.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The target: Social media giant Facebook.
The take: Passwords for between 200 and 600 million user accounts.
The attack vector: Passwords were stored in plaintext on internal systems dating back to 2012 and were accessible to more than 20,000 Facebook employees. Access logs show that at least 2,000 engineers or developers made approximately 9 million internal queries for datasets that contained plain text user passwords.
BusinessInsider: A prominent Silicon Valley investor and Facebook board member has denied claims that he met with a Cambridge Analytica representative as early as 2016. The Observer reported that Marc Andreessen, a founding partner at VC firm Andreessen Horowitz and current Facebook board member, hosted a meeting with former Cambridge Analytica employee Chris Wylie over concerns about the way the political consultancy was manipulating people's data...
BusinessInsider: A prominent Silicon Valley investor and Facebook board member has denied claims that he met with a Cambridge Analytica representative as early as 2016. The Observer reported that Marc Andreessen, a founding partner at VC firm Andreessen Horowitz and current Facebook board member, hosted a meeting with former Cambridge Analytica employee Chris Wylie over concerns about the way the political consultancy was manipulating people's data...
BusinessStandard: He’s the accused mastermind of one of the biggest hacks ever. He and his crew allegedly pilfered information from more than 80 million JPMorgan Chase & Co. clients and ran online gambling, stock manipulation and money laundering schemes around the world. Gery Shalon, charged with those crimes four years ago, has rarely appeared in court since he was extradited to the US. Now it’s clear why: Shalon is helping US authorities, according to people familiar with the matter...
BBC: The warning came in a National Audit Office (NAO) assessment of the UK's national cyber-defence plan. The government is increasingly worried that these essential sectors will be targeted by foreign states seeking to disrupt UK life. Modern life was now "totally dependent" on cyber-security, said one expert...
CBC: It starts with what sounds like a promising phone call: For a one-time fee, you can lower the interest rate on your credit card. But the person on the other end of the line isn't with your bank or credit card company: They're a fraudster, looking to cash in on a common frustration.And what they're really after is your identity...
FourthSource: Marketers have turned on the taps with unprecedented online spending. eMarketer reports that for the first time digital ad spending in the US will exceed traditional ad spending, while by 2023, digital will surpass two-thirds of total media spending. The big winners are being crowned — not least Google (responsible for 38% of digital online spending); Facebook (21%) and rising star Amazon (7%)...
ZdNet: Banking Trojans are popular in cybercriminal schemes given the valuable data and financial service credentials they can steal in successful cyberattacks. Banks find themselves a constant target for relentless attacks against their apps and infrastructure. Their names, too, are abused by threat actors which use them in phishing campaigns and through copycat malicious domains designed to dupe customers into handing over their account credentials...
The target: Cathay Pacific Airlines, a Hong Kong airline.
The take: Personal information including names, dates of birth, addresses, and some passport numbers and e-mail address for 9.4 million clients.
The attack vector: It’s believed that vulnerabilities were discovered and exploited due to poor planning and a failure to adapt security practices and postures during a transition from legacy IT systems to cloud-based infrastructure.
CNet: An Australian man has been arrested after allegedly raking in an estimated AU$300,000 ($211,000) selling stolen login details online. The man was allegedly behind the website WickedGen.com, which boasted that it had 120,000 users and sold Netflix, Spotify and Hulu logins stolen from almost 1 million accounts...
BankInfoSecurity: Citrix Systems says it's investigating an apparent penetration of its network and theft of business documents by hackers. The technology giant, which is based in Fort Lauderdale, Florida, says it was alerted to the suspected intrusion on Wednesday by the FBI and that it has launched a digital forensic investigation...
FinNews: The number of cyber attacks more than doubled last year. The attackers have also become much more aggressive in their approach and developed a strong will to persist with their campaigns. Cyber attacks on financial services firms that aimed to harm their infrastructure increased by 160 percent on a global scale over the past twelve months, according to Carbon Black and Optiv Security, two cyber security firms...
EuropeanUnion: The EU is stepping up its capacity to protect Europe against ever-increasing cyber threats by creating a new structure to pool and network its expertise in cybersecurity research, technology and industrial development. Today, the Council's Permanent Representatives Committee granted the Romanian presidency a mandate to start talks with the European Parliament on establishing a top knowledge base for cybersecurity called the European Cybersecurity Industrial...
MaltaToday: A confidential IT security report seen by MaltaToday shows that HSBC Malta was targeted by the hacking group EmpireMonkey months in advance before their successful hacking of Bank of Valletta.The group carried out a €13 million heist from the bank on 13 February, which led BOV to temporarily take its services offline...
SydneyMorningHerald: Foreign Minister Marise Payne has warned that the internet and cyber security are now so central to modern nations that serious hacking incidents could escalate into war. Senator Payne, during an address to the Lowy Institute in Sydney, noted that Australia had recently suffered its own serious assault on democratic institutions in the form of hack attacks on Parliament and the major political parties...
NikkeiAsianReview: Japan will work with dozens of other countries and organizations to create the Asia-Pacific's first alliance to fight cyberattacks, hoping to enhance the region's cybersecurity by enlisting Russia and China, Nikkei has learned. The move will involve members of the ASEAN Regional Forum, which includes Japan, the U.S., the E.U...
The target: Sonic Restaurants, an American fast-food chain.
The take: An estimated five million credit and debit payment card accounts were compromised as a result of the attack.
