.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Bleeping Computer: Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks but there's a notable uptick in exploiting vulnerabilities.
Financial Post: India will not change upcoming cybersecurity rules that force social media, technology companies and cloud service providers to report data breaches swiftly, despite growing industry concerns, the government said.
SC Media: The firm, which launched last year, is headed by Ted Schlein, formerly of Kleiner-Perkins, who is also on the board of trustees of the non-profit national security venture capital group In-Q-Tel and the board of the CISA Cybersecurity Advisory Committee.
Bleeping Computer: The advisory, jointly released by agencies from the United States, Canada, New Zealand, the Netherlands, and the United Kingdom, includes guidance to mitigate these routinely exploited weak security controls, poor security configurations, and bad practices.
Money Management: Appearing at FINSIA's ‘The Regulators’ event, ASIC commissioner, Cathie Armour, said the case of RI Advice has brought cybersecurity into the public eye as it was the first of its kind in Australia.
ZDNet: KELA's security team published a report examining the cybersecurity issues and attacks that surfaced in 2021 and early 2022, specifically focused on the United Kingdom's banks and other financial services.
The Target: MM.Finance, the largest decentralized finance platform on the Cronos blockchain.
The Take: $2 Million
The Vector: A DNS (domain name service, a server that directs users to the appropriate website upon entering the name of a site) vulnerability allowed attackers to inject a malicious website address into the code on the front-facing website as a redirected destination. When users visited the site to make transactions, they were instead sent to a bad website address where the threat actor was able to steal the funds being transacted.
This breach is an important reminder of the critical nature of user-facing website security. Any method which allows public access must be secured to the highest standard and regularly audited for potential breaches. Furthermore, monitoring and updating, if necessary, configurations of key infrastructure like DNS servers is part of maintaining a robust cybersecurity posture.
Irish Examiner: The European Union’s “fragmented” approach to cybersecurity and the “patchy” capabilities of member states is creating several problems in terms of combating State-level attacks and criminal hacks, according to an international expert.
Bleeping Computer: The U.S. Department of Justice (DoJ) has charged Idris Dayo Mustapha for a range of cybercrime activities that took place between 2011 and 2018, resulting in financial losses estimated to over $5,000,000.
Dark Reading: The National Security Administration (NSA), along with a coalition of international cybersecurity authorities, today issued an advisory warning managed service providers (MSPs) of an escalating threat of attack from both everyday cybercriminals and state-sponsored threat actors.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy