.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
ZDNet: "Ransomware is one of the main threats," Fernando Ruiz, head of operations at Europol's European Cybercrime Centre (EC3), told ZDNet. Europol supports the 27 EU member states in their fight against terrorism, cybercrime and other serious and organised forms of crime.
Cyberscoop: Last week saw a flurry of U.S. indictments of alleged Chinese and Iranian hackers as part of a multi-agency crackdown on foreign intelligence services.
The target: Razer, an American-based maker of computer accessories and peripherals.
The take: 100,000 records of Personally Identifiable Information including: full name, email, phone number, internal customer ID, order number, billing and shipping address
The attack vector: The data was left unsecured due to a misconfiguration on an Elasticsearch server without any protection or credential management, leaving the information open to be downloaded by anyone with an internet connection.
The information exposed poses great risk for Razer’s customers as social engineering attacks, such as fraud and phishing, could easily be crafted with precision by bad actors because of the leaked personally identifiable data. This breach highlights the critical importance of not only proper and secure configurations of storage where sensitive information is held, but also strict and robust policy around access and security.
Security Magazine: A new report, Taking the Pulse of Government Cybersecurity 2020 by Nominet surveyed government cybersecurity professionals in the U.S., U.K. and Middle East. The research was conducted by the Information Security Media Group and shows a clear perception that collaboration with the private sector is desirable in order to keep pace with change and innovation to ensure robust national cyber defense.
Krebs on Security: U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges.
Businesswire: Neustar, Inc., a global information services and technology company and leader in identity resolution, released its latest cyberthreats and trends report which identifies significant shifts in distributed denial-of-service (DDoS) attack patterns in the first half of 2020. Neustar’s Security Operations Centre (SOC) saw a 151% increase in the number of DDoS attacks compared to the same period in 2019. These included the largest and longest attacks that Neustar has ever mitigated at 1.17 Terabits-per-second (Tbps) and 5 days and 18 hours respectively. These figures are representative of the growing number, volume and intensity of network-type cyberattacks as organisations shifted to remote operations and workers’ reliance on the internet increased.
NBC: Five members of an alleged Chinese hacking group have been indicted for their role in a scheme to hack into more than 100 companies in the U.S., the Justice Department announced.
Proskauer: A cyber breach can have serious legal, financial, and reputational consequences for a fund sponsor, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT problem. Senior management at fund sponsors should take the lead to ensure that the sponsor is taking appropriate actions to protect itself against cyber risks. There are several steps that senior management can guide the fund sponsor to take to prevent breaches from occurring and to mitigate the impact when they do occur.
NZ Herald: The NZX is understood to be under another cyber attack, putting its website out of action, but share trading was continuing normally under measures put in place when the first attacks occurred late last month.
ZDNet: The FBI has sent a private security alert to the US financial sector last week warning organizations about the increasing number of credential stuffing attacks that have targeted their networks and have led to breaches and considerable financial losses.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy