SEC Fines Three Firms for Inadequate Cybersecurity Practices That Allowed Email Account Takeovers
Ontario police dept. hit with ransomware, Threat actors stole $18.8 million from Cream Finance, LockBit gang poised to release stolen Bangkok Airways files, Indonesian COVID-19 app exposed data, more
The U.S. Securities and Exchange Commission announced that the units of three broker-dealer and investment advisory firms agreed to pay hundreds of thousands of dollars in penalties to settle charges over cybersecurity failures.
The Commission charged KMS Financial Services, five units of financial firm Cetera, and two units of Cambridge Investment Research for failures to adopt and implement cybersecurity policies and procedures that resulted in email account takeovers exposing thousands of customers’ personal information at each firm. The Cetera entities agreed to pay $300,000, Cambridge agreed to pay $250,000 and KMS $200,000. (Chris Prentice / Reuters)
Microsoft issued guidance on securing Azure accounts that may be impacted by a recently addressed Cosmos DB critical vulnerability, dubbed Chaos DB, which gives attackers full admin rights to users' data without authorization.
To mitigate the risk and block attackers who might have stolen Cosmos DB primary read-writ…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.