Cybersecurity and Risk Insights and Alerts

May 06, 2021

ACA’s virtual spring conference is right around the corner. We encourage ACA Aponix clients to attend the sessions below or to invite other members of their teams to join in. Here’s a sneak peek at what you can expect and what you can expect to take away.

April 22, 2021

On April 14, the U.S.DOL issued a news release with guidance on cybersecurity for retirement plan administration aimed at plan sponsors, fiduciaries, record-keepers and participants of plans regulated by ERISA, the federal law that sets the minimum standards for retirement and health plans in private industry. Get the details on this guidance as well as our recommendations.

April 14, 2021

Learn about the new software patches Microsoft released on April 14, 2021 to address 19 critical vulnerabilities as well as a new Zoom vulnerability discovered at the Pwn2Own white hat hacker event.

April 14, 2021

​​​​​​​When Microsoft announced patches for the four “zero-days” that were revealed on March 2, 2021, the full extent of the vulnerability was not known. Security experts continue to notify victims, coordinate remediation, and suggest remaining vigilant for “stage 2” of this attack, i.e., further exploitation of the backdoors left on the already-compromised servers.

March 29, 2021

Apple has issued urgent updates for its iPhone, iPad, and iWatch devices. According to Apple, these updates patch a discovered “cross site scripting” vulnerability that allows bad actors to inject malicious code into web pages. The code could be enabled when users access these pages using browsers on Apple devices. This vulnerability may already have been exploited.

March 19, 2021

Multiple firms have reported receiving emails from an organization posing as the International Fund Manager Regulator (IFMR). There is no legitimate international global regulatory authority for fund managers. This email is a phishing attempt.