Alerts
Timely alerts on emerging threats, regulatory changes and industry risks – curated by the Drawbridge team. Keep your firm and investors informed with updates that matter most.
-
Impersonation Scams on Messaging Apps
A noticeable uptick in impersonation scams has raised concerns among organizations that regularly interact with clients and potential investors. Armed with basic reconnaissance and alternative communication platforms like WhatsApp and Telegram, malicious actors pose as legitimate company representatives, duping unsuspecting targets into disclosing sensitive information or investing money under false pretenses. Below is a concise…
-
What is Salt Typhoon?
An advanced persistent threat (APT) group identified by Microsoft as “Salt Typhoon” has been credited with recent attacks against global communications networks, including internet service providers and telephone companies. U.S. officials claim the group has likely links to the Chinese Ministry of State Security, China’s principal civilian intelligence service responsible for foreign intelligence, counterintelligence, and…
-
Cybersecurity Alert: Increased Vishing with Email Bombing
Across the financial services sector, we are seeing an increase in targeted “Vishing” attempts to alternative investment managers and their employees. Combined with a technique called “mail bombing”, they are having greater success via this multi-strategy approach. Vishing involves the impersonation of someone (in these most recent cases, an IT Support person) that is designed…
-
Cybersecurity alert: Microsoft’s failed response to DDoS attack caused Azure outage
Microsoft Azure customers all over the world could not access Azure services for over nine hours. What happened – On July 30, 2024, Microsoft customers faced a widespread global outage impacting Azure cloud services and Microsoft 365 products. At 7:45 am ET, Microsoft began investigating a Distributed Denial-of-Service (DDoS) attack that had already impacted customers.…
-
Cybersecurity alert: Beware of Phishing Attacks Exploiting Recent IT Outages
In the wake of recent global service outages related to the CrowdStrike application, advanced social engineering attacks from threat groups like Carbon Spider (FIN7), Scattered Spider, and Roy/Zeon are on the rise. What happened – A global outage of Windows computers occurred on Friday, July 19 from an update by CrowdStrike to their Falcon endpoint…
-
Snowflake hack update: Snowballing into ransomware attacks
The Snowflake hack did not end with data breaches but has evolved into a concerning set of cyber attacks. Recap of the Snowflake hack Last week, a data breach targeting Snowflake, a prominent data cloud platform used by financial services and Alternative Investment Managers, made headlines. Hackers exploited stolen user credentials from profiles that…
-
Zero Day Blog: The latest Windows Vulnerability should have you sitting up and checking your patching reports.
As part of their June 2024 patch update, Microsoft announced a vulnerability (CVE-2024-30078) in all modern-day versions of Windows that could allow an attacker to run malicious software directly on your computer, just by connecting to the same Wi-Fi network. Once attackers have discovered a way to exploit this vulnerability, they could change your Windows…
-
The Snowflake hack: A wake-up call for Alternative Investment Managers
Last week, news broke about a data breach from Snowflake, a data cloud platform. Financial service institutions, including Alternative Investment Managers, use Snowflake’s platform to store and analyze vast amounts of sensitive corporate data and personally identifiable information (PII). Hackers exploited compromised user credentials to potentially impact about 165 of Snowflake’s clients. Why is this…
-
Microsoft issues patch for SharePoint vulnerabilities
What happened – On April 10, Tech Radar Pro reported on two new techniques that exploit vulnerabilities in Microsoft SharePoint, allowing hackers to steal large numbers of SharePoint files while evading detection. The first technique exploits the ‘open in app’ SharePoint feature, giving the hacker access via Powershell script of manually. This technique allows…
-
Russian hacking group breaches Microsoft Outlook
What happened – The U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued an emergency directive on April 11, 2024, following the Russian APT29 hacking group’s successful breach of multiple federal agencies’ Microsoft email accounts. Hackers can use stolen information, including authentication data, to obtain access to customer systems and exploit customer information. Affected…
-
Cyber Security intelligence: Imminent: Cybersecurity regulations for US financial services
The U.S. Securities and Exchange Commission’s (SEC) is expected to enact new cybersecurity regulations later this year, but the time is now for alternative investment firms to take proactive action. In this article for Cybersecurity Intelligence, Drawbridge CISO and Managing Director Simon Eyre outlines steps that firms can take today so they won’t be forced to…
-
Cybersecurity Risk Alerts
Cybersecurity Law Report: Ten Cybersecurity Resolutions for Financial Services Firms in 2023 January 11, 2023 Companies in the financial services sector are a natural target for hackers given the value and nature of the data they manage. Faced with this threat, there are a number of steps firms can take to mitigate risk. In this…
