.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Bleeping Computer: A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively.
ZDNet: It was one of the largest cyber-espionage attacks of recent times: hackers compromised several United States government federal agencies as well as big tech companies, and were inside networks for months before anyone spotted them.
The Target: Texas Department of Insurance.
The Take: 2 million records of Personally Identifiable Information affecting 1.8 million individuals were exposed, including: social security numbers, addresses, dates of birth, phone numbers, and worker injury information.
The Vector: A configuration error with an online web portal which manages worker’s compensation information was not properly secured, allowing members of the public to freely access pages of the site containing sensitive information.
This breach is a stark reminder of the importance of access control around public-facing web applications and the configuration of settings that control them. Sensitive information must be protected and ensuring proper authentication and credential management is being used is a key core of maintaining a robust cybersecurity posture.
Insurance Journal: The Department of Justice is changing its policy around a controversial anti-hacking law, addressing longstanding complaints from cybersecurity researchers that the law could criminalize good-faith efforts to improve technology.
Bleeping Computer: Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks but there's a notable uptick in exploiting vulnerabilities.
Financial Post: India will not change upcoming cybersecurity rules that force social media, technology companies and cloud service providers to report data breaches swiftly, despite growing industry concerns, the government said.
SC Media: The firm, which launched last year, is headed by Ted Schlein, formerly of Kleiner-Perkins, who is also on the board of trustees of the non-profit national security venture capital group In-Q-Tel and the board of the CISA Cybersecurity Advisory Committee.
Bleeping Computer: The advisory, jointly released by agencies from the United States, Canada, New Zealand, the Netherlands, and the United Kingdom, includes guidance to mitigate these routinely exploited weak security controls, poor security configurations, and bad practices.
Money Management: Appearing at FINSIA's ‘The Regulators’ event, ASIC commissioner, Cathie Armour, said the case of RI Advice has brought cybersecurity into the public eye as it was the first of its kind in Australia.
ZDNet: KELA's security team published a report examining the cybersecurity issues and attacks that surfaced in 2021 and early 2022, specifically focused on the United Kingdom's banks and other financial services.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy