.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
IPE: The manager of Norway’s sovereign wealth fund has put forward the idea that the main stock exchanges around the world should be required to have emergency facilities where trading can continue if they suffer a major technological failure or cyberattack.
ZDNet: UK CEOs have revealed their top concerns after a year that saw remote work become the norm, with accelerated digital transformation and highly visible cyberattacks.
The target: SendGrid, a Colorado-based email marketing company.
The take: 400,000 unique login credentials of: email address, password, IP address, and physical location.
The attack vector: The attacker used a combination of previously hacked accounts on the SendGrid platform to send fake Zoom invites. As SendGrid was known as a trusted SMTP provider, the fake messages had a much higher chance of reaching their targets, passing through some email protection.
This incident highlights the importance of critical thinking as a component of social awareness training for staff. In the event that a trusted account is compromised, analysis of the context of these requests becomes the critical – is a meeting invite expected, does the timeline and subject matter line up with expectations? While messages originating from fraudulent e-mail addresses are easier to spot, they are not the only vector for phishing attacks – each item in the inbox must be approached with the same level of caution.
Yahoo Finance: Canada's main cybersecurity watchdog said Wednesday that it's likely too late to prevent criminals from using a vulnerability in Microsoft Exchange email servers, unless system administrators have already installed software patches that were issued in early March.
Journal of Accountancy: CPAs have a new opportunity to act as third-party assessors of the cybersecurity maturity of U.S. defense contractors as they work to comply with new regulations that have been created to combat cyberthreats.
Zawya: HP Inc. released its new Quarterly Threat Insights Report, providing analysis of real-world attacks against customers worldwide. The report found that 29% of malware captured was previously unknown* – due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection. 88% of malware was delivered by email into users’ inboxes, in many cases having bypassed gateway filters.
IT Web: It goes without saying that the COVID-19 pandemic has been the driver of a massive increase in remote working. This can, in many ways, be viewed as a win-win situation for companies and staff. After all, employees save commuting time while enjoying added flexibility and greater productivity. Meanwhile, organisations reduce both costs and turnover rates.
Investment Executive: In a notice to the industry, the self-regulatory organization said that it has seen an increase in cyber attacks targeting IIROC firms with malware that infects and encrypts devices and demands a ransom for the return of the locked data.
Funds Europe: Last year’s Sunburst cyber-attack against public and private organisations worldwide acted as a reminder of the growing sophistication of cybercrime and the need for solid cybersecurity.
Computer Weekly: The government is to set out a new “full spectrum” approach to the UK’s national cyber security capabilities in this week’s Integrated Review of Security, Defence, Development and Foreign Policy, which is set to be published.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy