This article was originally published on frankonfraud.com. Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group called Lapsus$ attacked dozens of well-known companies and government agencies around the world. It penetrated corporate networks, stole source code, and then demanded ransoms. In a newly released report by the US […]
Webinar: July 25 – Spotlight: Handling Suspect Credits in ACH Presenters: Sandy Ortins, AAP, APRP, NCP Rayleen M. Pirnie, BCJ, AAP, CERP Compliance Officers and Fraud Investigators are often challenged with identifying appropriate actions when money laundering activity or fraud is suspected with ACH credit entries. The ACH Network Rules must be balanced with applicable […]
Fighting spear phishing attacks is the single best thing you can do to prevent breaches. Social engineering is involved in 70% to 90% of successful compromises. It is the number one way that all hackers and malware compromise devices and networks. No other initial root cause comes close (unpatched software and firmware is a distant second being involved […]
Readers, am I missing something in my inclusive list? I need your help. If you want to stop thieves from breaking into your house, over and over, you need to figure out how the thieves could break into your house (e.g., doors, windows, floor, ceiling, basement, roof, wall, etc.),figure out the MOST LIKELY ways they […]
Ransomware has become one of the most dreaded problems in the cyber world and it’s only getting worse. Much worse! Traditionally, ransomware was a trojan horse malware program which when it found a new host computer simply went off, encrypted all the data it could find, and sent the user an onscreen message to pay a […]
This is one of those questions that keep OFAC Officers up at night. Due to the complexity of the OFAC sanctions and the scope of application, it is a challenge to create a robust program and think of everything. However, with the potential of fines with even one violation, and the size of fines being issued for multiple violations, it is imperative that financial institutions have a strong OFAC program. A strong program must […]
On March 1, 2017, the New York State Department of Financial Service’s (the “DFS”) final cybersecurity regulations became effective (see 23 NYCRR § 500). These rules were originally published on September 13, 2016. Just before the end of the year, the DFS published another proposed regulation that eased somewhat the requirements of the original proposal […]
