.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Info Security: A new security framework for the UK’s telecommunications industry is set to come into effect in October, making the UK’s telecoms security regulations among the strongest in the world.
JDSupra: On August 29, 2022, Ellington Management Group, LLC reported a data breach with the Montana Attorney General after the company learned that an unauthorized party had gained access to two employee email accounts.
Commercial Observer: We’ve all done it. You leave your computer with a stranger’s promise to “keep an eye on it” in a café. Your kid messes around on your laptop in your home office. You scroll through Facebook during a tedious Zoom meeting. What’s the harm?
Bleeping Computer: China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet.
Forbes: Most forward-thinking corporations understand the benefits of taking a proactive approach to cybersecurity. If investments haven’t been made from the desire to protect customer and client data, it is seemingly being invested in by organizations that do understand the potential negative impacts on brand and reputation should they not take it seriously.
The Target: Workforce Safety & Insurance, North Dakota’s division of workplace safety and worker compensation.
The Take: Exposure of 182 records of Personally Identifiable Information including: emails between claimants and WSI, voice-mails containing information about said claims, and emails between WSI and their business partners.
The Vector: The attacker penetrated Klaviyo’s internal systems by tricking an employee to give up their company credentials through a phishing attack, allowing the threat actor to access systems with all the privileges of the stolen login.
This breach highlights critical need for employee training to protect a firm against phishing attacks. By using the exposed credentials, the attackers were able to act with all the same permissions as the affected employee. The human component of cybersecurity is a very real and important piece of the overall picture of cybersecurity posture. Furthermore, the sensitive information breached can lead to highly targeted spear-phishing attacks as it lends credence.
Business Live: Mid-market private equity firm LDC has sold its minority stake in Nottingham-based managed IT and cyber services provider Littlefish to Bowmark Capital following a three-year partnership.
CoinDesk: Coinbase (COIN) failed to properly secure customers' accounts, leaving them vulnerable to theft and unauthorized transfers, a putative class action lawsuit filed against the crypto exchange last week alleges.
CNN: Twitter has major security problems that pose a threat to its own users’ personal information, to company shareholders, to national security, and to democracy, according to an explosive whistleblower disclosure obtained exclusively by CNN and The Washington Post.
IT World Canada: A specialty broker providing cyber insurance has found a way to attract business from Canadian small and medium-sized organizations: Partnering with a cloud provider that helps firms meet a cybersecurity standard.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy