.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Animker, an all-in-one video marketing online platform company.
The Take: Exposure of 700,000 records of Personally Identifiable Information including: full names, device types, postal codes, IP addresses, mobile phone numbers, email addresses, profile details, and physical addresses.
The Vector: A misconfigured database was left open and unsecured, and notably, on its default settings, meaning anyone with an internet connection could have viewed and downloaded the data using the server maker’s basic setup guide.
This shows how important authentication controls are, and even more critically, that they be purposefully and smartly deployed with security in mind. Multi-factor authentication and password length and complexity rules on server access are effective strategies to mitigate these kinds of breaches to protect a firm’s data.
U.S News: The White House announced a new cybersecurity strategy in the latest effort by the U.S. government to bolster its cyber defenses amid a steady increase in hacking and digital crimes targeting the country.
The Guardian: The US Marshals service fell victim to a ransomware security breach this month that compromised sensitive law enforcement information, a spokesperson said.
CFTC: Commodity Futures Trading Commission Chairman Rostin Behnam today announced that longtime federal prosecutor Ian McGinley will serve as the agency’s Director of Enforcement. Mr. McGinley’s arrival supports the Chairman’s continued focus on aggressively monitoring and policing commodity markets at a time of heightened stress and volatility, emerging digital threats to financial markets, including cryptocurrency frauds, cyber-enabled financial fraud, and cyberattacks.
Yahoo News: Cybersecurity firm CrowdStrike’s latest Global Threat Report showed that the number of attacks using malware has dropped in the last year, with hackers instead using “hands-on keyboard activity” to breach organisations.
Tech Crunch: Cybersecurity continues to be a major area for investment among businesses — and VCs. While a decline from the previous year, venture capital funding in the cybersecurity sector totaled $18.5 billion in 2022, according to Momentum Cyber.
BNN Bloomberg: A senior US cybersecurity official described adoption of some of Microsoft Corp. and Twitter Inc.’s security protocols as “disappointing” as part of a broadside against large technology companies’ approach to protecting user accounts.
U.S News: The Australian government on Monday said it planned to overhaul its cyber security rules and set up an agency to oversee government investment in the field and help coordinate responses to hacker attacks.
The Target: The NHS, the United Kingdom’s National Health Service.
The Take: Exposure of 14,000 employee records containing Personally Identifiable Information including: names, physical addresses, Date-of-Birth, NI numbers, gender, ethnicity, and salary.
The Vector: The unencrypted and unprotected file was accidentally sent to hundreds of in-firm managers, but also to twenty-four external email accounts. The file in question was a spreadsheet which had hidden tab containing the information.
This breach is a stark reminder of how critical data processes and protocols are when handling sensitive information. Furthermore, the information stolen in this attack could lead to highly targeted phishing campaigns against the victims. Regular training social engineering training, specifically around the human need to get tasks done quickly with a focus on “stop and think” methodology is a key component in cybersecurity.
Tech Crunch: Cybersecurity continues to be a major area for investment among businesses, and today a startup building solutions for smaller enterprises is announcing a funding round to meet that demand. CyberSmart — a U.K. startup that has built an all-in-one platform providing cybersecurity technology for small and medium businesses, and cyber insurance if things go wrong regardless — has closed a Series B of £12.75 million ($15.4 million).
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Prague
2nd Floor, The Park
V Parku 8
Chodov, Praha, 148 00
Czech Republic
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy