Cyber; Industry News

DFS: Beware Remote Workers With North Korean Ties

Abstract: The New York State Department of Financial Services (DFS) has cautioned the businesses it regulates that some remote technology workers may be secretly acting on behalf of the North Korean government. Body: ​The New York State Department of Financial Services (DFS) has cautioned the businesses it regulates that some remote technology workers may be secretly acting on behalf of the North Korean government. DFS issued the alert in a November 1 letter.  Big I New York members who hire virtual assistants or other remote workers should take precautions to avoid hiring one of these individuals.According to the letter, information technology (IT) workers operating on behalf of…

Continue ReadingDFS: Beware Remote Workers With North Korean Ties

DFS Urges Compliance Measures in Wake of Russian Attack on Ukraine

​ The New York State Department of Financial Services (DFS) is urging precautions following Russia’s invasion of Ukraine last week. In a Feb. 25 letter to all regulated people and entities, DFS provided detailed guidance. We encourage all of you to: Review the contents of the letter; andImplement those measures that are appropriate for firms of your size and scope of operations. This is particularly necessary if you do business with companies in either of the two countries.Writing that the “Russian invasion of Ukraine significantly elevates the cyber risk for the U.S. financial sector,” Superintendent Adrienne Harris said that regulated entities should:Review their cybersecurity programs…

Continue ReadingDFS Urges Compliance Measures in Wake of Russian Attack on Ukraine

URGENT: New Security Hole Threatens Computer Networks

​The federal government is warning that a newly-discovered computer software vulnerability poses a major threat to the security of computer networks. We urge all members to address this threat immediately with either their internal information technology staffs or with qualified technology consultants.Federal government agencies, including the National Security Agency and the Department of Homeland Security announced the discovery of the vulnerability on Dec. 10. Here is what you need to know:The vulnerability lies in the Log4j software library, written in the Java programming language and created by the Apache Software Foundation​. The Apache Software Foundation is not a company; it is a volunteer community of hundreds of…

Continue ReadingURGENT: New Security Hole Threatens Computer Networks