Gen X is often called the Forgotten Generation given how often they’re overlooked in favor of conversation around boomers, millennials or now even Gen Z. But on this episode, Gen X is the one in the spotlight as we dig into the financial health of those born between 1965 and 1980 and, importantly, their perception of their financial well-being.
Many consumers have shifted their banking and investment transactions to the time-saving apps on their phones. But along with convenience, a reliance on mobile devices has attracted scammers looking to steal information and assets. A growing type of fraud exploiting mobile phone usage is known as SIM swapping.
The term “metaverse” has attracted significant attention and curiosity in recent years from the media, entertainment and technology sectors. Though the term has no concrete definition, and interpretations may differ, the metaverse is generally viewed as the next evolution of today’s internet.
Companies that use Fortinet’s FortiManager product could be exposed to a remote, unauthenticated attacker executing arbitrary code or commands due to a critical product vulnerability (CVE-2024-47575), according to two recent alerts from the Cybersecurity & Infrastructure Security Agency (CISA).
n the event a Vendor misses transmission of TRACE data and would like to request retransmission, please follow the steps outlined on this page. Note: Only existing vendors can request retransmission of TRACE data.
On June 25, 2024, Progress Software released the MOVEit Transfer Critical Security Alert Bulletin (the Alert Bulletin) for CVE-2024-5806, a newly identified Critical Vulnerability, which was described as an Improper Authentication vulnerability in MOVEit Transfer, Secure File Transfer Protocol (SFTP) module and could lead to Authentication Bypass.
ONNX Store, a Phishing-as-a-service platform (PhaaS), is targeting Microsoft 365 (M365) accounts at FINRA member firms with an advanced social engineering attack known as quishing: a business email compromise (BEC) attack that uses QR codes in embedded PDF documents to redirect victims to phishing URLs.
LockBit, one of the most deployed ransomware variants in recent years, continues to impact organizations across the globe, including FINRA member firms. Since November of 2023, FINRA has received reports from several member firms related to cyber incidents allegedly perpetrated by LockBit. The reported incidents varied in severity from no impact to significant disruptions in firms’ business operations. As a result, the Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision Program is notifying firms of the increased activity of this threat actor to heighten awareness and visibility of this risk. CAU is also providing a compilation of resources that outline effective practices firms may consider in response to this elevated risk.
This notification warns member firms of an ongoing phishing campaign that began on or around Oct. 9 that involves fraudulent emails purporting to be from FINRA executives, in some instances containing a PDF attachment. These emails are not from FINRA, and firms should delete them and consider blocking their domains.
This notification is to warn member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using the e-mail addresses “[email protected]” and “[email protected]”. The e-mail addresses and domain “data-finra.org” are not connected to FINRA, and firms should delete all emails originating from these domains. Member firms should be aware that they may receive similar phishing emails from other domain names in addition to those identified in this Alert.
