.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Yahoo Finance: Cybersecurity firm SentinelOne Inc, backed by billionaire investor Daniel Loeb's hedge fund Third Point, has boosted the price range for its IPO and is now looking to raise about $1.02 billion, a regulatory filing showed.
The target: Amerigas, the U.S’s largest propane provider.
The take: Personally Identifiable Information of 123 employees which included: lab IDs, social security numbers, driver license numbers, and dates of birth.
The attack vector: The breach occurred when an employee of a third-party vendor, J.J Keller, fell for a phishing email and unknowingly gave away their login credentials to a threat actor. After this, the attacker logged in using the employee’s legitimate credentials and began accessing secure documents and information.
Phishing attacks against individual employees remain one of the greatest security threats to the entire organization. Regular social engineering and awareness testing and training, along with tone-from-the-top messaging to emphasize the importance of critical thinking and caution are crucial to protecting sensitive information assets.
International Investment: The Financial Conduct Authority (FCA) has admitted that there were three cases of data breaches in 2020 in response to a Freedom of Information (FOI) request submitted by International Investment's sister title Professional Adviser.
O Canada: The European Commission proposed on Wednesday to pool resources and expertise from the EU’s 27 countries for a joint cyber unit to fight online criminals amid a spate of high profile hacks in Europe and worldwide.
Help Net Security: McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in the first quarter of 2021. The quarter saw cyber adversaries shift from low-return, mass-spread ransomware campaigns toward fewer, customized Ransomware-as-a-Service (RaaS) campaigns targeting larger, more lucrative organizations.
ZDNet: The federal opposition has introduced a Bill to Parliament that, if passed, would require organisations to inform the Australian Cyber Security Centre (ACSC) before a payment is made to a criminal organisation in response to a ransomware attack.
Financial Advisor: Cybersecurity is a top concern for advisory firms and businesses in general, which opens up investing opportunities in companies that are good at building defenses against hacker attacks, according to Pedro Palandrani, research analyst at Global X, a New York City-based financial services firm that specializes in ETFs.
Private Equity Wire: In addition to the investment funding, Integrity360 founder and CEO Eoin Goulding is partnering with Ian Brown, who joins the company as Executive Chairman, with Goulding taking on the new role of President. Brown, an established entrepreneur and industry veteran has been running technology businesses for over 25 years, including most recently SecureData, the leading UK cyber security services business acquired by Orange in 2019.
The Times of Israel: Cybersecurity firm SentinelOne Inc. has filed a prospectus with the US Securities and Exchange Commission to raise as much as $928 million in an initial public offering of shares on the New York Stock Exchange, aiming for a valuation of over $7 billion.
The target: CVS, a U.S-based retailer and pharmacy company.
The take: Exposure of an estimated one billion records of information including: event and configuration data, visitor IDs, session IDs, device access information, a schematic of the logging system used by the website, and queries for medications including COVID-19 vaccines.
The attack vector: Misconfigured cloud service database, controlled by a third-party vendor, with no password protection or credential management, letting anyone with an internet connection download and access the data.
This breach highlights the risk of working with third-party vendors and the importance of regular auditing to ensure they are following best practice when handling data. The storage of sensitive information should follow industry standard practices be managed with proper credential deployment and security, no matter if a firm’s data is on their own servers or in the hands of another party.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy