.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
CTV: Marriott says guests' names, loyalty account information and other personal details may have been accessed in the second major data breach to hit the company in less than two years.
CPO Magazine: The London-based fintech company, Finastra, which provides financial software to the global banking sector, has reported suffering a ransomware attack that prompted the company to shut down its servers and caused disruptions to its global operations.
The target: MCA Wizard, a now defunct mobile app for loaning money to small business owners developed jointly by Advantage Capital Funding and Argus Capital Funding in 2018.
The take: 425GB of data comprising over 500,000 documents, including credit reports, bank statements, contracts, legal paperwork, driver’s licenses, purchase orders & receipts, tax returns, social security information and more.
The attack vector: Even though the app itself was pulled from both Google Play and the App Store, the data behind it remained online, stored in an unsecured AWS S3 bucket which was accessible without a password. Security researchers noted that while the app was no longer available, new documents were being added to the database right up until its removal, suggesting that another application or service could have been using the same bucket.
While this is yet another example of a misconfigured storage bucket, it also raises the issue of security controls and management of the lifecycle of data. If an app or service reaches its end of life, there is absolutely an onus on the responsible firm to manage any sensitive data collected or processed by that app through to secure deletion.
Computer Weekly: Developed countries in Asia-Pacific (APAC) with more established digital economies may be most vulnerable to cyber attacks, but they are also among the most prepared in the region to deal with cyber threats, a new study has found.
ZDNet: Almost half of businesses have experienced a cyberattack or data breach in the past year – and almost all of the organisations that know they've been on the receiving end of attacks have reported being targeted by phishing and other fraudulent emails as the volume of these attacks continues to rise.
Reuters: A U.S. cybersecurity firm said Wednesday it has detected a surge in new cyberspying by a suspected Chinese group dating back to late January, when coronavirus was starting to spread outside China.
ZDNet: Automation is something businesses in almost every sector are familiar with, as part of their efforts to make systems more efficient. It's something that the cybersecurity industry is increasingly using, with automated data collection and processing playing an ever-growing role in protecting against data breaches and cyberattacks.
Reuters: UK banks are stepping up fraud prevention measures to protect customers from scammers eager to exploit the coronavirus pandemic with a whole range of new tricks, including fake sales of medical supplies and bogus government relief schemes.
JDSUPRA: COVID-19 has created many new concerns for private fund managers; however, managers should be particularly mindful of heightened cybersecurity and fraud risks. With increased numbers of employees teleworking, there are increased vulnerabilities for cybercriminal intrusions creating privacy-related risks for fund portfolio information, LP confidential data, and other sensitive electronically-stored materials.
Reuters: Elite hackers tried to break into the World Health Organization earlier this month, sources told Reuters, part of what a senior agency official said was a more than two-fold increase in cyberattacks.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy