DEFENSESTORM
Thought leadership and customer testimonials are some of the many ways we build a community of trust. These cyber security resources highlight our recent research and success stories.
Threat Alerts
With the recent natural disasters that have occurred, it’s important to be aware that bad actors will attempt to leverage those devasting incidents for gain. CISA has released a warning urging users to be aware of malicious activity when these types of incidents occur. Please read the below alert from CISA.
Insights
In the final installment of our Redefining Cybersecurity series, we explore Cyber Risk Awareness. While the deployment of new technology is critical to ensuring cyber risk readiness, a lack of training and awareness is a significant liability to any institution.
Insights
The role of AI on cybersecurity is tremendous. AI is transforming daily business practices and enhancing the customer experience for most industries, but it is imperative to effectively balance technological advancement with close oversight while these technologies are rolled out.
Fraud Squad
A small business owner recently fell victim to a sophisticated bank scam that drained her life savings, where scammers exploited two-factor authentication to gain access and withdraw money from her account. This cautionary story serves as a warning about the increasing prevalence of fraud and emphasizes the significance of using effective fraud detection systems.
Insights
NCUA Cyber Incident Notifications Requirement goes into effect September 1, 2023. The final rule requires that covered institutions notify the NCUA as soon as possible, and no later than 72 hours, after the credit union reasonably believes it has experienced a reportable cyber incident or received a notification from a third party regarding a reportable cyber incident.
Threat Alerts
While nothing official has been published by LinkedIn at the time of this post, accounts on the platform appear to be coming under attack in some type of hacking campaign of unknown origin. Users are reporting on multiple other outlets that their accounts have been taken over, locked out of their accounts, and having difficulty resetting accounts to regain access
Insights
Part 4 of our Redefining Cyber Security series explores the power of a buyer’s guide, a vendor-neutral tool created by DefenseStorm to help FIs efficiently shop for new cyber security risk management solutions.
Threat Alerts
Internal communication applications, IE: Slack, MS Teams, etc. Criminals are establishing domains that appear to be from legitimate technical support entities and then attempting to reach out to individuals to gain access to target users’ devices. The below article was authored by Microsoft Threat Intelligence and taken from Microsoft directly and provides additional detail and threat actor attribution for these types of attacks.
Webinars & Videos
As the financial sector continues to embrace digital transformation, threat actors remain poised to exploit every vulnerability exposed. The ever-evolving threat landscape elicits a proactive cyber risk management solution that can pivot to address emerging threats as they materialize, and credit unions are faced with mounting pressure to prove their ability to prevent, detect, and mitigate those threats. Despite the many unique challenges and requirements in cyber risk management, credit unions can succeed in cybersecurity by establishing effective governance and utilizing risk assessments.
Insights
An effective cyber risk management strategy requires everyone within the FI to work together with a unified goal for budget allocation and solution implementation.
Insights
Military, law enforcement, and first responders train constantly to be prepared for anything that they may face during their careers, so when those particular situations arise, they are confident, efficient, and knowledgeable about how to deal with and resolve the incident. Cyber incident response is no different.
Insights
With a deeper understanding of this shift in ideology from reactive to proactive solutions, the question arises about your financial institution’s (FI’s) level of cyber security risk readiness.
Threat Alerts
Earlier in June DefenseStorm became aware of a vulnerability disclosure involving MOVEit and posted an article. The casualty list for this vulnerability is growing by the day largely due to exploitation by the Clop Ransomware gang of unpatched instances.
This is an update and reminder to please stay updated on patching and patch for the MOVEit vulnerabilities as soon as possible.
Insights
In this 5 part series, Redefining Cybersecurity, we will walk your FI through the process of evaluating your current state of cybersecurity and risk management so you can employ more efficient solutions to stay threat ready and compliant.
Threat Alerts
Since March of 2023 a new mobile malware has been pushing the Android banking trojan “Anatsa” to online banking customers located in the United States, United Kingdom, Austria, Switzerland and Germany. It has since become one of the most prolific banking malware, targeting over 400 financial institutions across the world.
eBooks & Reports
DefenseStorm’s Security Intel Bulletin keeps you up-to-date with the latest and most important cyber risk news for financial institutions. Our experts work hard to find vital industry news published by the most reputable sources, so you can stay informed and threat ready.
eBooks & Reports
Webinars & Videos
Webinars & Videos
Learn about the circumstances and challenges that impacted Live Oak Bank, and why they sought out a new approach to prevent cyber fraud. Erin Armstrong from Live Oak Bank, along with Adam Barrett and Eric Miller from DefenseStorm share their insights.
Datasheets
Account Holder Fraud Prevention provides a proactive approach to stop fraud before funds ever leave your financial institution with active threat detection that correlates information from your network, online banking platform, core, and the dark web providing real-time alerts and intervention.
Datasheets
DefenseStorm GRID Active Threat Surveillance gathers and analyzes data from all types of sources, technology, tools, systems to determine if you need to be concerned about happenings in your environment.
Datasheets
With cybercrime rapidly evolving, financial institutions must be prepared to address emerging threats as they materialize. Learn about how this proactive approach can improve your level of cyber risk posture and how DefenseStorm’s products and services help you achieve cyber risk readiness.
Threat Alerts
On June 12, 2023, a critical Remote Code Execution (RCE) vulnerability was discovered in Fortinet’s popular FortiGate firewalls, posing a significant security risk for organizations relying on these devices for network protection. The vulnerability, identified as a critical flaw, could potentially allow malicious actors to execute arbitrary code on affected FortiGate firewalls.
Threat Alerts
Defensestorm is aware of the recent disclosure of the Barracuda Email Security Gateway Application (ESG) Vulnerability and has been actively monitoring for potential Indications of Compromise.
Webinars & Videos
Fraud Fusion Center are being utilized across the industry to stay ahead of Fraudsters. Join Adam Barrett and Randy Salser and learn how to join a Fraud Fusion Center and become more proactive against fraud.
Insights
By following a well-established response plan for Endpoint Attacks, organizations can help ensure the confidentiality and integrity of their systems and data.
Insights
As artificial intelligence (AI) technology enriches various aspects of our lives, a critical question remains regarding whether its capabilities and implications will drive cybersecurity toward success or serve as a catalyst for its downfall.
Insights
GRID Active Threat Surveillance now includes an Incident Similarity feature which leverages machine learning to enhance incident monitoring and management.
Datasheets
GRID Active is the only built for banking cyber risk management solution that integrates an institution’s compliance program into that platform.
Datasheets
DefenseStorm offers the only built for banking cyber risk management solution with integrated custom risk assessments.