.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: HTC Global Services is a managed service provider offering technology and business services to the healthcare, automotive, manufacturing, and financial industries.
The Take: The leaked data includes passports, contact lists, emails, and confidential documents allegedly stolen during the attack.
The Vector: While little information about the attack on HTC is available, cybersecurity professional Kevin Beaumont believes the company was breached using the Citrix Bleed vulnerability. According to Beaumont, one of HTC's business units, CareTech, operated a vulnerable Citrix Netscaler device, which was exploited for initial access to the company's network.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
Yahoo Finance: Blackstone Inc. has provided a more than $1 billion private credit loan package for BeyondTrust, a cybersecurity company, according to people with knowledge of the transaction.
CSO: While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending.
Forbes: Cybersecurity is an existential threat to the global economy. The World Economic Forum’s (WEF) Global Risks Report places cybercrime and cyber insecurity in the top 10 global risks over the next two- and 10-year periods.
Dark Reading: Foresite, announced a new partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity, and data protection.
MarketScreener: Lobby group Japan Association of New Economy has joined U.S. Big Tech to warn against proposed EU cybersecurity labelling rules that they said could hamper their access to the bloc's markets, according to a letter sent to the EU industry chief.
CSO: The United States is heading into a crucial election year, with a high-stakes presidential election that could determine the republic’s fate for decades. In addition, all 435 seats in the United States House of Representatives, 34 Senate seats, and 13 governorships are up for grabs, along with thousands of local government elections.
SecurityWeek: Collectively tracked as the Lazarus Group, the North Korean hackers specialize in cryptocurrency-related intrusions, mainly relying on spear-phishing emails to trick victims into authorizing malicious scripts and downloading malware.
The Target: General Electric (GE) is an American multinational company with divisions in power, renewable energy, and aerospace industries.
The Take: According to the threat actor, "data includes a lot of DARPA-related military information, files, SQL files, documents etc." As proof of the breach, the threat actor shared screenshots of what they claim is stolen GE data, including a database from GE Aviations that appears to contain information on military projects.
The Vector: The data was exposed through a server that was misconfigured so that it was accessible online.
This breach is a stark reminder of how authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.
Forbes: The hyper-connected nature of our world, the growing use of cloud applications and the fact that data now resides anywhere are all contributing factors to the ubiquity of cyberattacks.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy