.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Cnet: Based on what we know so far, hackers didn't steal as much personal data in 2020 as they did in previous years, but that doesn't mean they weren't able to make plenty of money. According to a report released Thursday by the Identity Theft Resource Center, hackers and identity thieves used stolen passwords and personal information to profit in new ways from your information.
Yahoo Finance: European and North American cyber cops have joined forces to disrupt what may be the world's largest network for seeding malware infections. The operation appears to strike a major blow against criminal gangs that have used that network for years to install ransomware for extortion schemes and to steal data and money.
Autorité des marchés financiers: The Autorité des marchés financiers (AMF) is concerned by the increasing number of security incidents, including cyber incidents, affecting major institutions in Québec’s financial sector. The AMF is therefore again calling on the financial institutions and businesses it supervises to adequately assess information technology risks and take all necessary steps to bolster privacy safeguards and cybersecurity.
Reuters: New Zealand’s financial markets regulator said the country’s stock exchange operator’s technological systems were “insufficient” following a probe into the multiple outages and cyber attacks that hit the bourse operator last year.
Nasdaq: Companies, insurers and governments need to work together to help businesses cope with major risks such as climate change and cyber security, company executives said.
Reuters: Australia’s securities regulator said on Monday there was a cyber security breach at a server it used to transfer files including credit licence applications where some information may have been viewed.
The target: Pixlr, a popular, free online photo editing application.
The take: 1.9 million user records of personally identifiable information including: email addresses, login names, hashed password, and user’s county of origin.
The attack vector: The breach occurred when an AWS storage bucket was left unsecured and online by Pixlr’s parent company, Inmagine. This allowed the attacker to download a copy of the data and then post it on a public hacking forum, vastly increasing the negative area of effect for the compromised users.
This leak shows the negative and cascading effects a breach can have, not only in the personal or financial risk to the user, but in how far the stolen data can be distributed to malicious actors. Robust password controls and user authentication are critical to maintain data integrity and confidentiality. In addition, this breach highlights the importance of protecting against credential stuffing attacks by using strong, unique passwords which are not shared among logins - a security strategy recommended to every firm.
Hedgeweek: In the early stages of the pandemic, the major tech challenges centred around endpoint security. Individuals may have been using personal devices for professional purposes, and the prevalent model was of decentralised security and centralised data. We no longer look to secure a network or server in the same way. Endpoint security is now key, and every device needs security protection. With so many entry points to firms' applications and data, managing the security at the end point has been at the forefront since early 2020 across the sector.
IT World Canada: Several cybersecurity issues will be among the many early priorities for the 46th president of the United States, Joseph Biden. These include responding to recent cyberattacks believed to come from nation-states, reorganizing and reprioritizing cyber in Washington, and encouraging allies to adopt a more unified approach to issues like Internet governance and cyber norms.
Channel Asia: Spending on cyber security around the world is expected to grow as high as 10 per cent this year, to US$60.2 billion, following claims that 2020 saw record high levels of data breaches, compromised records and ransomware attacks.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy