FCI Cyber Inc.

FCI Cyber Inc.

Share

FCI is a NIST-Based Managed Security Service Provider dedicated to the Financial Services Industry.

With over 20 years of technology experience, Financial Computer has been providing professional cyber security services, solutions and support. With our founder’s knowledge of technology and our select team of passionate security experts, we offer security tools that are easy to implement and keep you compliant with your cyber security policy. Our innovative products and solutions are designed to exceed the requirements and needs of our clients.

Too popular? Fake Claude website distributes malware to visitors 04/26/2026

Too popular? Fake Claude website distributes malware to visitors According to Malwarebytes, the malicious file contains an MSI installer that mimics the legitimate Anthropic installation chain and installs the real Claude application.

04/26/2026
Too popular? Fake Claude website distributes malware to visitors 04/14/2026

🔸 (Cyber News) Threat actors are actively exploiting the popularity of Claude by creating convincing fake websites that distribute trojanized installers.

🔸 In this campaign, users downloading a supposed “pro” version unknowingly install legitimate software alongside hidden malware (specifically a PlugX variant) delivered via DLL sideloading.

🔸 Small details, like misspelled file paths, highlight how subtle these attacks can be.

🔸 Organizations should reinforce user awareness around downloading software only from verified domains, implement endpoint detection and response (EDR) to catch sideloading behavior, and restrict ex*****on from user directories and startup folders.

🔸 Given the rise in AI-themed lures, financial services firms and other high-value targets should treat AI tools as part of their attack surface and incorporate them into phishing and threat simulation training.

Too popular? Fake Claude website distributes malware to visitors According to Malwarebytes, the malicious file contains an MSI installer that mimics the legitimate Anthropic installation chain and installs the real Claude application.

Families should "unlearn trust" as deepfake scams skyrocket 03/26/2026

🔸 (Cyber News) A growing number of Americans are receiving AI-generated “deepfake” scam calls, with one in four reporting they’ve encountered one in the past year, and older adults facing the highest financial losses.

🔸 Cybersecurity experts recommend setting up a family “safe word” or verification phrase to help confirm identity during suspicious calls, since scammers often use urgency and emotional manipulation to pressure victims into acting quickly.

🔸 They also stress that a safe word should only be one layer of protection. People should hang up, call the person back using a trusted number, and verify through another channel whenever possible.

Families should "unlearn trust" as deepfake scams skyrocket With one in four Americans reporting that they’ve received a deepfake phone call in the past year, cybersecurity experts are urging families to set up a “safe word” to avoid being scammed.

Home 02/26/2026

(JD Supra) With the June 3, 2026 Regulation S-P compliance deadline approaching, small RIAs should be taking steps now to strengthen their data protection and incident response readiness. Key areas of focus include:

🔸 Establishing and maintaining written incident response policies and procedures to detect, respond to, and recover from unauthorized access to client information

🔸 Ensuring the ability to notify affected clients within required timelines if sensitive data is compromised

🔸 Reviewing and updating vendor management policies, including written requirements for breach notification and oversight of service providers

🔸 Maintaining detailed records documenting security controls, incidents, and response actions to demonstrate compliance

🔸 Implementing security controls such as endpoint protection, access monitoring, and multi-factor authentication to support policy enforcement
Provide staff training to ensure policies and procedures are understood and followed

Not sure where to begin? Schedule a call with our team of experts to learn more about what FCI can do to help you meet Regulation S-P: https://fcicyber.com/



https://www.jdsupra.com/legalnews/regulation-s-p-june-3-2026-compliance-9273675/

Home FCI is an MSSP (Managed Security Service Provider) that offers Cybersecurity for Financial Services for Protection & Compliance.

SEC Staff Issues 2026 Examination Priorities | JD Supra 02/18/2026

🔸 (JD Supra) The SEC’s Division of Examinations has released its fiscal year 2026 priorities, with a clear emphasis on cybersecurity, operational resilience, and the governance of emerging technologies.

🔸 Regulators are closely evaluating whether firms have effective safeguards in place to protect customer data, detect and respond to cyber incidents, and maintain business continuity during disruptions.

