.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
CoinDesk: Coinbase (COIN) failed to properly secure customers' accounts, leaving them vulnerable to theft and unauthorized transfers, a putative class action lawsuit filed against the crypto exchange last week alleges.
CNN: Twitter has major security problems that pose a threat to its own users’ personal information, to company shareholders, to national security, and to democracy, according to an explosive whistleblower disclosure obtained exclusively by CNN and The Washington Post.
IT World Canada: A specialty broker providing cyber insurance has found a way to attract business from Canadian small and medium-sized organizations: Partnering with a cloud provider that helps firms meet a cybersecurity standard.
The Washington Post: A ransomware gang is leaking documents revealing just how deeply they penetrated the systems of a U.K. water treatment plant that serves hundreds of thousands of customers, potentially gaining access to controls of the facility.
Fortune: With the pace of economic growth slowing and inflation at a multi-decade high, that has led many people living in the U.S. to start entertaining the “R” word: recession. In 2022 we’ve experienced what’s being coined a “technical recession,” or two consecutive quarters of negative growth in GDP (gross domestic product).
Reporter Wings: Many of Wall Street’s biggest banks are nearing agreements to pay as much as $200m each and admit that their employees’ use of personal messaging apps such as WhatsApp violated regulatory requirements, according to people familiar with the matter.
The Target: BharatPay, an India-based financial services firm providing cash deposits, fund transfers, and online purchasing.
The Take: Exposed 37,000 records of Personally Identifiable Information including: usernames, hashed passwords, mobile phone numbers, email addresses, transaction data (such as transaction ID and bank balance), and API keys.
The Vector: The cause of the attack was an outdated software version of PHP allowing the threat actor to inject malicious JavaScript code and have it executed. The firm had only last updated their software years ago in 2020. By exploiting a known issue, the attacker was able to penetrate the firm’s systems.
This breach highlights the ongoing and ever-present need for the regular and quick patching of all software relied upon by the firm for daily operation. When known vulnerabilities are fixed by the software company, and patches released to the public, it is incumbent upon the firm to take responsibility and deploy these patches immediately to avoid a loss of integrity and data which could have easily been prevented.
Verdict: Investment firm KKR has completed its $3.8bn deal to acquire cloud-first security company Barracuda as cybersecurity investments slow down.
Cyber Security News: The observations of “numerous” businesses ended up unveiled in a policy paper, released currently by the Department for Society, Media, and Sport (DCMS), which investigated the encounters of cyber attacks on UK firms.
SEC: The Securities and Exchange Commission announced charges against three individuals for illegally tipping and trading in the securities of Equifax, Inc. in advance of the company's public announcement on September 7, 2017 that it had experienced a massive cyber intrusion and data breach.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy