.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Yahoo Finance: SentinelOne Inc, a cybersecurity company with a market value of about $5 billion, has been exploring options that could include a sale, according to people familiar with the matter.
SecurityWeek: The plans were announced in an SEC filing, with employees being notified starting August 14. In addition, the company revealed that it’s implementing “certain real estate‑related cost optimization actions”.
US News: One of the world’s biggest law firms said it is separating from the Chinese firm that was part of its global network for eight years, citing changes in cybersecurity and other rules that have rattled foreign companies.
CNBC: Hackers will have the chance to compete for millions of dollars in prizes by using artificial intelligence to protect critical U.S. infrastructure from cybersecurity risks, the Biden administration announced.
TechCrunch: U.S. cybersecurity giant Rapid7 has announced plans to lay off 18% of its workforce, affecting more than 400 global employees.
Yahoo Finance: Private equity investors have piled $4.7 billion into European cybersecurity companies so far this year, putting deal value on course to outperform 2022, when the total reached $7.6 billion.
The Target: American retail chain Hot Topic.
The Take: A threat actor obtained the valid account credentials for Hot Topic Rewards accounts from an unknown third party.
The Vector: The series of breaches that occurred between Feb. 7 and June 21 was the result of automated credential stuffing attacks against the company’s website and mobile application.
This breach is a reminder of how authentication controls are an important part of an overall robust cybersecurity posture, and more critically, ensuring these controls are in place on all third-party vendors which have access to a firm’s data.
ZD Net: Some 110.8 million user accounts were breached in the second quarter of 2023, with the US accounting for almost 45% of the global figure. Worldwide, data breaches grew 2.6 times compared to the first quarter, with an average of 855 accounts leaked every minute in the second quarter.
PYMNTS: Bankrupt crypto lender Voyager Digital Holdings has reported a possible breach, revealing the difficulties of protecting customers from online scammers.
The Target: Government services provider Maximus and 513 organizations impacted by the MOVEit hack.
The Take: According to Maximus, the attackers stole files containing personal information and protected health information, including Social Security numbers, “of at least 8 to 11 million individuals”.
The Vector: Disclosed at the end of May, the attack involved the exploitation of a zero-day vulnerability in the MOVEit Transfer managed file transfer (MFT) software, allowing cybercriminals to tap into the data transferred through the service.
A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched. This breach is a reminder of how regular vendor assessments are a key component in cybersecurity. The breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control but in third-party systems the firm relies upon as well.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy