.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
BNN Bloomberg: NortonLifeLock Inc. is in talks to buy European cybersecurity firm Avast Plc, the Wall Street Journal reported, citing two unidentified people familiar with the matter.
PYMNTS: Cybereason, which can help prevent cyberattacks, is the recipient of a $275 million investment from crossover funding, according to a company press release.
KnowBe4: NYDFS offers up sound best practices in addition to their recently released Cyber Insurance Risk Framework based on recent attack investigations, finding repeated use of “the same handful of techniques.”
Dark Reading: When Team Cymru's James Shank worked with the Ransomware Task Force to come up with the worst-case scenarios for a ransomware attack, the group focused heavily on impacts: How could attackers endanger people or cause significant damage to infrastructure?
BNN Bloomberg: The Russia-linked ransomware gang REvil has seemingly vanished from the dark web, where it maintains several pages documenting its activities including one called the “happy blog.”
Institutional Asset Manager: Executives at some of the world’s biggest banks, insurers and asset managers were asked to choose from a list of potential business, economic, policy, social and environmental threats to growth. They ranked cyber-attacks top (56 per cent), followed by pandemics (51 per cent) and over-regulation (50 per cent).
The target: Morgan Stanley, an investment banking firm providing banking, securities, and wealth management services worldwide.
The take: Stock plan participant’s names, addresses, dates of birth, social security numbers, corporate company names.
The attack vector: The breach occurred within a third-party vendor, Guidehouse, used by Morgan Stanley. Guidehouse in turn was using Accelion’s FileTransferApplication, which had been compromised earlier this year. Using a known exploit in Accelion’s FTA service, attackers were able to penetrate Guidehouse’s systems and access files Morgan Stanley had stored there. While the data was encrypted, access to the decryption key was also not secure, allowing the attackers to steal and read the data.
This incident highlights the ease with which a single breach can lead to a pivot into other systems. While Morgan Stanley’s own systems were not at risk, their data was stored with a third-party who failed to fully secure their own systems by using an exploited piece of software. The cascading nature of data breaches cannot be understated, and every effort should be made by firms to secure their data no matter where it is being stored.
The Sydney Morning Herald: Some of the world’s largest technology companies have told Parliament a proposed bill to allow Australia’s cyber security agencies to install software on their networks risked making the problem of digital attacks worse.
NBC News: A top lawyer for America's cyberwarrior force is calling publicly for military operations against transnational criminal hackers, shedding light on a debate inside and outside the government about how best to deal with ransomware and other virtual threats.
CoinGape: “Robinhood Crypto” the cryptocurrency brokerage unit of trading app Robinhood is facing a $10 Million penalty by New York regulators. Robinhood Crypto is penalized for allegedly violating state rules on cybersecurity and anti-money laundering.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy