.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Fox News, a U.S based news organization.
The Take: Exposure of Personally Identifiable Information including: internal employee emails, usernames, employee ID numbers, affiliate information, event logging, host names, IP address, and device data.
The Vector: A misconfiguration of a storage server left the data exposed online, meaning anyone with an internet connection could have accessed and downloaded the information.
This breach highlights the critical importance of employing robust practices of credential management, user authentication and validation. An unprotected point of entry on a key piece of equipment like a storage server can lead to a breach with a cascading effect on data security. The detailed personal information, along with the event logs and sensitive company information, can lead to highly effective phishing attacks.
Globe Newswire: NopSec, a leading Risk-Based Vulnerability Management platform, today released findings from their Venture-Backed Women in Cyber report. This new report analyzed 654 startups that raised more than $1 million in funding from Jan. 1, 2020, to Dec. 31, 2021.
Info Security: Half of UK cybersecurity chiefs feel burnt out and are thinking about resigning due to the immense pressure they’re under, according to a new study from Vectra AI.
ZDNet: Losses from Australians to investment scams increased by 90% to AU$103 million from the start of the year to March 20, with the Australian Competition and Consumer Commission saying payments made to scammers are most often made in cryptocurrency.
Crunchbase News: Funding to venture-backed cybersecurity startups continues at an impressive clip—although significantly off the record high set last quarter.
RTE: Bank of Ireland has been fined €463,000 by the Data Protection Commission for data breaches affecting more than 50,000 customers.
The Straits Times: Financial institutions today rely heavily on technology to deliver financial services, Monetary Authority of Singapore (MAS) board member Alvin Tan told Parliament on Monday (April 4) during the second reading of the Financial Services and Markets Bill.
Bleeping Computer: Email marketing firm MailChimp disclosed that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.
The Target: Palo Alto Networks, a U.S based cybersecurity company.
The Take: Exposure of Personally Identifiable Information including: names, business contact information, conversation records, conversation records, email addresses, and support tickets with attachments such as firewall logs, configurations, and other debugging assets.
The Vector: A misconfiguration of Palo Alto’s support ticketing system allowed anyone with an internet connection to login and view support tickets, gaining access to personal and client company information.
The breach is critical reminder of the importance of credential management and authentication around points of access which expose customer data. The information gathered in support scenarios is especially sensitive as the exposed details can greatly aid malicious actors in crafting highly targeted and effective spear-phishing campaigns. All points of access should be appropriately locked down and employing another layer of security like Two-Facto Authentication is highly recommended.
ZDNet: A new report examines how an organization's approach to cyberattack incident and response strategies can have implications for investment in the broader cybersecurity market.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy