Big Law Insider Trading Scheme Exposes Document Security Flaws

Big Law Insider Trading Scheme Exposes Document Security Flaws

M&A lawyers’ use of confidential client data for alleged insider trading shows how Big Law document management systems can be a vulnerability for those intent on exploiting them.

The spotlight on unauthorized access to confidential data is a result of criminal cases involving three attorneys accused of improperly accessing internal documents at seven different law firms. One of the three, Nicolo Nourafchan, pleaded not guilty Monday to charges that he led a massive ring that made tens of millions of dollars in illegal profits.

According to US Securities and Exchange Commission charging documents, in 2018 Nourafchan described to one of his attorney co-defendants, Gabriel Gershowitz, how he obtained confidential information about mergers and acquisitions from his law firm’s document management system. Nourafchan searched the system using keywords and viewed documents in preview or read-only mode to minimize any electronic trail of his access to the files, the complaint said.

Without strong governance, companies put credit ratings at risk in AI era

A new report from S&P Global provides a blueprint for how companies can adapt to the changing threat environment.

…

“AI has not changed what effective cybersecurity looks like,” S&P analysts wrote in their report. “It has changed the speed and scale at which weaknesses are exposed.”

With that in mind, the report stresses the importance of vigilant governance measures to quickly identify cyberattacks, both AI-fueled and otherwise, before they metastasize into operational headaches. “Research on organizational cyber resilience consistently identifies governance failures as more financially damaging than purely technical ones,” S&P said.

The pressure that AI is putting on companies has reemphasized the importance of key organizational qualities that ratings analysts consider. Those include elevating the CISO’s importance inside the organization, transforming it from an operational role to a strategic one; the implementation of zero-trust architecture, making it easier to contain the identity-related compromises that are so ubiquitous in the modern threat environment; and the integration of AI governance into operational workflows.

UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

As AI-powered cyber-attacks are a top risk for UK cybersecurity professionals, investment priorities over the next 12 to 24 months is set to focus on AI and advanced threat preparedness.

This according to new findings from ManageEngine which surveyed 1500 IT and business decision-makers across the UK, Spain, Germany, Italy and the Netherlands.

The firm found that 43% of UK respondents identified AI-powered attacks as their single biggest risk over the next 12 months, ahead of traditional threats such as ransomware, phishing and data breaches.

The top spending commitment cited by 41% of UK respondents is set to focus on tackling AI and advanced threats.

ManageEngine said AI-powered attacks are the top predicted risk in Germany and Spain also, with investment priorities aligned accordingly across all five countries surveyed.

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites.

Thousands of websites have been compromised in DriveSurge campaigns to redirect visitors to malware-delivery infrastructure, according to researchers at cybersecurity company SilentPush.

ClickFix is a popular social engineering tactic that deceives victims into copying and executing malicious commands on their systems, often resulting in malware infections under the pretense of resolving a technical issue.

In FakeUpdates attacks, threat actors entice victims with fraudulent software update prompts, usually impersonating browser updates, to trick them into downloading and installing malicious payloads.

According to Silent Push researchers, the DriveSurge threat actor primarily functions as an initial access broker (IAB) operating on a pay-per-install (PPI) model, enabling follow-on attacks.

Visitors of compromised websites are redirected through a Traffic Distribution System (TDS) known as zTDS, which profiles them and determines whether a FakeUpdates or a ClickFix lure is more appropriate.

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta’s “AI support assistant” bot into resetting account passwords.

On May 31, word began to spread on several Telegram instant message channels that Meta’s AI bot would happily add an email address to an existing account as part of the bot’s standard password reset flow.

A video released on Telegram by pro-Iran hackers claimed to document a remarkably simple exploit that appears to have involved using a VPN connection with an IP address that is in or near the target’s usual hometown, requesting a password reset for the account, and then choosing to chat with Meta’s AI support assistant. From there, the video shows the attacker told the bot to link the account in question to a new email address, after which the bot dutifully sent that address a one-time code that allowed a password reset.

7 tabletop exercise mistakes that sabotage incident response

Tabletop scenarios offer the opportunity to test incident response playbooks and develop decision-making skills, but only when properly set up and managed.

Discussion-based, low-stress simulations during which IT, legal, and other key leadership stakeholders walk through theoretical scenarios to test their preparedness for cyber incidents is a popular and highly useful tool. Yet unless tabletop training is properly handled, the results can be misleading and potentially destructive.

When your organization’s incident response training consistently fails to meet its goals, it opens the way to an array of often unanticipated threats. Fortunately, running an effective tabletop isn’t as challenging as responding to the real deal. Here’s a rundown of the seven most common tabletop exercise mistakes to avoid.