shutterstock_490960141-1

Industry News: ESG5

      Know Your Breach: Keytronic

      The Target: Printed circuit board assembly (PCBA) manufacturing firm Keytronic.

      The Take: The cybergang claimed to have stolen financial documents, engineering data, human resources information, corporate data, and other types of data.

      The Vector: The investigation into the attack, Keytronic said, has determined that limited data was accessed and exfiltrated from its environment, including personally identifiable information. The incident, the company said in a filing with the US Securities and Exchange Commission, occurred on May 6, and resulted in network disruptions.

      This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

      Read more...

      Key Steps for PE Firms to Mitigate Cyber Risks in Portfolio Companies

      2024-06-19

      FinTech Global: According to ACA Group, companies with fewer than 1,000 employees bear the brunt of up to 82% of ransomware attacks, painting a target on PortCos due to their typically nascent cybersecurity measures and constrained resources to combat breaches.

      Read more...

      Huntress Captures $150M Series D At $1.5B-Plus Valuation

      2024-06-18

      Crunchbase: Maryland-based Huntress became the newest cybersecurity unicorn after it raised a $150 million Series D at a $1.5 billion-plus valuation. The new round was led by Kleiner Perkins, Meritech Capital and existing investor Sapphire Ventures.

      Read more...

      Non-Human Identity Lifecycle Firm Entro Security Raises $18 Million

      2024-06-18

      SecurityWeek: Non-human Identity (NHI) lifecycle firm Entro Security has raised $18 million in a Series A funding round led by Dell Technologies Capital and including angel investors. The funds will be used to scale the firm’s global operations. 

      Read more...

      SEC Charges R.R. Donnelley & Sons Co. with Cybersecurity-Related Controls Violations

      2024-06-18

      U.S. Securities and Exchange Commission: The Securities and Exchange Commission announced that R.R. Donnelley & Sons Company (RRD), a global provider of business communication and marketing services, agreed to pay over $2.1 million to settle disclosure and internal control failure charges relating to cybersecurity incidents and alerts in late 2021.

      Read more...

      Federal Contractors Pay Multimillion-Dollar Settlements Over Cybersecurity Lapses

      2024-06-18

      The Record: Two federal contractors have paid a total of $11.3 million in civil penalties to the U.S. government after admitting they failed to properly test the cybersecurity of a system for providing financial assistance to low-income people in New York during the COVID-19 pandemic.

      Read more...

      EU Cybersecurity Label Should Not Discriminate Against Big Tech, European Groups Say

      2024-06-17

      Yahoo Finance: A proposed cybersecurity certification scheme (EUCS) for cloud services should not discriminate against Amazon, Alphabet's Google and Microsoft, 26 industry groups across Europe warned.

      Read more...

      McAfee Successor Magenta in Talks With Elliott for Fresh Cash

      2024-06-17

      Yahoo Finance: Cybersecurity software firm Magenta Buyer is in talks with creditor Elliott Investment Management to provide it with fresh money as revenue falls and liquidity thins, according to people familiar with the situation.

      Read more...

      Know Your Breach: Frontier

      The Target: Frontier is a leading U.S. communications provider that provides gigabit Internet speeds over a fiber-optic network to millions of consumers and businesses across 25 states.

      The Take: Full names and Social Security Numbers (SSNs) were confirmed as breached for 751895 customers.

      The Vector: The telecommunications provider says it suffered a cyberattack in mid-April 2024, allowing hackers to access customers' personal information stored on its systems.

      This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

      Read more...

      NetSPI Acquires Hubble to Address Asset and Exposure Management Challenges

      2024-06-13

      Help Net Security: NetSPI announced its acquisition of Hubble, a Northern Virginia-based cyber asset attack surface management (CAASM) and cybersecurity posture management solution.

      Read more...

      About Castle Hall Diligence

      Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

      Subscribe to Cyber Updates