurance Financial Services Cybersecurity Risk

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Security Affairs

DECEMBER 22, 2023

The Australian and New Zealand Nissan Corporation and Financial Services (“Nissan”) advises that its systems have been subject to a cyber incident. Nissan is working with its global incident response team and relevant stakeholders to investigate the extent of the incident and whether any personal information has been accessed.”

Ransomware

Ransomware Data breaches Financial Services Archiving

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

FEBRUARY 19, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Financial Services

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Cybersecurity agencies published a joint LockBit ransomware advisory

Security Affairs

JUNE 15, 2023

Help us #StopRansomware by visiting [link] pic.twitter.com/G5jpxtB0Fw — Cybersecurity and Infrastructure Security Agency (@CISAgov) June 14, 2023 The LockBit ransomware operation was the most active in 2022 and according to the researchers it is one of the most prolific RaaS in 2023. law enforcement). was the prevalent variant in 2023.

Ransomware

Ransomware Cybersecurity Agriculture Education

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Thales Cloud Protection & Licensing

JANUARY 11, 2023

If you have already watched them, repetition is the mother of all education. Trends in Cloud Security: Key Findings from the 2022 Cloud Security Study. Security & Compliance for SAP Data in Financial Services. SAP and Thales have worked together to solve these challenges for financial services customers.

Compliance

Compliance Cloud Security Financial Services

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

The majority of intercepted credentials by Agent Tesla related to financial services, online-retailers, e-government systems and personal and business e-mail accounts. . Researchers found active instances of Agent Tesla and developed a mechanism to enumerate the affected clients and extract compromised data.

Financial Services

Financial Services Retail Education Information Security

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Other industry standards too can have the force of “pseudo-law” – notably, the NIST Cybersecurity Framework, which federal regulators often apply to financial-services firms and government contractors. Thus, it can be difficult for even small enterprises to keep up with information security and data privacy compliance.

Data Privacy

Data Privacy Compliance Privacy Security

Remcos RAT campaign targets US accounting and tax return preparation firms

Security Affairs

APRIL 16, 2023

The recent campaign exclusively aims at organizations that deal with tax preparation, financial services, CPA and accounting firms, and professional service firms dealing in bookkeeping and tax. Crooks use lures masquerading as tax documentation sent by a client. LNK) files.

Phishing

Phishing Financial Services Education Cybersecurity

A Russian national charged for committing LockBit Ransomware attacks

Security Affairs

JUNE 16, 2023

The operation targeted many organizations in critical infrastructure sectors, including financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation. law enforcement).

Ransomware

Ransomware Agriculture Education Government

US SEC warns investors of ongoing fraudulent communications claiming from the SEC

Security Affairs

NOVEMBER 21, 2021

The Securities and Exchange Commission (SEC) is warning investors of scammers impersonating SEC officials in fraudulent schemes. According to the alert issued by the SEC’s Office of Investor Education and Advocacy (OIEA), crooks are contacting investors via phone calls, voicemails, emails, and letters.

Communications

Communications Financial Services Education Government

25% increase in confidential data theft

IT Governance

DECEMBER 7, 2017

Organisations across many industries face the risk of data theft, but those in the financial services sector are particularly vulnerable to the loss of “propriety algorithms”, and recruitment agencies and estate agents risk losing highly valuable client databases. Staff education.

Education

Education Information Security Financial Services Risk

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Security Affairs

FEBRUARY 21, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Agriculture Manufacturing

Unmasking 2024’s Email Security Landscape

Security Affairs

FEBRUARY 28, 2024

Targeted Sector Vulnerabilities: Financial Services, IT, Healthcare, Education, and Government sectors have emerged as primary targets, with attackers fine-tuning their strategies to exploit specific vulnerabilities within these industries.

Security

Security Phishing Communications Financial Services

Ransomware infected systems at Xchanging, a DXC subsidiary

Security Affairs

JULY 6, 2020

Xchanging employs over 7,000 people worldwide and offers IT outsourcing, infrastructure including network managed services, software products and application management. Securities and Exchange Commission (SEC). The company disclosed the security breach on July 5, but it is not clear when it has discovered the attack.

Ransomware

Ransomware Insurance Financial Services Manufacturing

OCR Labs exposes its systems, jeopardizing major banking clients

Security Affairs

APRIL 6, 2023

Financial services are the main target for cybercriminals, so the threat for the organizations and their customers is severe. The leak also affected Bloom Money and Admiral Money – two financial companies based in the UK, and Reed, which is the UK’s top recruitment agency. env) belonging to idkit.com, owned by OCR Labs.

IT

IT Financial Services Access Risk

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

FEBRUARY 20, 2024

Since January 2020, affiliates utilizing LockBit have targeted organizations of diverse sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing, and transportation.

Energy and Utilities

Energy and Utilities Ransomware Manufacturing Agriculture

Multinational ICICI Bank leaks passports and credit card numbers

Security Affairs

APRIL 20, 2023

If malicious actors accessed the exposed data, the company could have faced devastating consequences and put their clients at risk, as financial services are the main target for cybercriminals. million files belonging to ICICI Bank.

Personal data

Personal data Phishing Risk Financial Services

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

DOL guidance provides a series of questions that should serve as a starting point for this review and includes topics such as the service provider’s information security standards, track record, cybersecurity insurance coverage, and cybersecurity validation techniques.

Cybersecurity

Cybersecurity Insurance Risk Compliance

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Security Affairs

MARCH 19, 2020

” The module appears to be under development, but experts pointed out that threat actors already used it to target organizations, mostly in telecoms, education, and financial services sectors. The module implements three attack modes, named check, trybrute and brute.

Financial Services

Financial Services Education Communications IT

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

New York City based Sisense has more than 1,000 customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. ” “We are taking this matter seriously and promptly commenced an investigation,” Dash continued.

Encryption

Encryption Passwords Access Financial Services

How ATB Financial drives agile data ops with Collibra and GCP

Collibra

MARCH 23, 2021

ATB Financial provides a diversified set of financial services to more than 770,000 residents of Alberta, Canada. Being a regionally focused institution, the group is dedicated to knowing its customers intimately, understanding their needs and providing products and services that help them achieve their goals.

Cloud

Cloud Government Access Metadata

Security in the finance sector: Whose role is it anyway?

CGI

OCTOBER 25, 2015

The answer is easy—all key players in the finance sector, including consumers, financial services providers and systems integrators. It’s imperative for us as consumers to ensure that we know how our financial and personal data is collected, transmitted, stored and used by finance institutions. Finance service providers.

IT

IT Security Digital transformation Compliance

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. Its features include: Compliance education & management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. LogicManager. Back to top.

Compliance

Compliance Risk Government Retail

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

LogicManager’s GRC solution has specific use cases across financial services, education, government, healthcare, retail, and technology industries, among others. Its features include: Compliance education & management. Additionally, Forrester named it a Contender in its Q1 2020 GRC Wave. LogicManager. Back to top.

Compliance

Compliance Risk Government Retail

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Professional services Netherlands Yes 28.3 Source (New) Professional services Netherlands Yes 28.3 Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc.

Data Privacy

Data Privacy Privacy Security Data breaches

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

During that window, the actor successfully compromised at least nine global entities across the technology, defense, healthcare, energy and education industries.” defense contractors , financial services firms, and a national data center in Central Asia. Subsequently, exploitation attempts began on Sept.

Communications

Communications Blockchain Passwords Financial Services

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Information security is not yet a science; outside of the handful of issues falling under the field of cryptography, there is no formalized system of classification. The most prepared cybersecurity programs of today will not attempt to implement a static, “out-of-the-box” solution to cyber risk.

Cybersecurity

Cybersecurity Risk Passwords Authentication

OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials

Hunton Privacy

JUNE 12, 2017

improving information sharing of industry threats, risks and mitigations. The report concludes by providing a list of key resources and best practices for addressing cybersecurity threats that were gleaned from studying the financial services and energy sectors.

Cybersecurity

Cybersecurity Computer and Electronics Education Financial Services

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Source (New) Finance USA Yes 1,955,385 BerryDunn and Reliable Networks Source (New) Finance and IT services USA Yes 1,107,354 VISAV Limited Source (New) IT services UK Yes >1,000,000 Designed Receivable Solutions, Inc. Source 1 ; source 2 (Update) Finance USA Yes 498,686 J.P.

Data Privacy

Data Privacy Privacy Manufacturing Security

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

KnowBe4

MAY 31, 2023

That's right – the financial services industry, at least according to cybersecurity vendor Armorblox's 2023 Email Security Threat Report. Blog post with links: [link] [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Yup – shoe store.

Phishing

Phishing File names Security awareness Risk

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

Anyone who has anyone in the information security community is usually melting under the hot Nevada sun. And by de I'm an analyst at Javelin strategy and research where I do security risk and fraud for the financial services industry. Yes, grasshoppers invaded Las Vegas at the start of hacker summer camp in 2019.

Computer and Electronics

Computer and Electronics IT Security Mining

Information Management Today

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Akira ransomware gang claims the theft of sensitive data from Nissan Australia

Webinars

Trending Sources

Operation Cronos: law enforcement disrupted the LockBit operation

Webinars

Cybersecurity agencies published a joint LockBit ransomware advisory

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Compliance & Data Privacy Regulations

Remcos RAT campaign targets US accounting and tax return preparation firms

A Russian national charged for committing LockBit Ransomware attacks

US SEC warns investors of ongoing fraudulent communications claiming from the SEC

25% increase in confidential data theft

US GOV OFFERS A REWARD OF UP TO $15M FOR INFO ON LOCKBIT GANG MEMBERS AND AFFILIATES

Unmasking 2024’s Email Security Landscape

Ransomware infected systems at Xchanging, a DXC subsidiary

OCR Labs exposes its systems, jeopardizing major banking clients

More details about Operation Cronos that disrupted Lockbit operation

Multinational ICICI Bank leaks passports and credit card numbers

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Experts found a new TrickBot module (rdpScanDll) built for RDP bruteforcing operations

Why CISA is Warning CISOs About a Breach at Sisense

How ATB Financial drives agile data ops with Collibra and GCP

Security in the finance sector: Whose role is it anyway?

Top GRC Tools & Software for 2021

Top 10 Governance, Risk and Compliance (GRC) Vendors

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

An Approach to Cybersecurity Risk Oversight for Corporate Directors

OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

CyberheistNews Vol 13 #22 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks

The Hacker Mind Podcast: DEF CON Villages

Stay Connected