LockBit, one of the most deployed ransomware variants in recent years, continues to impact organizations across the globe, including FINRA member firms. Since November of 2023, FINRA has received reports from several member firms related to cyber incidents allegedly perpetrated by LockBit. The reported incidents varied in severity from no impact to significant disruptions in firms’ business operations. As a result, the Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision Program is notifying firms of the increased activity of this threat actor to heighten awareness and visibility of this risk. CAU is also providing a compilation of resources that outline effective practices firms may consider in response to this elevated risk.
This notification warns member firms of an ongoing phishing campaign that began on or around Oct. 9 that involves fraudulent emails purporting to be from FINRA executives, in some instances containing a PDF attachment. These emails are not from FINRA, and firms should delete them and consider blocking their domains.
This notification is to warn member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using the e-mail addresses “[email protected]” and “[email protected]”. The e-mail addresses and domain “data-finra.org” are not connected to FINRA, and firms should delete all emails originating from these domains. Member firms should be aware that they may receive similar phishing emails from other domain names in addition to those identified in this Alert.
FINRA’s Cyber and Analytics Unit (CAU) is highlighting an Okta data breach spanning from September 28 to October 17, 2023 that impacts Okta customer support system users. Okta reported that threat actors downloaded names and email addresses, along with other relevant metadata, of their customer support system users. The information could be leveraged in phishing or other social engineering attacks and potentially lead to the targeting of firm personnel in an Okta administrator or customer support role.
The Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision program highlights recent reports of a CrowdStrike service outage affecting Microsoft operating systems. FINRA continues to monitor the outage.
FINRA is highlighting recently reported vulnerabilities that impact Citrix NetScaler services including NetScaler ADC and NetScaler Gateway. Threat actors can exploit these vulnerabilities to exfiltrate sensitive information and to infect data and systems with ransomware. These Citrix services are typically used in support of internet-based application systems, to balance and manage incoming requests, and to enhance security and resiliency.
While the day trading orule may have been intended to protect traders, it has become a significant barrier for smaller retail investors, exposing them to greater risks rather than providing true protection.1. Lower the Minimum Balance RequirementThe $25,000 minimum balance is prohibitive for many retail investors, effectively excluding them from the benefits of day trading and creating an uneven
