.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Scranton Cardiology
The Take: Exposure of Personally Identifiable Information including: full names, physical addresses, dates of birth, social security numbers, driver’s license, passport numbers, credit card and bank number details, and some medical information.
The Vector: The breach occurred through a “brute-force” attack where the threat actor uses a program to sequentially try every combination to a password protected system.
This breach is a critical reminder of standards and processes around password hygiene. Length and complexity for passwords, no matter where in a firm’s system they are set, is crucial for a robust overall cyber-security posture. When attackers gain access to legitimate employee credentials, they can act with all the permissions and privileges belong to the user.
OpenPR: Cybersecurity-as-a-Service is a cloud-based approach to outsourcing cybersecurity, where security services are provided on a subscription basis and hosted by cloud providers.
Forbes: Given the speed and scope of digital transformation and related technologies, our vision of what these innovations can achieve encompasses what is possible today and the endless possibilities of tomorrow.
CoinDesk: Floating Point Group (FPG), an institutional trading desk specializing in cryptocurrencies, suffered a cyber attack on Sunday, June 11, which resulted in a loss of between $15 million and $20 million in crypto, a spokesman for the firm told CoinDesk.
Bleeping Computer: U.S. and international cybersecurity authorities said in a joint LockBit ransomware advisory that the gang successfully extorted roughly $91 million following approximately 1,700 attacks against U.S. organizations since 2020.
CNBC: China’s cyber-espionage and sabotage capacities are an “epoch-defining threat,” the top U.S. cybersecurity official said, warning that in the event of open warfare “aggressive cyber operations” would threaten critical U.S. transportation infrastructure “to induce societal panic.”
IT World Canada: It can take Canadian organizations up to 48 days to detect and recover from a cyber attack, according to a new survey of infosec professionals.
BNN Bloomberg: Demand for cybersecurity remains front and centre for companies looking to keep up in the tech era, which is why one analyst says she is bullish on stocks within the sector.
The Target: Neho, a Swiss-based online real estate agency.
The Take: Exposure of sensitive login credentials to Neho’s systems, potentially allowing attackers full access to databases, source-code, configuration profiles and more.
The Vector: A misconfiguration on Neho’s website exposed login credentials to their systems to the public, allowing anyone with internet access who obtained these credentials to login as an authenticated Neho user.
This breach is a critical reminder of how important access control is for overall cybersecurity. If an attacker obtains access to vetted credentials, they can pivot their movements into possibly every system belonging to the firm, making the attack an order of magnitude more deadly. Safe and secure storage of login credentials is essential to protecting a firm and their customers.
Forbes: As automation increases, so does the extent of systematic cyber risk. Cybersecurity measures are thus prudent since it is only by looking through the lens of the hacker can one avail a progressive insight as to the best means of securing and protecting data.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy