.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: SK Telecom is the largest mobile network operator in South Korea, holding approximately 48.4% of the mobile phone service market in the country, corresponding to 34 million subscribers.
The Take: USIM data is information stored on a Universal Subscriber Identity Module (USIM), which typically includes International Mobile Subscriber Identity (IMSI), Mobile Station ISDN Number (MSISDN), authentication keys, network usage data, and SMS or contacts if stored on the SIM. This data could be used for targeted surveillance, tracking, and SIM-swap attacks.
The Vector: A malware infection allowed threat actors to access sensitive USIM-related information for customers.
This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.
Dark Reading: Japan has passed the Active Cyber Defense Bill, which will allow its military and law enforcement to take preemptive measures to combat cyber threats.
Yahoo News/Reuters: Hong Kong passed a cybersecurity law to regulate operators of critical infrastructure, forcing them to strengthen computer systems and report cybersecurity incidents or risk penalties of up to HK$5 million ($640,000).
The Target: Japanese electronics manufacturer Casio.
The Take: For the nearly 6,500 employees impacted, basic information collected by human resources was accessed, including names, employee numbers, email addresses and departments. Some employees had other information like gender, date of birth and home address leaked while a small number of those affected had taxpayer ID numbers exposed.
The Vector: An investigation conducted by an outside cybersecurity firm sourced the ransomware attack back to phishing emails that allowed the hackers into Casio’s servers.
As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.
Dark Reading: Lawmakers in Singapore updated the nation's cybersecurity regulations on May 7, giving more power to the agency responsible for enforcing the rules, adopting definitions of computer systems that include cloud infrastructure, and requiring that critical information infrastructure (CII) operators report any cybersecurity incident to the government.
Dark Reading: Malaysia has joined at least two other nations — Singapore and Ghana — in passing laws that require cybersecurity professionals or their firms to be certified and licensed to provide some cybersecurity services in their country.
The Straits Times: The Monetary Authority of Singapore (MAS) and Mastercard on April 9, 2024 signed a memorandum of understanding (MOU) to enhance cooperation in cyber security, specifically with the aim of strengthening cyber resilience in Singapore’s financial services sector.
XM: Britain's National Grid NG.L has started removing components supplied by a unit of China-backed Nari Technology's 600406.SS from the electricity transmission network over cyber security fears, the Financial Times reported.
BNN Bloomberg: Taiwan’s financial system undergirds a $760 billion high-tech economy, but its vulnerability to advanced hacks has raised fears of a worst-case scenario: a full-blown cyberattack from China that sends its currency and markets into a tailspin.
MarketScreener: Lobby group Japan Association of New Economy has joined U.S. Big Tech to warn against proposed EU cybersecurity labelling rules that they said could hamper their access to the bloc's markets, according to a letter sent to the EU industry chief.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Prague
2nd Floor, The Park
V Parku 8
Chodov, Praha, 148 00
Czech Republic
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy