.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Atualidade: The legislation, already agreed between MEPs and the Council in May, will set tighter cybersecurity obligations for risk management, reporting obligations and information sharing. The requirements cover incident response, supply chain security, encryption and vulnerability disclosure, among other provisions.
Mint: According to the report, India respondents consider a catastrophic cyberattack, a resurgence of COVID-19 or a new health crisis, and a new geopolitical conflict among the top three risks.
S&P Global: U.S. information technology M&A activity remained muted in October, despite continued interest in cybersecurity targets. Overall, sector deal volume was down 32.4% year over year in October. At 192 transaction announcements, the month also had eight fewer deals than September, extending 2022's tech M&A downturn.
BNN Bloomberg: Data stolen from an Australian health insurer, including the names, addresses and birthdates of hundreds of customers, has been posted to a forum on the so-called dark web.
Spiceworks: The private markets are seeing an influx of interest from retail investors, but a lack of security technology and practices are threatening innovation, which could hinder private market transformation forbodes Alin Bui, CSO & co-founder of Anduin.
The Target: Dropbox, a U.S based file hosting service.
The Take: Exposure of 130 private GitHub repositories, which contain sensitive files and source code, monitoring tools and configuration files used by the security team.
The Vector: The attacker created a fake login page for one of Dropbox’s third party integrated platforms, CircleCI, which allowed them to steal the legitimate credentials the employees entered.
This breach highlights critical need for employee training to protect a firm against phishing attacks. By using the exposed credentials, the attackers were able to act with all the same permissions as the affected employee. The human component of cybersecurity is a very real and important piece of the overall picture of cybersecurity posture.
Canadian Lawyer: Legal departments are playing an increasingly important role in cybersecurity strategy, and chief legal officers in particular are often front and center, with 84 percent of CLOs now playing a key role in the cybersecurity strategy for their organization – up from 76 percent in 2020 – according to a new report.
BNN Bloomberg: Companies that make security software have turned out to be a relative bright spot in this year’s stock market meltdown, favored by both traders and firms looking to make acquisitions.
Hedge Week: Unfortunately, there is no black box, single hire or other singular silver bullet solution that will solve the cybersecurity challenge by itself. So organisations need to be prepared by having an array of multiple solutions and tools at their disposal to defend against, respond to and remediate a potential attack.
Mondaq: The U.S. Department of Justice (DOJ) issued a press release announcing the unsealing of a criminal complaint in which intelligence officers from the People's Republic of China ("PRC") were charged with attempting to obstruct a criminal prosecution in the Eastern District of New York.
