This article was originally published onâŻfrankonfraud.com. Beginning in late 2021 and continuing late into 2022, a globally active, extortion-focused cyber threat actor group called Lapsus$ attacked dozens of well-known companies and government agencies around the world. It penetrated corporate networks, stole source code, and then demanded ransoms. In a newly released report by the US […]
Fact vs. Myth: ACH Credits
Webinar: July 25 â Spotlight: Handling Suspect Credits in ACH Presenters:Â Sandy Ortins, AAP, APRP, NCPÂ Rayleen M. Pirnie, BCJ, AAP, CERPÂ Compliance Officers and Fraud Investigators are often challenged with identifying appropriate actions when money laundering activity or fraud is suspected with ACH credit entries. The ACH Network Rules must be balanced with applicable […]
[Wake-Up Call] It’s Time to Focus More on Preventing Spear Phishing
Fighting spear phishing attacks is the single best thing you can do to prevent breaches. Social engineering is involved in 70% to 90% of successful compromises. It is the number one way that all hackers and malware compromise devices and networks. No other initial root cause comes close (unpatched software and firmware is a distant second being involved […]
The Common Root Exploits of All Hackers and Malware Attacks
Readers, am I missing something in my inclusive list? I need your help. If you want to stop thieves from breaking into your house, over and over, you need to figure out how the thieves could break into your house (e.g., doors, windows, floor, ceiling, basement, roof, wall, etc.),figure out the MOST LIKELY ways they […]
Encryption Isnât Your Only Ransomware Problem – There Are Some Other Nasty Issues
Ransomware has become one of the most dreaded problems in the cyber world and itâs only getting worse. Much worse! Traditionally, ransomware was a trojan horse malware program which when it found a new host computer simply went off, encrypted all the data it could find, and sent the user an onscreen message to pay a […]
Have I Thought of Everything When It Comes to OFAC?
This is one of those questions that keep OFAC Officers up at night. Due to the complexity of the OFAC sanctions and the scope of application, it is a challenge to create a robust program and think of everything. However, with the potential of fines with even one violation, and the size of fines being issued for multiple violations, it is imperative that financial institutions have a strong OFAC program. A strong program must […]
New York Cybersecurity Requirements for Banks and Financial Institutions
On March 1, 2017, the New York State Department of Financial Serviceâs (the âDFSâ) final cybersecurity regulations became effective (see 23 NYCRR § 500). These rules were originally published on September 13, 2016. Just before the end of the year, the DFS published another proposed regulation that eased somewhat the requirements of the original proposal […]