.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Bleeping Computer: Zacks discovered the at the end of last year that some customer records had been accessed without authorization. An internal investigation into the incident determined that a threat actor gained access to the network somewhere between November 2021 and August 2022.
Sky News: The attacks - known as distributed denial-of-service (DDoS) - work by directing high volumes of internet traffic towards targeted servers in a bid by so-called hacktivists to knock them offline.
CNBC: North Korean-linked actors were behind the theft of $100 million through the hack of a crypto product last year, the Federal Bureau of Investigation said.
TechCrunch: LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems.
Private Equity Wire: Abacus Group, a provider of hosted IT services and solutions to alternative investment firms, has acquired two boutique cybersecurity consulting companies, Gotham Security and its parent company, GoVanguard, which will now be known as Gotham Security, and will operate as an independent subsidiary of Abacus Group.
DarkReading: Leading global intelligence and cyber security consultancy S-RM has today revealed in its Cyber Security Insights Report that there has been a drop in concern around the cyber security threats posed by hybrid working. However, a significant proportion (35%) of IT leaders say they are concerned over a cyber skills gap among employees.
The Target: Myrocket, a Human Resources recruitment company based in India.
The Take: Exposure of 200,000 employees and 9 million candidate records of Personally Identifiable Information including: names, taxpayer information, personal identification numbers, emails, phone numbers, bank details, dates of birth, salaries, payslips, employees roles, and more.
The Vector: A misconfigured data server was left open and unsecured, meaning anyone with an internet connection could have viewed and downloaded the data.
This breach is critical reminder that authentication controls are an important piece in an overall robust cybersecurity posture. This data is perfect for constructing highly effecting spear-phishing campaigns. Multi-factor authentication and password length and complexity rules on server access are effective strategies to mitigate these kinds of breaches to protect a firm’s data.
BNN Bloomberg: In findings published, the blockchain forensics firm estimated that ransom payments — which are almost always paid in cryptocurrency — fell to $456.8 million in 2022 from $765.6 million in 2021, a 40% drop.
Bleeping Computer: PayPal is sending out data breach notifications to thousands of users who had their accounts accessed through credential stuffing attacks that exposed some personal data. Credential stuffing are attacks where hackers attempt to access an account by trying out username and password pairs sourced from data leaks on various websites.
BusinessWire: With the Securities & Exchange Commission proposing tighter cybersecurity requirements for hedge funds and other asset managers, Cole-Frieman & Mallon LLP, one of the nation’s leading boutique law firms serving the investment management industry, has launched a first-of-its-kind cybersecurity law practice.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Prague
2nd Floor, The Park
V Parku 8
Chodov, Praha, 148 00
Czech Republic
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy