.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Curaçao-headquartered Stake.com offers casino and sports betting for players using cryptocurrency.
The Take: Over $40m in cryptocurrency.
The Vector: In crypto, hot wallets are less secure than cold wallets because public and private keys can be reached from the internet, enabling remote access and unauthorized activity. This appears to be what happened to Stake.com, although the firm has revealed few other details.
This breach is a stark reminder of how important authentication controls are in an overall robust cybersecurity posture, and more critically, ensuring these controls are in place on all third-party vendors which have access to a firm’s data.
BNN Bloomberg: China-linked hackers breached the corporate account of a Microsoft Corp. engineer and are suspected of using that access to steal a valuable key that enabled the hack of senior US officials’ email accounts, the company said in a blog post.
SecurityWeek: Upwind, which describes itself as a runtime-powered Cloud-Native Application Protection Platform (CNAPP), has raised a total of $80 million in just 10 months as investors continue to pour cash into startups in the cloud and data security categories.
The Guardian: The Electoral Commission has admitted it failed a cybersecurity test in the same year that hackers successfully attacked the organization.
Yahoo Finance: Verizon Business Network Services, a unit of the telecom giant , agreed to pay $4.1 million to resolve U.S. allegations that it failed to follow required cybersecurity standards, the U.S. Justice Department said.
PR Newswire: Dataprise, a premier provider of managed IT, cybersecurity and cloud solutions, announced that it has completed an acquisition of clients and employees of Cohere, a security-first managed services provider headquartered in New York City.
Bleeping Computer: The German Federal Financial Supervisory Authority (BaFin) announced that an ongoing distributed denial-of-service (DDoS) attack has been impacting its website.
CSO: The Australian federal government has approved amendments to the Protective Security Policy Framework (PSPF) to mandate non-corporate Commonwealth entities to appoint a CISO to be responsible for cyber security leadership in the entity.
The Target: TMX Finance Corporate Services, the parent company of lender TitleMax. TMX, which also operates the brands TitleBucks, InstaLoan and EquityAuto Loan, has more than 1,000 locations in 18 U.S. states.
The Take: A revised data breach notification sent to victims by TMX stated that beyond the raft of personal information that it previously stated had been stolen - including passport and Social Security numbers - attackers may have also stolen their credit/debit card number in combination with security code, access code, password or PIN for the account.
The Vector: TMX previously reported detecting suspicious activity on their systems on Feb. 13. A third-party incident response firm called in to investigate found the intrusion appeared to have started in early December 2022.
This breach is a stark reminder of how important authentication controls are in an overall robust cybersecurity posture, and more critically, ensuring these controls are in place on all third-party vendors which have access to a firm’s data.
The Guardian: The UK’s cybersecurity agency has warned that chatbots can be manipulated by hackers to cause scary real-world consequences.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy