NYDFS Regulated Entities Cybersecurity Threat Alert for October 2024
NYS DFS Cybersecurity Threat Alert – Social Engineering September 30, 2024 NYDFS Regulated Entities Cybersecurity Threat Alert for October 2024 The New York State Department of Financial Services (NYDFS) has recently released urgent guidance for IT and help desk personnel in light of the latest cybersecurity threats emerging in October 2024. This advisory emphasizes the […]
FINANCIAL GROUP FINED $4.25 MILLION FOR NYSDFS CYBERSECURITY CONTROL FAILURES
FINANCIAL GROUP FINED $4.25 MILLION FOR NYSDFS CYBERSECURITY CONTROL FAILURES September 1, 2023 NYSDFS Announces $4,250,000.00 Penalty for Cybersecurity Control Failures On May 25th, 2023 NYSDFS published a press release which announced OneMain Financial Group, LLC failed to “effectively manage third-party service provider risk, manage access privileges, and maintain a formal application security development methodology, […]
Microsoft Breached by Chinese Hacking Group Storm-0558
Microsoft Breached by Chinese Hacking Group Storm-0558 July 13, 2023 Microsoft Breached by Chinese hacking group Storm-0558 Microsoft has reported over 25 organizations email accounts have been breached by Chinese hacking group Storm-0558. CISA reports the data stolen from these organizations, which included US federal agencies and state department were non-classified. “Last month, U.S. government […]
Zero-day Exploits Patched in iPhones/Mac CVE-2023028205 Security Updates
Zero-day Exploits Patched in iPhones/Mac CVE-2023028205 Security Updates April 14, 2023 CVE-2023-28205 and CVE-2023-28206 patched by Apple for iPhones/Mac with Security Updates Apple released security updates on April 7th, 2023 for iPhones, iPads, Mac desktops, and MacBook’s to fix two actively exploited security flaws. The update impacts a wide range of devices, including older models. […]
HOW TO: Recover your Gmail account from a breach in 2023
HOW TO: Recover your Gmail account from a breach in 2023 January 25, 2023 How to recover your Gmail account from a breach in 2023 In this tutorial, we will review the 3 most important steps you can take to recover your gmail account from a breach. What is an email breach? An email breach […]
LastPass: Encrypted Vault Master Password Concerns and Breach Update
Breach: Last Pass Update Jan 2023 December 29, 2022 LastPass Breach Update. Is LastPass Still Safe? LastPass has notified users of their platform of a breach into their cloud based-storage environment. LastPass did an exceptional job maintaining transparency for all users and providing updates as the investigation continued. On December 22nd, LastPass posted an update […]
Risk Considerations When Selecting A Managed Service Provider
Risk Considerations When Selecting A Managed Service Provider December 6, 2022 Risk Considerations When Selecting a Managed Service Provider Considerations, best-practices for defensive network architecture, and cyber security concerns when selecting a new MSP partner. 1. Least Privilege Managed Service Providers (MSP) and/or their sub-contractors should be granted the minimum necessary rights assigned to perform […]
Common Cybersecurity Requirements of NYSDFS CRR 500 You May Be Overlooking
Common Cybersecurity Requirements of NYSDFS CRR 500 You May Be Overlooking May 20, 2022 Common Cybersecurity Requirements of NYSDFS CRR 500 You May Be Overlooking New York State Department of Financial Services made the 23 NYCRR Part 500 a cybersecurity regulation on March 1st, 2017. It applies to organizations and agencies in the financial service […]
May 2022 | Cyber Threats
May 2022 | Cyber Threats May 12, 2022 Cyber Awareness: Common Scams and Email Threats May 2022 There has been an upsurge of scamming and phishing threats, particularly in financially oriented service companies. We urge all clients to be vigilant when opening mail from unknown senders that contain links. The closer an attacker comes to stealing […]