Cybersecurity and Risk Insights and Alerts

July 15, 2021

This was the topic of discussion between the SEC’s Keith Cassidy, Head of the SEC’s Technology and Controls Program, and ACA Aponix® partner Mike Pappacena, during ACA’s spring conference. They discussed why the threat of a cyber-attack is so acute for investment advisers, how they can best protect themselves and their clients, and what the SEC expects from investment advisers’ cyber programs. Here are some highlights from their conversation.

July 02, 2021

Kaseya has warned of an active attack against a number of its customers using Kaseya’s VSA remote monitoring and management (RMM) platform. The attackers are using the platform to deliver REvil ransomware to systems, demanding $44,999 in funds to reclaim access to data.

July 01, 2021

A Windows vulnerability was detected that can enable bad actors to potentially take control of an affected system. Find out how to protect your systems.

June 24, 2021

The SEC is conducting outreach to firms who may have been a victim of the SolarWinds breach with a voluntary request to produce information.

June 15, 2021

The FBI has warned of recent criminal activity in which threat actors impersonate investment advisers and brokers online.

June 10, 2021

The Financial Industry Regulatory Authority (FINRA) has issued an alert warning of reported additional phishing attempts using fake FINRA credentials. Per the notice, an ongoing email phishing campaign has been reported, in which the fake FINRA domain name of "gateway-finra[dot]org" is being used.