Companies that use Fortinet’s FortiManager product could be exposed to a remote, unauthenticated attacker executing arbitrary code or commands due to a critical product vulnerability (CVE-2024-47575), according to two recent alerts from the Cybersecurity & Infrastructure Security Agency (CISA).
Financial Industry Regulatory Authority, Inc. (“FINRA”) is filing with the Securities and Exchange Commission (“SEC” or “Commission”) a proposed rule change to amend the FINRA Code of Arbitration Procedure for Customer Disputes (“Customer Code”) to clarify and, in some instances, amend the applicability of the Document Production Lists to simplified customer arbitrations administered under FINRA Rule 12800.
n the event a Vendor misses transmission of TRACE data and would like to request retransmission, please follow the steps outlined on this page. Note: Only existing vendors can request retransmission of TRACE data.
The FINRA Entitlement Program provides a secure way for firms to access many of FINRA’s web-based systems.
Listing of FINRA's Board of Governors.
On This PageResponsibilitiesFirm or Identity Provider (IdP)FINRA or Service ProviderIntegration RequirementsCertificate HandlingSupported ProtocolIdP Entity IdEmail DomainAuthentication FlowSAML2 Details SP MetadataNameId FormatBindingsAttributesSP Message Algorithms:GlossaryResponsibilitiesFirm or Identity Provider (IdP)The Identity Provider is responsible for ensuring accurate identification of
FINRA requires firms to report short interest positions in all customer and proprietary accounts in all equity securities twice a month. All short interest positions must be reported by 6 p.m. Eastern Time on the second business day after the reporting settlement date designated by FINRA.See the schedule of reporting dates below.2024 Short Interest Reporting DatesSettlement DateDue Date 1
On June 25, 2024, Progress Software released the MOVEit Transfer Critical Security Alert Bulletin (the Alert Bulletin) for CVE-2024-5806, a newly identified Critical Vulnerability, which was described as an Improper Authentication vulnerability in MOVEit Transfer, Secure File Transfer Protocol (SFTP) module and could lead to Authentication Bypass.
ONNX Store, a Phishing-as-a-service platform (PhaaS), is targeting Microsoft 365 (M365) accounts at FINRA member firms with an advanced social engineering attack known as quishing: a business email compromise (BEC) attack that uses QR codes in embedded PDF documents to redirect victims to phishing URLs.
Have you ever thought about how online stock trading works? Once you hit enter on an order to buy or sell a stock, what happens next? There might be more steps in the stock trade process than you realize.
