Menu
Sign In
shutterstock_490960141-1

Industry News: ESG5

    Know Your Breach: Discord

    The Target: Video game chat platform Discord.

    The Take: The data compromised may have included usernames, email, billing information, the last four digits of credit card numbers, IP addresses and messages with customer support.

    The Vector: The company stated that an unauthorised party had compromised one of Discord’s third-party customer service providers, leading to the access of “a limited number of users” who had been in contact with the customer service or trust and safety teams.

    This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

    Read more...

    Cybersecurity Tops CFO’s Risk Agenda With 99% Reporting Incidents and 94% Planning to Increase Spend

    2025-10-08

    Yahoo Finance: New research commissioned by global S&P500 corporate payments company, Corpay, finds that 99% of UK finance leaders surveyed have experienced payments-related cyber incidents in the past two years, exposing the fragility of legacy systems and an urgent need for change.

    Read more...

    Third-Party Breaches are a Wake-Up Call for Modern Cybersecurity

    2025-10-08

    Tech Radar: Cybersecurity has never been more critical than in today’s hyper-connected world, where businesses increasingly rely on third-party vendors to deliver essential services.

    Read more...

    Autonomous AI Hacking and the Future of Cybersecurity

    2025-10-08

    CSO Online: AI agents are now hacking computers. They’re getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation, and hack autonomously, at computer speeds and scale. 

    Read more...

    Armis and Fortinet Expand Partnership to Strengthen Cyber Defenses

    2025-10-07

    Investing.com: Armis and Fortinet, a prominent cybersecurity player with a market capitalization of $66 billion and impressive gross profit margins of 81%, announced an expanded partnership aimed at simplifying security programs and strengthening cyber resilience for organizations worldwide.

    Read more...

    North Korean Hackers Stole Over $2 Billion In Crypto So Far in 2025, Researchers Say

    2025-10-07

    TechCrunch: Hackers working for the North Korean government have stolen more than $2 billion in crypto so far this year, according to blockchain analysis firm Elliptic

    Read more...

    Public Disclosures of AI Risk Surge Among S&P 500 Companies

    2025-10-07

    Cybersecurity Dive: More than seven of every 10 public companies on the S&P 500 now flag their use of artificial intelligence as a material risk in their public disclosures, according to a report released by The Conference Board. 

    Read more...

    Hackers Extorting Salesforce After Stealing Data From Dozens of Customers

    2025-10-06

    SecurityWeek: A threat actor supposedly formed of members of known hacking groups has claimed the theft of large amounts of data from dozens of Salesforce customers. 

    Read more...

    Know Your Breach: Boyd Gaming

    The Target: Boyd Gaming is a public US casino entertainment company with 28 gaming properties in ten states.

    The Take: The threat actors were able to steal data from the company's systems, which includes information about employees and individuals.

    The Vector: In a new 8-K form filed with the US Securities and Exchange Commission (SEC), the company said it experienced a cybersecurity “incident” in which unauthorized third parties accessed its IT system.

    This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

    Read more...

    Oneleet Raises $33 Million to Shake up the World of Security Compliance

    2025-10-02

    TechCrunch: Bryan Onel’s father was a locksmith. As for Onel, he described himself as the digital equivalent. Ethical hacking was Onel’s hobby growing up. He studied AI at university and then turned that hacking hobby into a profession. 

    Read more...

    About Castle Hall Diligence

    Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

    Subscribe to Cyber Updates