.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
ZDNet: According to Cybereason, the Chinese advanced persistent threat (APT) group Winnti is behind the campaign, which has gone undetected for years.
CNN: A year-long Pentagon pilot program found an array of software vulnerabilities at dozens of defense contractors as Russian and Chinese hackers continue to try to steal sensitive data from the US defense industrial base.
CSO: Cybersecurity pros interested in metrics and measures frequently ponder and pontificate on what measures would be best to show the board of directors.
The Target: Newman Regional Health, a U.S based Kansas hospital
The Take: Exposure of Personally Identifiable Information of 52,000 individuals including: names, medical record numbers, employee information, dates of birth, email addresses, phone numbers, and physical addresses.
The Vector: A threat actor gained access to compromised employee email accounts, and acting with all the same permissions as the breached credentials, exfiltrated the above data.
This breach is a stark reminder of the importance of not only robust employee credential authentication and password hygiene, but also regular internal system scanning. The threat actor had access to the compromised system for nearly a year. Performing regular monitoring on account behaviour is critical to ensure access is kept within the firm. Additionally, locking down appropriate permissions, admin access, and ensuring users only need the tools they need to do their jobs, and no more, will reduce the risk of these attacks.
The Guardian: When Downing Street was recently named as the suspected victim of a phone hack by the United Arab Emirates using the Israeli-made spyware, Pegasus, few were surprised at who was behind the discovery.
Help Net Security: Info-Tech Research Group has published its annual report on the priorities for security leaders. The report combines insights from the 2022 security priorities survey and other related industry reports that the firm releases throughout the year.
Financial Post: According to the Fortinet report released, the skills gap isn’t just a talent shortage challenge, but it’s also severely impacting business, making it a top concern for executive leaders worldwide.
Bleeping Computer: In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021.
CNBC: In January 2021, Microsoft CEO Satya Nadella revealed the size of the software company’s security business for the first time. The number was big.
Hedge Week: The outbreak of the Covid-19 pandemic has created a breeding ground for an increase in fraudulent activity, as the world shifted to working from home and reliance on digital technology was heightened in all aspects of daily life. This underscored the need for tighter procedures and processes around detection and protection within all sectors, but especially financial services.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy