Industry News: ESG5

2022-06-30

CoinDesk: Watch out for phishing emails, says OpenSea, after staff at the world’s largest NFT marketplace discovered that an employee of Customer.io, a platform for managing email newsletters and campaigns, leaked the list of OpenSea customers’ emails to an outside party.

Read more...

2022-06-30

Korea Herald: North Korea’s state-sponsored Lazarus Group is believed to be behind the recent $100 million cryptocurrency theft from a US blockchain company, the latest in a spate of high-profile cyber heists from the Kim Jong-un regime, London-based blockchain analytics firm Elliptic said.

Read more...

2022-06-29

Tech Crunch: On the face of it, the cybersecurity sector is doing just fine. Demand for cybersecurity products remains high as cyberattacks continue to blight both public and private-sector businesses, and investor enthusiasm for all things cyber-related remains strong.

Read more...

2022-06-29

The Hill: Norway’s public and private sector websites were temporarily down on Wednesday following a cyberattack that targeted the country’s national data network, forcing it to suspend online services for several hours.

Read more...

2022-06-28

Gulf Business: Digital transformation has moved to the top of corporate agendas in nearly every vertical in the region. Over the last couple of years, organisations have digitised at great speed to adapt to hybrid work and achieve greater efficiency and competitiveness.

Read more...

2022-06-28

ZDNet: Ransomware is the biggest cybersecurity threat facing the world today, with the potential to significantly affect whole societies and economies – and the attacks are unrelenting, the head of the National Cyber Security Centre (NCSC) has warned. 

Read more...

2022-06-27

Business Wire: ECI, the leader in public cloud and cybersecurity managed services for the global financial services industry, recently commissioned IDC to write the white paper "Cybersecurity and Digital Transformation of Global Alternative Asset Institutions: A Critical Pairing” to understand the intersection of cybersecurity and digital transformation (DX) for global alternative investment institutions. 

Read more...

The Target: StoreHub, a Malaysian point-of-sale software vendor.

 The Take: Exposure of 1 million customers accounts with 1.7 billion records of Personally Identifiable Information including: full names, phone numbers, physical addresses, email address, device types, order information, partially masked credit card numbers, and access tokens. 

The Vector: A completely unsecured AWS Elasticsearch database server with no authentication, or data encryption, was left open and accessible to anyone with an internet connection.

This breach highlights the critical importance of employing robust practices of credential management, user authentication and validation. The personal information, along with the event logs and sensitive company information, can lead to highly effective phishing attacks. Furthermore, the use of encryption on user data can help secure sensitive information in the event of a breach and its use is widely considered a key pillar of a robust cybersecurity posture.

Read more...

2022-06-15

Help Net Security: The APWG’s Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks—the worst quarter for phishing observed to date. This quarter was the first time the three-month total has exceeded one million. There were 384,291 attacks in March 2022, which was a record monthly total.

Read more...

2022-06-15

ZDNet: Most companies that get hit by a cyberattack are likely to fall victim again – sometimes repeatedly – as many struggle to improve their cybersecurity strategy, even after incidents. 

Read more...