.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Business Wire: New hybrid working arrangements are placing firms at greater risk of cyberattack. Employers must be confident that staff understand how to stay safe while working from different locations, according to Questionmark, the online assessment provider.
The Hill: A bipartisan group of senators on Thursday unveiled legislation intended to crack down on cyber criminals, who have increasingly posed a threat to critical U.S. organizations.
IT Pro: The company published the figure in a report that surveyed cyber security professionals worldwide, with 24% of them based in the US. It found that 46% of the companies targeted a second time were attacked by the same criminals that infected them the first time.
US News: Legal and professional services group Gateley reported a cyber security breach from a known external source on Wednesday, adding it was confident that the incident was limited to a small portion of its data.
Yahoo Finance: Following his meeting with Russian President Vladimir Putin in Geneva on June 16, President Biden said “there were no threats” exchanged in the two leaders’ conversation. But Biden also delivered what Putin must have considered a serious warning.
Security Week: An investigation revealed that the database stored information that had been compromised in data breaches suffered by various companies over the past years. The database has been used by security analytics firm Cognyte to alert customers when their information is exposed as a result of a data breach suffered by a third party.
SEC: The Securities and Exchange Commission today announced settled charges against real estate settlement services company First American Financial Corporation for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information.
The target: Carter’s, a U.S based retailer of baby clothing and apparel.
The take: An estimated 410,000 records of personally identifiable information including: full names, physical addresses, email addresses, phone numbers, shipping tracking ID’s, and purchases and transaction details.
The attack vector: The breach occurred because of the failure to implement authentication controls for the URL shortener used on the site. When a customer made a purchase online, they were redirected to the shortened purchase cart page URL which had no credential management. Furthermore, the links were not set to expire, letting anyone with the URL access the sensitive information at any time for any length of time.
Any page where customer data is stored should follow industry standard practices be managed with proper credential deployment and security. The exposure of detailed personal information makes a firm’s users extremely vulnerable to phishing attacks and fraud.
O Canada: U.S. Senate Majority Leader Chuck Schumer said he is initiating a review of recent high-profile cyber attacks on governments and businesses to find out whether a legislative response is needed.
CNN Business: Significant cyberattacks against critical targets in Europe have doubled in the past year, according to new EU figures obtained by CNN, as the pandemic pushed lives indoors and online.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy