Treasury Boot Camp
Dan Carmody, who has spoken at past PhilaAFP events, provided us with information about a Treasury Management Boot Camp that he is sponsoring. A brief description of the boot camp is:
Treasury Boot Camp is an intense two day treasury and risk management training program that covers liquidity management, treasury risk management, international cash management, internal controls, treasury technology and more!
This CTP credit eligible course will facilitate active learning by studying real-world examples of treasury and risk management best practices. Furthermore, the Treasury Boot Camp will encourage group discussions and provide opportunities for professional networking.
More information regarding this program can be found at the following website:
Cyber Attack Alert
EternalRocks Ransomware on the Horizon – Important information from our friends at Layer8Security:
Organizations should be aware of a new strain of ransomware called EternalRocks. To illustrate the high threat of this particular ransomware, it has earned the nickname “Doomsday Worm.” Please forward this to your appropriate technical staff.
EternalRocks has seven vulnerabilities that exploit Microsoft Server Message Block (SMB). WannaCry only used two.
EternalBlue – SMBv1 exploit
EternalRomance – SMBv1 exploit
EternalChampion – SMBv2 exploit
EternalSynergy – SMBv3 exploit
SMBTouch – SMB recon
ARCHTouch – SMB recon
DoublePulsar – backdoor trojan, infects other computers on the same network with one of the four SMB exploits
These vulnerabilities call out to Tor Command and Control (C&C) servers for tasking and download other payloads. EternalRocks has no “kill switch.” It is designed to be invisible and live on the infected computer until some future cyber attack occurs. Once infected, the worm stays dormant for 24 hours before calling to its C&C server.
There is time to mitigate, close holes and patch systems already infected because the infection has not been fully exploited yet.
Microsoft issued patches for EternalRocks: MS17-010
Tenable has created plugins to scan for system vulnerabilities
Yara rules exist to detect infections
Communicate with your third-party vendors to ensure they are prepared and secure
These are low-hanging fruits that organizations should address to provide more security against EternalRocks.
If you have questions regarding this alert, please contact Layer8Security at
Blockchain for Dummies
Want to learn more about blockchain? Click on the link below for a simple, easy-to-read article recently published on LinkedIn.
Digital Identity Tracker February 2017
MARK YOUR CALENDARS: NY CYBERSECURITY REGULATIONS TO GO INTO EFFECT
If your organization is regulated by the New York Department of Financial Services (NYDFS), March 1, 2017 is an important date to mark on your calendar. On that day, absent further modification, the NYDFS’s modified Cybersecurity Regulations will take effect and will impose substantial cybersecurity obligations on banks, insurers and financial institutions that operate in the state of New York. The reach of these regulations, however, is not just limited to traditional financial services entities. As currently proposed, the regulations also apply to colleges, universities, and religious and philanthropic entities that are permitted under N.Y. Insurance Law to issue charitable annuities. If your organization is regulated by NYDFS, maintains or has access to personal information, and (i) has 10 or more employees (including independent contractors), (ii) more than $5 million in gross annual revenue in each of the last three fiscal years, and (iii) has more than $10 million in year-end total assets, it will be required to comply with the Cybersecurity Regulations.
The full article can be found at the following link:
Major Exploit Still Affecting Philadelphia Companies
Layer 8 Security has an on-going relationship with local and federal law enforcement that allows us to know in advance when certain threats will be prevalent. We receive notices and bulletins from the FBI and other intelligence sources on a consistent basis. In some cases, dissemination is limited; however, in this case a wide dissemination is allowed. We are glad to send this alert to keep you and your company safe.
Recently, several Philadelphia businesses have fallen victim to the OpenSSL cybersecurity exploit known as Heartbleed, which created a news frenzy in 2014. We’re extremely surprised that there are still companies that haven’t patched or updated their assets to defend themselves against this exploit.
According to our sources, there are nearly 200,000 servers and Internet-connected devices running out-dated OpenSSL software still vulnerable to Heartbleed. The initial analysis of the Heartbleed vulnerability found over 600,000 devices which led to one of the largest media blitzes to fix a technology bug. The bug can be exploited to reveal chuncks of memory to any client that connects to the server.
What this means for you:
While you likely have heard about Heartbleed years ago, the threat still exists. A “bad guy” could use the Heartbleed exploit to remotely execute malicious code on your servers which results in a compromise of sensitive data. Organizations need to verify that their assets (Cloud servers, data, backup systems, etc.) do not run a vulnerable version of OpenSSL, and if they do, patch them immediately. Also, this should act as a good reminder to review policies and procedures on asset maintenance.
CYBER SECURITY UPDATE:
At a recent seminar on cyber security, an associate from the FCC informed the audience that the National Institute of Science and Technology (NIST) had published a framework to reference when companies are addressing the issue of cyber security. A link to that website is provided below. This is a topic that is becoming more relevant every day, and we are pleased to provide this information to you for your perusal and use.