.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
The Target: The Internet Society or ISOC, a non-profit organization whose mission is to keep the internet open source and secure.
The Take: Exposure of Personally Identifiable Information of 80,000 records including: full names, email addresses, physical mailing addresses, and login information.
The Vector: A third-party vendor misconfigured a database server, leaving it open and accessible by anyone with an internet connection.
It is important to employ all-encompassing credential management, user authentication and validation, as much possible, on third-party vendors which have access to a firm’s data. An unprotected point of entry on a key piece of equipment like a server can lead to a breach with a cascading effect on data exposure.
Business Telegraph: Britain’s tech sector continues to break records as new government data shows more than 1,800 cyber security firms generated a total of £10.1 billion in revenue in the most recent financial year, a 14 per cent increase from the previous financial year.
The United States Department of Justice: The Justice Department today announced the selection and appointment of Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team (NCET).
IT Pro: Hackers could face up to 25 years in jail if found guilty of cyber offences against Australia’s critical infrastructure, under proposed changes introduced by the government.
Yahoo Finance: The global Cybersecurity market was valued at USD 149.7 Billion in 2020 and is projected to reach USD 346.0 Billion by the year 2027. The market is expected to register a CAGR of 13.4% during the forecast period.
Financial Post: Cloud-based security solutions provider Securonix has raised more than $1 billion in a private fundraising round led by private equity firm Vista Equity Partners, the company said.
Wealth Management: A hack at IRA Financial Trust, which offers self-directed retirement accounts, resulted in the theft of $36 million in cryptocurrency, according to a person familiar with the investigation.
ZDNet: In a report on 2021, the firm said 83 cybersecurity company capital raises surpassed $100 million. There were fourteen $1 billion mergers and acquisitions, including deals involving McAfee, Augh0, Mimecast, Thycotic, Proofpoint, and Avast.
The Target: Wormhole, a cryptocurrency online trading platform.
The Take: $322 million ETH currency.
The Vector: A website vulnerability allowed the attacker to fool the exchange software to release far greater number of the ETH currency than was specified through a temporary token. By altering the conversion, the hacker was able to withdraw far more than the number the entered.
This breach highlights the importance of locking input forms in a firm’s website, be it a name field, email field, or account field, anywhere the user is sending information to the database is a prime target for threat actors. Regular testing for software vulnerabilities is a key component of upholding robust cybersecurity posture.
BNN Bloomberg: Criminals netted $1.3 billion in ransom payments from hacking victims in the past two years, reflecting a massive surge in cybercrime that has prompted a global effort to stop it, according to a new report from Chainalysis Inc.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy