New cybersecurity threat – Credential stuffing

The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) recently issued a Risk Alert (the “Alert”) discussing cybersecurity observations from its examinations over time. The Alert did not state the time period of examinations included; however, OCIE has conducted several cybersecurity targeted exams over recent years.

OCIE is concerned with an increase in a particular type of hack known as “credential stuffing.”  This type of cyber-attack involves stolen credentials, which are used to log into web-based systems of firms to access client funds.

Read full article on Security Magazine


Date:

Categorie(s):

Tag(s):