In an unintended consequence of the Securities and Exchange Commission's (SEC) unprecedented rulemaking agenda, a black-hat hacker gang has filed a whistleblower complaint against its victim for not reporting a cybersecurity incident "as mandated" by a Rule reporting requirement that isn't even required yet.
The ransomware gang ALPHV/BlackCat claimed to have hacked publicly traded MeridianLink (NYSE: MLNK), a provider of cloud-based software solutions to financial institutions, in early November. Apparently dissatisfied by the victim's response time, BlackCat posted a ...
In its April 27 Weekly Update, the Financial Industry Regulatory Authority’s (“FINRA”) National Cause and Financial Crimes Detection program urged FINRA member firms to review a cyber-threat alert arising from Russia’s invasion of Ukraine.
The Cybersecurity and Infrastructure Security Administration (“CISA”) issued an April 20, 2022, Advisory warning of increased Russian state-sponsored and criminal cyber threats in retaliation for Western support for resistance to Russia’s invasion of Ukraine. The cybersecurity authorities of Australia, Canada, New ...
On March 31, 2022, the Securities Industry and Financial Markets Association (“SIFMA”) released its after-action report on Quantum Dawn VI – a global financial-markets cybersecurity exercise.
Quantum Dawn VI was conducted on November 18, 2021, with over 1,000 participants from 240 financial institutions and regulatory bodies representing 20 countries. The exercise simulated a large-scale ransomware attack by a state-actor against major global financial institutions and regulators. The scenario was chosen, in part, based upon an observed 93% increase in ransomware ...
Last Friday, November 16, the SEC issued a pair of settled actions setting a de facto standard of compliance for unregistered ICOs wanting to "come in from the cold." In each of them, the ICO offeror paid a $250,000 monetary penalty, registered its ICO as a security, and entered a rescission undertaking respecting all tokens issued to date.
The first was a settled action by Paragon Coin - a digital token ("PRG") unregistered offeror in the cannabis industry. Paragon agreed to cease and desist, file a registration statement, and publicly offer rescission of the ICO. The Commission cited ...