.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
JDSupra: On August 29, 2022, Ellington Management Group, LLC reported a data breach with the Montana Attorney General after the company learned that an unauthorized party had gained access to two employee email accounts.
Commercial Observer: We’ve all done it. You leave your computer with a stranger’s promise to “keep an eye on it” in a café. Your kid messes around on your laptop in your home office. You scroll through Facebook during a tedious Zoom meeting. What’s the harm?
Bleeping Computer: China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet.
Forbes: Most forward-thinking corporations understand the benefits of taking a proactive approach to cybersecurity. If investments haven’t been made from the desire to protect customer and client data, it is seemingly being invested in by organizations that do understand the potential negative impacts on brand and reputation should they not take it seriously.
The Target: Workforce Safety & Insurance, North Dakota’s division of workplace safety and worker compensation.
The Take: Exposure of 182 records of Personally Identifiable Information including: emails between claimants and WSI, voice-mails containing information about said claims, and emails between WSI and their business partners.
The Vector: The attacker penetrated Klaviyo’s internal systems by tricking an employee to give up their company credentials through a phishing attack, allowing the threat actor to access systems with all the privileges of the stolen login.
This breach highlights critical need for employee training to protect a firm against phishing attacks. By using the exposed credentials, the attackers were able to act with all the same permissions as the affected employee. The human component of cybersecurity is a very real and important piece of the overall picture of cybersecurity posture. Furthermore, the sensitive information breached can lead to highly targeted spear-phishing attacks as it lends credence.
Business Live: Mid-market private equity firm LDC has sold its minority stake in Nottingham-based managed IT and cyber services provider Littlefish to Bowmark Capital following a three-year partnership.
CoinDesk: Coinbase (COIN) failed to properly secure customers' accounts, leaving them vulnerable to theft and unauthorized transfers, a putative class action lawsuit filed against the crypto exchange last week alleges.
CNN: Twitter has major security problems that pose a threat to its own users’ personal information, to company shareholders, to national security, and to democracy, according to an explosive whistleblower disclosure obtained exclusively by CNN and The Washington Post.
IT World Canada: A specialty broker providing cyber insurance has found a way to attract business from Canadian small and medium-sized organizations: Partnering with a cloud provider that helps firms meet a cybersecurity standard.
The Washington Post: A ransomware gang is leaking documents revealing just how deeply they penetrated the systems of a U.K. water treatment plant that serves hundreds of thousands of customers, potentially gaining access to controls of the facility.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy