Cybersecurity and Risk Insights and Alerts

September 22, 2021

Our Ransomware 101 blog series addresses multiple aspects of the ransomware issue, including what you should know and what you should do to protect your firm, your clients, and your finances. In part one, we discussed the evolving and growing threat of ransomware. In this article (part two), we’ll provide a framework for what your organization can do to prevent and detect ransomware attacks.

September 15, 2021

A vulnerability has been discovered in Apple products that enables the installation of unauthorized software without the user's permission. The vulnerability is actively used to install Pegasus spyware on devices, allowing user activities to be surveilled by an external party.

September 09, 2021

Microsoft reports a previously unseen “zero-day” attack that uses Office files tainted with specially crafted Active X controls. Once opened, these controls create a vulnerability that enables perpetrators to perform remote code execution.

September 02, 2021

The Personal Information Protection Law of the People's Republic of China is scheduled to go into effect on November 1, 2021. This new law affects all companies and other entities, both inside and outside of China, engaged with personal information about individuals residing in China.

August 31, 2021

ACA’s Spring 2021 Virtual Conference was an opportunity for the regulatory compliance, performance, and cybersecurity community to come together and discuss the many changes of the past year and what the future of GRC looks like moving forward.

August 31, 2021

The SEC announced that it sanctioned eight firms for failure to establish and implement cybersecurity policies and procedures. These failures resulted in multiple instances of criminal email account takeovers causing personally identifiable information from thousands of customers and clients to be exposed.