The attack vector: The success of the attack was attributed to the age of Sonic’s Point-of-Sale systems, which were no longer receiving security updates and which were inherently vulnerable to manipulation and data exfiltration.
AJC: A former executive at Atlanta-based Equifax has pleaded guilty to insider trading in the wake of the company’s massive data breach in 2017. Jun Ying, 43, former chief information officer of an Equifax division known as U.S. Information Solutions, sold more than $950,000 in stock in the weeks after the company discovered the breach but before the incident was made public...
BusinessStandard: Chinese hackers have targetted over two dozen universities in the US and Canada in an apparent bid to steal key maritime military research, The Wall Street Journal has reported. In all 27 universities -- including the University of Hawaii, the University of Washington, Penn State and Duke University and Massachusetts Institute of Technology -- were found to have been hit by the hackers, according to a report by cyber security firm iDefense which was accessed by The WSJ...
Fortune: Cybersecurity startup KnowBe4 has secured a minority investment from private equity giant KKR that values the firm at more than $800 million. KKR is making an initial commitment of up to $50 million in KnowBe4, according to sources with knowledge of the transaction, with plans for an additional investment in the company already in the works...
Time: Hackers linked to North Korea continued waging cyberattacks against U.S. companies and other targets while leaders from Washington and Pyongyang met for their second summit last week, the New York Times reports. Throughout the ongoing, 18-month operation, hackers from Lazarus group have persistently targeted key industries...
HarvardBusinessReview: Another year and another hack and what seems like a very long wait to learn that it happened. Recently, Marriott waited 11 weeks to reveal that 383 million customer records had been compromised, exposing at least 25 million passport numbers and 8 million payment cards. Can you imagine a company like Marriott waiting for 11 weeks to disclose its quarterly earnings numbers? That wouldn’t be acceptable...
Euronews: LONDON (Reuters) - Britain's banks will have to show they could recover from a cyber attack within hours to avoid customer payments being delayed to the next day, the Bank of England said on Tuesday. The BoE said it would hold a pilot cyber stress test of lenders mid-2019 but individual results won't be published...
Zdnet: The top management at some of the UK's biggest companies still don't fully understand the potential risks of a cyberattack on their business, says a government report. While nearly every big company (96%) claims to have a cybersecurity strategy in place, less than half (46%) back that up with dedicated budget. And only one in eight (16%) say they have a comprehensive understanding of the impact of loss or disruption that comes with cyber threats...
The target: Target, an American retailer.
The take: PPayment card information, and/or names, phone numbers and e-mail addresses for up to 70 million customers.
The attack vector: Attackers accessed Target’s network via credentials stolen from a third-party HVAC vendor, installed malware and exfiltrated the data in what was one of the first major data breaches to make headlines.
GlobeNewswire: Since 2017 there has been a 400 to 600 percent increase in the amount of cryptomining malware being detected globally, the vast majority of which has been found on social media platforms. Of the top 20 global websites that host cryptomining software, 11 are social media platforms like Twitter and Facebook...
CanadianSecurityMagazine: Cyber security incidents have become the new normal for Canadian companies, with 100 per cent of organizations experiencing attacks, according to the findings of a new study from Scalar Decisions Inc. of more than 400 Canadian IT and security workers...
PRNewswire: It was announced that Ionic Security Inc. closed a $40 million Series E round led by financial services leader JPMorgan Chase & Co., with participation by Google LLC as a new investor. Current venture investors Kleiner Perkins, GV, Icon Ventures, Meritech Capital, TechOperators and Ten Eleven Ventures participated, alongside other new and existing investors. JPMorgan joins Goldman Sachs and SunTrust Bank as the third major financial services firm to invest in Ionic Security...
Thescottishsun: TESCO customers are being warned about a new scam that could let fraudsters take control of your account. The supermarket said a number of its shoppers had received a phishing email about a grocery order they hadn't placed online. More than 400,000 phishing emails are reported to Action Fraud every year - and those are just the ones flagged by victims...
Insidesources: Cyber attacks on hospitals and healthcare providers have become a regular occurrence. On Feb. 1, it was Easton Hospital in Easton, Pennsylvania. On Feb. 4, it was the Catawba Valley Medical Center in Hickory, North Carolina. On Feb. 20, it was the Calbrini Hospital in Melbourne, Australia...
pymnts: A man in India tricked 12 people out of $250,000 with a scam involving a fake cryptocurrency named after the Indian version of the show “Who Wants To Be A Millionaire,” according to reports. Pritam Patil allegedly asked the victims to invest in the initial coin offering (ICO) of his “KBC Coin,” named after Kaun Banega Crorepati, a wildly popular Indian show...
InformationAge: The number of data breaches reported by UK financial services firms to the Financial Conduct Authority (FCA) increased 480% in 2018, to 145 up from just 25 in 2017*, shows research from RPC, the City-headquartered law firm. Data breaches are on the rise. And, the financial services sector is an especially lucrative target; along with the personal data bulging healthcare sector...
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
84 Chain Lake Drive, Suite 501
Halifax, NS
Canada, B3S 1A2
+1-902-429-8880
Manila
Ground Floor, Three E-com Center
Mall of Asia Complex
Pasay City, Metro Manila
Philippines 1300
Sydney
Level 36 Governor Phillip Tower
1 Farrer Place Sydney 2000
Australia
+61 (2) 8823 3370
Abu Dhabi
Floor No.15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy