• Windows Vulnerability Identified

    A vulnerability has been identified in Microsoft Windows impacting machines running Windows 7, 8.1 and 10. When exploited, the vulnerability could allow a remote attacker to execute malicious code and take full control of the affected machine. Attackers often utilize targeted spear phishing campaigns to introduce malicious code via an email attachment or link to a compromised website. Users should not open email attachments or click on links embedded inside emails from unknown senders.

    Attackers are leveraging an Adobe Flash vulnerability to take advantage of unpatched Windows security flaw. Microsoft has advised that a patch for Windows systems will be released on November 8th. Firms that have deployed next-generation firewalls and/or antivirus solutions will mitigate some of these potential exploits. To minimize attack surface, RFA advises users to set Chrome as a primary internet browsers until Microsoft patch has been released and deployed. The Google Chrome browser does not allow attackers to utilize Adobe Flash to compromise impacted Windows.
    Adobe has also released a Flash update to version (CVE-2016-7855) to address vulnerability in its Flash Player software.

    The RFA team will apply this patch for all clients subscribing to workstation maintenance services. If you would like assistance in updating your Flash Player software immediately, please contact the 24/7 RFA Service Desk at 212.867.4600 option 2 or help@rfa.com.

  • DDoS Attack Impacting Multiple Services

    RFA is aware of a Distributed Denial of Service (DDoS) attack targeting the Managed Domain Name System (DNS) hosting provider Dyn. The attack has impacted access to multiple major websites and services including Amazon, Okta, Box and Bloomberg, especially within the Northeastern United States. As of 9:43 AM EST, Dyn has indicated that the majority of the attack has been mitigated and the Firm, along with Amazon Web Service Teams, is actively investigating the issues. Users attempting to visiting some sites may experience additional latency or limited functionality.

    RFA is aware some clients experienced intermittent issues with managed multifactor authentication services (Okta) as a result of the attack. Please contact the 24/7 RFA Service Desk if you are experiencing any issues. RFA is continuing to monitor the situation and will provide updates as applicable.

    If you have any questions or require any assistance, please contact the 24/7 RFA Service Desk at 212.867.4600 or via email at help@rfa.com.

  • New Apple iOS Security Update

    Apple has identified multiple security vulnerabilities affecting Apple’s iOS operating system, which could allow a remote attacker to take control of an affected system and execute arbitrary code.

    Apple has released update 9.3.5 to address these vulnerabilities. RFA recommends all users with devices running iOS platforms including iPhone 4s and later, iPad 2 and later, and iPod touch 5th generation and later download and apply the Security Update to mitigate these threats as soon as possible. To install the update: ensure the device is backed up, make sure the device is connected to a power supply and navigate to “Settings”; “General”; “Software Update”.

    If you have any questions or require any assistance, please contact the 24/7 RFA Service Desk at 212.867.4600 or via email at help@rfa.com.

  • New Ransomware Campaign Identified

    A new inbound Ransomware campaign has been identified that is currently propagating across the Internet. The virus is spreading via an email with the subject line “debt fax from <your domain here>”. If the email is opened, the virus begins encrypting data on the network, rendering it inaccessible. RFA strongly urges all clients to advise employees to refrain from clicking on any suspicious links or opening any emails from unknown sources, specifically email with the above referenced subject line, and delete any such emails immediately.

    To mitigate this vulnerability, RFA recommends implementing a manual inbound SMTP block for any email matching the above referenced subject language on anti-spam devices and services. RFA is currently implementing the block for all clients with managed email security.

    If you have any questions or require any assistance, please contact the 24/7 RFA Service Desk at 212.867.4600 or via email at help@rfa.com.


  • Quicktime for Windows

    Quicktime for Windows No Longer Supported by Apple

    The department of Homeland Security Computer Emergency Readiness Team (US-CERT) recently announced that Apple will no longer provide security updates for the Microsoft Windows-specific version of QuickTime, leaving the software vulnerable to malicious cyber activity.

    Advisories have been issued for two vulnerabilities identified in QuickTime for Windows. If exploited, these vulnerabilities could allow remote attackers to take control of affected systems.

    QuickTime for Mac will continue to be supported by Apple and there are no identified vulnerabilities on this platform.

    To mitigate these vulnerabilities, RFA highly recommends uninstalling QuickTime on all Windows machines. Windows Media Player can be used to play media files as an alternative. Clients that subscribe to RFA Maintenance (Compass) services will be contacted to schedule an uninstall timeframe. If you would like assistance with uninstalling QuickTime for Windows, please contact the RFA Service Desk at 212.867.4600 or via email at help@rfa.com.

  • Cisco Vulnerability

    Cisco Vulnerability

    A security advisory has been released regarding vulnerabilities in Cisco ASA software. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause a reboot of the affected system or execute remote code.

    Cisco has released a software updates for this vulnerability. Clients who subscribe to RFA patch management services and require this update will be contacted by the RFA Network Engineering team to schedule deployment of required patches. Clients that do not subscribe to RFA patch management services can also contact the 24/7 RFA Service Desk to schedule updates.

  • Hurricane Joaquin

    The National Weather Service is predicting that Hurricane Joaquin might impact the New York, New Jersey and Connecticut areas at the beginning of next week. RFA is closely monitoring the development of the storm. Our BCP team will be standing by to assist all clients in the event of any business disruptions. RFA has resources allocated to support clients in the event of any unforeseen complications, such as floods or power loss, prompted by natural disasters.

    RFA Managed services, including managed private cloud platforms, co-location services and BCP platform with managed offices are hosted in RFA’s secure data center facilities. The functionality and performance of our emergency systems and critical infrastructure operations is continuously monitored. The facilities are equipped with auxiliary power generators for redundant electricity and are prepared for any weather-related emergencies.

    We recommend that all clients review their Business Continuity Plan and ensure that all employees are aware of emergency escalation procedures.

    RFA will continue to provide updates as we receive additional information on where and when the storm will make landfall. The updates will also include information from utility providers, as well as the location of hotspots where businesses are experiencing disruptions.

    For any assistance, please contact RFA’s 24/7 Service Desk at 212.867.4600 or via email at help@rfa.com.

  • Hedge Fund Standards Board- Cyber Memo

    September 20, 2015

    Cyber Security Memo

    The Hedge Fund Standards Board has released a cyber security memo covering a variety of important topics. Cyber security has become an increasingly prominent focus of the industry. Regulators also are taking a strong interest in understanding and assessing regulated firms’ resilience to cyber attacks. The memo covers the following topics:

    Overview of existing high-level cyber risk management tools
    Framework to identify a firm’s key digital assets (“crown jewels”)
    List of practical “quick win cyber security action items”
    Overview of “cyber security projects” to enhance a firm’s resilience
    Development of an “Incident Response Plan”
    Overview of regulatory requirements, guidance and approaches to cyber security

    Download the full memo.


  • SEC OCIE Release

    September 15, 2015

    The SEC Office of Compliance and Inspections (OCIE) has released a new cybersecurity alert to provide more insight into specific areas of focus that Registered Investment Advisors should concentrate on as they will be highlighted in the next round of cybersecurity compliance examinations. The key areas of interest are:

    Data Governance
    Access Controls
    Data Loss Prevention
    Vendor Management
    Incident Response

    Clients that have engaged RFA to perform a Cybersecurity Assessment have already been consulted on all of the above mentioned items. For further information on how the alert relates directly to your firm, please contact your RFA Account Manager or call the RFA managers hotline at 212-220-9020.

    Read the full alert.