.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The target: British Airways, the largest airline in the United Kingdom.
The take: Payment card information for more than 380,000 customers.
The attack vector: By injecting altered scripts into third-party webpages called during the payment and check-out process, malicious actors performed a digital ‘card skimming’ attack, stealing payment card information from BA’s clients from August and September of 2018.
CNN: California officials proposed legislation that, if passed, would set stricter guidelines for when companies need to inform customers of a data breach. The bill would require companies to notify California residents when their passport, passport card or green card numbers are compromised in data breaches. It would also require customers be notified of compromised biometric information such as fingerprints...
PrivateEquityWire: Senseon, an AI platform for cyber defence, has completed a USD6.4 million seed funding round led by venture capital fund MMC Ventures, alongside Mark Weatherford, former Deputy Under Secretary for Cybersecurity, US Department of Homeland Security. Additional investors include Amadeus Capital Partners, Crane Venture Partners and CyLon. The funding will allow Senseon to continue its rapid expansion in the UK and increase its presence in EMEA and the US...
BBC: Mr Bezos is the world's richest man, building his fortune via a company that is transforming the way we live with innovative technology. His business, Amazon, has cyber-security at the heart of everything it does. So how come he risked sending highly embarrassing photos to his lover's phone only to see them hacked and end up in the hands of a tabloid newspaper?...
Reuters: Cyber security company Palo Alto Networks Inc said on Tuesday it would buy U.S.-Israeli information security firm Demisto Inc for $560 million in cash and stock. Demisto, founded in 2015 by four McAfee executives, develops and markets automation tools for information security management, including a chatbot that assists in handling tasks...
PRNewswire: Rise in cyber-attacks, increase in demand for cloud services, and favorable regulatory requirements & government policies facilitate the growth in the global healthcare cyber security market...
IrishTimes: Employees are still the weak link in the security system, with poor habits that potentially put organisations at risk of critical data and intellectual property loss, and severe legal and reputational repercussions, new research from Microsoft has found...
Telegraph: Businesses and government agencies in the United States have been targeted in aggressive attacks by Iranian and Chinese hackers who security experts believe have been energized by President Trump’s withdrawal from the Iran nuclear deal last year and his trade conflicts with China...
The target: India’s national ID database, Aadhaar.
The take: Names, unique identity numbers, bank details and other private information for more than 1.1 billion registered Indian citizens.
The attack vector: One utility’s channel to access the Aadhaar database was without any access control in place, used a hardcoded access token, and enforced zero rate-limiting – meaning that an attacker could cycle through all possible Aadhaar numbers and obtain information every time a valid number was hit.
Reuters: Prime Minister Joseph Muscat told parliament the cyber attack involved the creation of false international payments totaling 13 million euros ($14.7 million) to banks in Britain, the United States, the Czech Republic and Hong Kong...
TheSydneyMorningHerald: The nation's biggest banks are scrambling to contact up to 100,000 customers who may have been caught up in a major data breach at property valuation firm, LandMark White. The breach, which LandMark White first revealed late on Friday, could include property valuations and personal contact information of home owners, residents, and property agents, including first and last names, residential addresses and contact numbers...
CNBC: It was the consumer data security scandal of the decade. The information included Social Security numbers, driver's license numbers, information from credit disputes and other personal details. CEO Richard Smith stepped down under fire. Lawmakers changed credit freeze laws and instilled new regulatory oversight of credit ratings agencies. Then, something unusual happened. The data disappeared completely...
SouthChinaMorningPost: Mary Huen Wai-yi, chairwoman of the Hong Kong Association of Banks (HKAB), said that as lenders have rolled out more digital banking services allowing customers to conduct transactions on their computers or smartphones, so the risks have multiplied. Her concerns are supported by figures from the Hong Kong Monetary Authority (HKMA), the city’s de facto central bank, which show cyberattacks on banks doubled last year. Online scams – including false banking websites, phishing emails and fake banking apps – reached 142 cases in 2018, a threefold increase from the 44 reported incidents in 2017 and a big leap from 35 a year before that...
BBC: The test will mean data passing between Russian citizens and organisations stays inside the nation rather than being routed internationally. A draft law mandating technical changes needed to operate independently was introduced to its parliament last year. The test is expected to happen before 1 April but no exact date has been set...
ABCAustralia: In the first three months of 2017, the Australian Cybercrime Online Reporting Network (ACORN) received 11,775 reports, and the number increased to 14,189 at the start of 2018 — a rise of around 20 per cent. The reporting of cybercrime to police led to Katherine Nguyen, 23, becoming the first person in Australia to be charged over the alleged theft of crypto-currency last October...
DarkReading: A former US Air Force intelligence specialist and counterintelligence agent with the Defense Department has been indicted for conspiring to provide national defense information to four Iranian nationals acting on behalf of the Iranian Revolutionary Guard Corps (IRGC)......
The target: Firebase, a Backend-as-a-Service offering from Google that is marketed towards mobile app developers .
The take: Over 100 million records from thousands of mobile apps, including plaintext user id & password combinations, GPS location records, financial records, health records and session tokens.
The attack vector: Security researchers discovered that the default configuration for Firebase databases does not secure data or require authentication, allowing unauthorized third parties to view and exfiltrate application data.
SydneyMorningHerald: A former AMP contract worker who tried to install a dark web browser on his work laptop after downloading personal identification of 20 customers has pleaded guilty to taking the sensitive data from the financial services company. The Chinese national faced the Downing Centre Local Court on Thursday, charged with possessing identification information with the intention of committing and facilitating the commission of an indictable offence...
Reuters: Hackers working on behalf of Chinese intelligence breached the network of Norwegian software firm Visma to steal secrets from its clients, cyber security researchers said, in what a company executive described as a potentially catastrophic attack. The attack was part of what Western countries said in December is a global hacking campaign by China’s Ministry of State Security to steal intellectual property and corporate secrets, according to investigators at cyber security firm Recorded Future..
FinancialPost: Cyber security incidents have become the new normal for Canadian companies, with one hundred per cent of organizations experiencing attacks, according to the findings of a new study from Scalar Decisions Inc. of more than 400 Canadian IT and security workers. Released today, the 2019 Scalar Security Study (commissioned by Scalar and conducted independently by IDC Canada) showed that cyber security incidents are occurring on a regular basis and the cost of these compromises is at an all-time high. The average cost per organization of responding to, and recovering from, cyber security incidents increased to between $4.8 million to $5.8 million, up from $3.7 million last year...
SMH: National security agencies are continuing to scour the Parliament's computer network for threats to MPs' data after what is being described as a "sophisticated" hack attack that could be the work of a foreign government. The hacking comes just three months ahead of the federal election, prompting fears that if MPs emails or data were stolen they could be used to cause political interference of the style Russia perpetrated against the United States in the 2016 presidential campaign...
CBC: Online attacks on Canada's financial system could become far more destructive as more militaries around the globe get involved in cyber operations, a security expert and former CIA analyst told a House of Commons committee Wednesday. Christopher Porter, the chief intelligence strategist for the cyber security company Fireeye, Inc., testified that as NATO countries share their expertise on how to defend against and defeat online threats, "major cyber powers outside the alliance" will likely do the same...
CyberDefenseMagazine: New York’s position as a financial capital makes the city especially vulnerable to cyber attacks. Although Manhattan is an established gateway for financial services and business in general, it’s still developing as a cyber hub. As hackers’ tools become increasingly sophisticated, it’s no secret that there’s room for improvement in cybersecurity in NYC. To address this urgent need, the New York City Economic Development Corporation (NYCEDC) unveiled Cyber NYC, a huge initiative to transform NYC into a global leader in cybersecurity innovation and talent through collaborations with world-renowned partners in tech, academia, and finance...
NationalPost: Foreign hackers have targeted Canadian banks, mining companies and government institutions in recent years to steal valuable secrets and spread malware, a leading cybersecurity analyst warns. In February 2017, multiple major Canadian financial institutions were exposed to the risk of state-sponsored cybertheft from North Korea in a scheme to redirect people to malicious downloads that would seize control of their computer, says Christopher Porter, chief intelligence strategist at California-based security firm FireEye...
JPost: Iran is likely to expand its cyber espionage activities as its relations with Western powers worsen, the European Union digital security agency. Online disinformation campaigns in recent years as the country tries to strengthen its clout in the Middle East and beyond, a Reuters Special Report published in November found. This month the European Union imposed its first sanctions on Iran since world powers agreed a 2015 nuclear deal with Teheran, in a reaction to Iran's ballistic missile tests and assassination plots on European soil...
A team of former US government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma, in a campaign that shows how potent cyber-weapons are proliferating beyond the world’s superpowers and into the hands of smaller nations...
BusinessStandard: With increasing cases of data breaches and information loss happening on the Internet, cyber attacks are outpacing physical attacks among far-left groups and can cause greater destruction, researchers say. According to lead author Thomas Holt, Professor at the Michigan State University (MSU), the high-profile nature of the internet -- on which the ideological groups can manipulate traffic -- is the ideal platform to attack...
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
84 Chain Lake Drive, Suite 501
Halifax, NS
Canada, B3S 1A2
+1-902-429-8880
Manila
Ground Floor, Three E-com Center
Mall of Asia Complex
Pasay City, Metro Manila
Philippines 1300
Sydney
Level 36 Governor Phillip Tower
1 Farrer Place Sydney 2000
Australia
+61 (2) 8823 3370
Abu Dhabi
Floor No.15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy