Industry News: ESG5

2020-08-06

Yahoo News: Capital One Financial Corp <COF.N> will pay an $80 million penalty to a U.S. bank regulator after the bank suffered a massive data breach one year ago.

Read more...

2020-08-06

Help Net Security: An INTERPOL assessment of the impact of COVID-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure.

Read more...

2020-08-06

Finance Magnates: When it comes to cryptocurrency-related crime, every year seems to have its own particular ‘flavor’. 2018 was the year of massive exchange hacks (remember Coincheck?); 2019 was seasoned with an air of massive ponzi schemes (PlusToken, OneCoin) with a few scandals thrown in the mix (QuadrigaCX, anyone?)

Read more...

20202-08-05

Yahoo News: Federal police and organised crime investigators will be empowered to kick down the digital door of criminals hiding in the dark web under a $1.7 billion government cyber security strategy.

Read more...

2020-08-04

Fierce Telecom: AT&T's survey found that 70% of the large business felt remote working made them more vulnerable to cyberattacks. AT&T's study of 800 cybersecurity professionals across the U.K., France and Germany found that more than half (55%) now believe remote working is making their companies more vulnerable to cyberattacks.

Read more...

2020-08-04

Financial News: Cybersecurity companies are warning that they’ve seen an exponential rise in attempted “phishing”, banking-email compromises, and illegal cryptocurrency mining. And it’s hedge funds that may be most vulnerable.

Read more...

2020-08-03

Security Affairs: Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. The attack took place on July 31 at 6.00 pm CEST, when hackers compromised the company servers.

Read more...

The target: Dave.com, a digital banking app

The take: 7.5 million records of customer information including: real names, phone numbers, birth days and home addresses.

The attack vector: The breach at Dave.com was due to another breach at one of Dave.com’s third party service providers, Waydev (an analytics platform used by engineers), which in turn exposed Dave.com’s user data. The attackers used a blind SQL injection (an insertion of malicious code) to gain access to Waydev’s database and stole authorization tokens which let them penetrate Waydev’s systems and pivot to steal access to data from other firms, such as Dave.com.

This highlights the cascading negative effects cybersecurity incidents can have on companies which rely on third-party vendors for operation. Holding third-party vendors to an organization’s security requirements is a very challenging prospect. Vigilant monitoring and applying advanced analytics to watch for malicious activities are some of the proactive strategies used to pinpoint suspicious activity before it turns into a breach.

Read more...

2020-07-30

Businesswire: The COVID-19 pandemic has presented a once-in-a-lifetime opportunity for hackers and online scammers, and cybersecurity professionals saw a 63 percent increase in cyber-attacks related to the pandemic, according to a survey released by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG). As the global impact of COVID-19 manifested itself in the middle of March, ESG and ISSA conducted an in-depth survey in April 2020 as a point in time assessment of challenges posed by the pandemic.

Read more...

2020-07-29

Coindesk: In a note to clients, CEO Pascal Gauthier said the French hardware wallet provider fell victim to a large-scale data breach from an unauthorized third party. The hacker, whose identity remains unknown, gained access to Ledger's e-commerce and marketing database.

Read more...