NYDFS Regulated Entities Cybersecurity Threat Alert for October 2024

NYS DFS Cybersecurity Threat Alert – Social Engineering September 30, 2024 NYDFS Regulated Entities Cybersecurity Threat Alert for October 2024 The New York State Department of Financial Services (NYDFS) has recently released urgent guidance for IT and help desk personnel in light of the latest cybersecurity threats emerging in October 2024. This advisory emphasizes the […]

FINANCIAL GROUP FINED $4.25 MILLION FOR NYSDFS CYBERSECURITY CONTROL FAILURES

FINANCIAL GROUP FINED $4.25 MILLION FOR NYSDFS CYBERSECURITY CONTROL FAILURES September 1, 2023 NYSDFS Announces $4,250,000.00 Penalty for Cybersecurity Control Failures On May 25th, 2023 NYSDFS published a press release which announced OneMain Financial Group, LLC failed to “effectively manage third-party service provider risk, manage access privileges, and maintain a formal application security development methodology, […]

Microsoft Breached by Chinese Hacking Group Storm-0558

Microsoft Breached by Chinese Hacking Group Storm-0558 July 13, 2023 Microsoft Breached by Chinese hacking group Storm-0558 Microsoft has reported over 25 organizations email accounts have been breached by Chinese hacking group Storm-0558. CISA reports the data stolen from these organizations, which included US federal agencies and state department were non-classified.  “Last month, U.S. government […]

Zero-day Exploits Patched in iPhones/Mac CVE-2023028205 Security Updates

Zero-day Exploits Patched in iPhones/Mac CVE-2023028205 Security Updates April 14, 2023 CVE-2023-28205 and CVE-2023-28206 patched by Apple for iPhones/Mac with Security Updates Apple released security updates on April 7th, 2023 for iPhones, iPads, Mac desktops, and MacBook’s to fix two actively exploited security flaws. The update impacts a wide range of devices, including older models. […]

LastPass: Encrypted Vault Master Password Concerns and Breach Update

Breach: Last Pass Update Jan 2023 December 29, 2022 LastPass Breach Update. Is LastPass Still Safe? LastPass has notified users of their platform of a breach into their cloud based-storage environment. LastPass did an exceptional job maintaining transparency for all users and providing updates as the investigation continued.  On December 22nd, LastPass posted an update […]

NYSDFS 23 CRR 500 PROPOSES NEW REGULATION REQUIREMENTS

NYSDFS CRR 500 NEW REQUIREMENTS

NYSDFS 23 CRR 500 PROPOSES NEW REGULATION REQUIREMENTS September 9, 2022 What is NYSDFS 23 CRR 500? New York State Department of Financial Services created the 23 NYCRR Part 500 a cybersecurity regulation on March 1st, 2017. This regulation applies to organizations and agencies in the financial service industry. Entities such as Mortgage banks, Insurance […]

What is Black Basta Ransomware?

What is Black Basta Ransomware? July 5, 2022 Black Basta Ransomware In the recent months there has been a new threat in the ransomware and cyber security world.  A new group named Black Basta has emerged in strides, contributing to known attacks since April. Recently they were able to overtake a network by leveraging an […]

The Hidden Cost of a Data Breach Post COVID-19

The Hidden Cost of a Data Breach Post COVID-19 June 23, 2022 The Hidden Cost of a data-breach for companies who failed to update their cyber security post COVID-19 Companies that have not transformed their cybersecurity stance post COVID-19 to accommodate for remote workers & cloud data storage use, cost $750,000.00 more on average in […]

Preparing a Cybersecurity Program for an Audit

Preparing a Cybersecurity Program for an Audit June 21, 2022 Preparing a Cybersecurity Program for an audit In the financial industry, various regulatory rules are required by the Federal Financial Institutions Examination Council (FFIEC), New York State Department of Financial Services (NYSDFS), Financial Industry Regulatory Authority (FINRA) or U.S Securities and Exchange Commission (SEC) to […]