🔸 The SEC is also increasing scrutiny around the use of artificial intelligence, focusing on whether firms have proper oversight, risk controls, and transparent disclosures.

🔸 In addition, technology infrastructure reliability, third-party risk management, and anti-money laundering controls remain key areas of examination, reinforcing the expectation that firms maintain strong, resilient, and well-governed technology environments.

🚨 Looking for guidance? Schedule a call with our cybersecurity regulation specialists to find out how you can enhance your firm's security. https://fcicyber.com/contact-us/



https://www.jdsupra.com/legalnews/sec-staff-issues-2026-examination-8666974/

SEC Staff Issues 2026 Examination Priorities | JD Supra On November 17, 2025, the staff of the SEC’s Division of Examinations released its examination priorities for fiscal year 2026. The release highlights...

Attackers exploit Windows screensaver files to install remote access tools 02/06/2026

🔸 (Cyber News) Attackers are using Windows screensaver (.scr) files in spearphishing emails to quietly install legitimate remote monitoring tools like SimpleHelp, giving them persistent access while bypassing many security controls. Because these tools appear normal, attackers can move laterally, steal data, or deploy ransomware without triggering traditional alerts.

🔸 FCI has observed this campaign targeting financial services in the wild. Our platform is designed to automatically block unauthorized RMM tools, isolate suspicious endpoints, and collect forensic evidence before any persistence can take hold.

🔸 These controls are enforced across all client environments at scale, preventing a single click from turning into an enterprise-wide compromise.

🔸 For organizations not currently protected by FCI: work with your IT provider or security team to block unapproved RMM software and deploy endpoint protection that captures command-and-control traffic. These controls are now essential to stopping modern phishing attacks before they escalate.

🚨 Book a call with our team to learn more about what you can do to keep your firm, your clients, and yourself cyber safe! https://fcicyber.com/contact-us/



https://cybernews.com/security/attackers-exploit-windows-screensaver-remote-tools/

Attackers exploit Windows screensaver files to install remote access tools

The three lines of defense for cybersecurity compliance - Scotsman Guide 02/04/2026

🔸 (Scotsman Guide) Financial institutions are facing growing pressures to protect consumer data under new prescriptive regulations.

🔸 Many organizations struggle to keep up with written security program mandates, risk assessments, vendor oversight, and audit expectations, and the consequences for falling short can include fines, enforcement actions, or even license suspension.

🔸 FCI helps reduce that burden by providing the security controls and expertise that organizations need to strengthen their compliance efforts.

🔸 We align our solutions with the lines of defense model, equipping security teams with tools to manage access and gain real-time visibility, while providing compliance teams with the evidence and reporting they need to support audits and regulatory requirements.

🔸 Through this approach, we empower organizations to meet regulatory expectations with greater confidence, without taking focus away from their core business.

The three lines of defense for cybersecurity compliance - Scotsman Guide Mortgage lenders face expanding data security regulations under GLBA and state laws, requiring written security programs, vendor oversight and breach reporting.

Microsoft patches actively exploited Office zero-day vulnerability 01/30/2026

🔸 (Bleeping Computer) Microsoft has issued emergency out-of-band updates to fix a high-severity Microsoft Office zero-day vulnerability (CVE-2026-21509) that is being actively exploited.

🔸 The flaw allows attackers to bypass Office security features by convincing users to open a malicious Office file, affecting Office 2016, 2019, LTSC 2021/2024, and Microsoft 365 Apps, though the Preview Pane is not impacted.

🔸 Office 2021 and later receive automatic protection after an application restart, while older versions require installing updates or applying a registry-based mitigation.

🔸 Microsoft says Defender detections and Protected View help reduce risk and urges users to avoid enabling content from untrusted files.

Microsoft patches actively exploited Office zero-day vulnerability Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks.

06/14/2023
Want your business to be the top-listed Business in Paramus?
Click here to claim your Sponsored Listing.

Telephone

Address


140 E. Ridgewood Avenue, South Tower, Suite 415
Paramus, NJ
07652

Opening Hours

Monday 9am - 5pm
Tuesday 9am - 5pm
Wednesday 9am - 5pm
Thursday 9am - 5pm
Friday 9am - 5pm