.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
Business Wire: It is both stability and change in the Allianz Risk Barometer 2023. Cyber incidents and Business interruption rank as the biggest company concerns for the second year in succession (both with 34% of all responses). However, it is Macroeconomic developments such as inflation, financial market volatility and a looming recession (up from #10 to #3 year-on-year), as well as the impact of the Energy crisis (a new entry at #4) which are the top risers in this year’s list of global business risks, as the economic and political consequences of the world in the aftermath of Covid-19 and the Ukraine war take hold.
The Target: CAF, the French Social Security agency
The Take: 10,000 records of Personally Identifiable Information exposed including: physical address, date of birth, household composition and income, amounts and benefits received.
The Vector: An unencrypted and unprotected file containing the above information was sent to a third-party service provider, who then posted the file to their website which was publicly accessible to anyone.
This breach is a reminder of how critical authentication controls are on sensitive data to maintain an overall robust cybersecurity posture, and more critically, ensuring these controls are in place when communicating and sending data to third-party vendors. The information stolen in this attack could lead to highly targeted phishing campaigns against the victims. Regular vendor assessments are also a key component in cybersecurity.
Private Equity Wire: Global investment firm Carlyle has led a $55m Series B investment round in Hack The Box, a cybersecurity upskilling and talent assessment platform, with a global community of more than 1.7 million members and a portfolio of more than 1,500 enterprise, government and university customers.
Bleeping Computer: Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information.
Cision: An uptake in high-profile data breaches and the exponential rise in digitization have redefined the dynamics in the cybersecurity industry. Stakeholders have become cagey towards data management practices and cybersecurity vulnerabilities.
Toronto Star: The federal public safety minister says he is prepared to work with other parliamentarians to revise the Liberal government’s cybersecurity bill after civil society groups and opposition MPs raised transparency and accountability concerns.
Reuters: Hackers have disrupted access to the websites of Denmark's central bank and seven private banks in the country this week, according to the central bank and an IT firm that serves the industry.
Dark Reading: Since OpenAI released ChatGPT in late November, many security experts have predicted it would only be a matter of time before cybercriminals began using the AI chatbot for writing malware and enabling other nefarious activities. Just weeks later, it looks like that time is already here.
The Star: Des Moines Public Schools announced that classes would be cancelled for its 33,000 students after being “alerted to a cyber security incident on its technology network.“
The Target: Twitter, a U.S based social media platform.
The Take: Exposure of 235 Million records of Personally Identifiable Information including: email addresses, usernames, and phone numbers.
The Vector: A zero-day exploit was used which allowed the attacker to scrape Twitter user profiles for the stolen information. This vulnerability circumvented Twitter’s privacy option which should prevent searching am account by it’s associated phone number/email.
This breach is critical reminder that zero-day exploits do happen, and furthermore that patching software in a timely, effective manner is a key component of ensuring customer data is protected.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy