In a report on the hack of Twitter by a "17-year-old" and his accomplices, the New York State Department of Financial Services recommended a new cybersecurity regulatory framework for the largest social media companies.
The Office of Compliance Inspections and Examinations alerted firms to the increased prevalence of "credential stuffing," a cyberattack method that involves the use of automated scripts to attempt to log into customer accounts using stolen personal information.
The SEC proposed amendments to the national market system plan governing the Consolidated Audit Trail that would (i) increase security requirements for the use of collected data and (ii) reduce the scope of sensitive information required to be collected.
The Office of Compliance Inspections and Examinations identified compliance issues for broker-dealers and investment advisers resulting from market volatility and operational disruptions due to the COVID-19 pandemic.
FinCEN alerted financial institutions to indicators of COVID-19-related cybercrime. The alert concerns (i) the exploitation of remote platforms, particularly against financial and healthcare systems, (ii) phishing, malware and extortion schemes, and (iii) business email compromise fraud.
At a meeting of the CFTC Technology Advisory Committee, industry representatives considered presentations on automated and modern trading markets, distributed ledger technology and market infrastructure, virtual currencies, and cybersecurity.
The U.S. House Financial Services Subcommittee on National Security, International Development and Monetary Policy considered legislative proposals aimed at addressing fraud and cybersecurity vulnerabilities.
In a cyber threat advisory, the U.S. Departments of Treasury, State, Homeland Security, and the Federal Bureau of Investigation warned that North Korea is carrying out malicious activities to fund "regime priorities."