learn more
<https://castlehalldiligence.com>
shutterstock_490960141-1

Industry News: ESG5

Know Your Breach: Frost & Sullivan

The target: Frost & Sullivan, a US based business consulting firm.

The take: 6,000 customer records containing: client name, email address, the company contact. 6146 employee records containing: first and last names, login names, email addresses, and hashed passwords.

The attack vector: Due to a misconfigured, public-facing sever, the data was stolen from an unsecured backup folder which contained readable databases and company documents. The information was then put up for sale on a known hacking forum. 

This breach highlights the importance of a firm’s security posture for publicly accessible file containers. Since sensitive information such passwords were included in the leak, credential stuffing attacks could easily be carried out to great effect.  

Read more...

EasyJet Lawsuit Over Data Breach Attracts 10,000 Passengers

2020-06-24

BNN Bloomberg: More than 10,000 people have joined the suit since it was filed last month, according to law firm PGMBM. Victims are entitled to as much as 2,000 pounds ($2,500) in compensation, meaning the case could be worth as much as 18 billion pounds. EasyJet said last month that the email addresses and travel data of about 9 million

Read more...

L&G Suspends Ties with MorganAsh Over Medical Data Incident

2020-06-24

Cover: L&G uses financial services support company MorganAsh to collect information to support the quote application process for medically underwritten lifetime annuities and its Lifetime Care Plan product.

Read more...

CryptoCore Hacker Group has Stolen More Than $200m from Cryptocurrency Exchanges

2020-06-24

ZDNet: An organized hacker group believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges, cyber-security firm ClearSky said in a report shared with ZDNet.

Read more...

EU’s Privacy Watchdogs Urged to Use Full Force of New Powers

2020-06-23

BNN Bloomberg: European Union data protection watchdogs, armed with the right to levy massive fines for two years, still haven’t made full use of their powers, according to an EU report.

Read more...

Cybersecurity ETFs Gain But Diverge

2020-06-23

Nasdaq: Cybersecurity has been a hot theme this year, suddenly taking new importance in an economy that’s had workers everywhere working from home, logging into systems outside of offices, many for the first time.

Read more...

Good Cyber Security Starts in The Boardroom but Only Half of Business Leaders are Ready for Cyber Security Threats

2020-06-23

Cision: The UK's vulnerability to cyber security attacks has again come under the spotlight, with only half of business leaders ready and prepared to counter digital threats they're currently facing – or are likely to confront in the future. This is despite the fact that over half (52%) link strong cyber security capabilities to increased profitability.

Read more...

One in Six Firms Pay Ransomware Ransoms to Hackers

2020-06-23

TECHERATI: One in six firms met the demands of hackers last year by paying out ransoms, according to the “chilling” findings of a report on cyber crime. The annual Hiscox Cyber Readiness Report revealed that 6 percent of the 5,569 firms polled – and one in six of those attacked – had surrendered by paying a ransom following a cyber attack.

Read more...

Know Your Breach: Postbank

The target: Postbank, the banking division of South Africa’s Post Office.

The take: $3.2 million USD

The attack vector: Rogue employees printed the bank’s ‘master key’, a 36 digit code which allows its users to decrypt the bank’s operations and modify security protocols, on a piece of paper from an old data center. Using this credential they were able to access customer accounts and execute more than 25,000 fraudulent transactions, stealing $3.2 million. In addition to the cash, the master key also gave the attackers access to ATM pins, home banking access codes, customer data and credit card information which could then be used for sophisticated phishing attacks.

This breach highlights the importance of privileged credential management and the cascading negative effects that can happen when a high level protocol is compromised.

Read more...

In a Race Against Time, Japan Builds Up its Cyber Forensics

2020-06-18

Nikkei Asian Review: It’s every CEO’s worst nightmare: Invisible invaders rummaging through internal documents, collecting private emails, salaries and even trade secrets.

Read more...

Google Removes 106 Chrome Extensions for Collecting Sensitive User Data

2020-06-18

ZDNet: The 106 extensions are part of a batch of 111 Chrome extensions that have been identified as malicious in a report published today by cyber-security firm Awake Security.

Read more...

Covid-19 Crisis Flags Up Operational Challenges and Cybersecurity Risks, Panelists Say

2020-06-17

HedgeWeek: Panel sessions on evolving operational challenges and cybersecurity heard how the current remote working environment is shining a light on operational risk challenges, with the ongoing coronavirus pandemic described as “the largest continuity test ever” for emerging hedge fund managers.

Read more...

What Happens When Private Equity Firms Fall for Tech Companies

2020-06-17

Institutional Investor: Private equity firms are increasingly targeting publicly traded technology companies for buyouts, including Thomas Bravo’s deal in early March to buy cybersecurity firm Sophos. As a result, some tech firms may be staying public for a far shorter period of time, according to a new report from data provider PitchBook. 

Read more...

Business Email Compromise: What Can Be Learned from the Norfund Attack

2020-06-17

The Register: Falling for an impostor’s email is easier than you might think. The recent attack which saw Norway’s state-owned investment fund, Norfund, lose an eye-watering USD 10 million (approx. 100 million NOK) was down to a simple but devastatingly effective tactic used by cybercriminals: a spoofed email address.

Read more...

Six Months After Cyberattack, LifeLabs Says it Has Appointed a CISO and Rolled Out New Security Policies

2020-06-16

IT World Canada: Half a year after suffering arguably the worst data breach in Canadian history, LifeLabs provided its customers with an update on what it’s doing to make sure history isn’t repeated.

Read more...

Israeli Software Firm Goes Behind Regulator's Back to Pay $250,000 in BTC Ransom

2020-06-15

Coin Telegraph: An Israel-based company reportedly paid $250,000 in Bitcoin for a ransom payment demanded by hackers that threatened to shut down its systems after a ransomware attack.

Read more...

Know Your Breach: Genworth Financial

The target: Genworth Financial, a fortune 500 Insurance holding company for mortgages and long term care.

The take: Personally Identifiable data of 1600 clients including: name, address, age, gender, date of birth, financial information, social security number, and signature.

The attack vector: The attackers gained unauthorized access through compromised login credentials belonging to some of Genworth’s third party insurance agents. These agents use an online access portal run by Genworth to manage their client’s policies. By exploiting the hacked logins, the threat actors were able to gather a trove of data which is very valuable for phishing attacks, identity theft and more.

This attack highlights the critical need for robust credential management amongst not only a firm’s employee, but also amongst third parties, and wherever access to a firm’s data is concerned.

Read more...

Coronavirus: Pandemic Has Increased Cyber Vulnerabilities for Businesses, Governments, as ASIO Says Australia is 'Less Safe'

2020-06-10

The Canberra Times: The almost instant move to working and socialising from home due to coronavirus has left Australian businesses and homes vulnerable to cyber attacks as communication and data has moved to insecure online platforms.

Read more...

Arawa Capital Launches $40m Cyber Security Fund

2020-06-10

Money Management: The new fund, which would target sophisticated investors, in particular high net worth individuals (HNWI) and family offices, would aim to provide 12% per annum returns. It would invest in three to four companies over the next 12 to 24 months, made up of cyber security and other national security related small and medium enterprises (SMEs). 

Read more...

Thoma Bravo to Cut Up to 16 Per Cent of Sophos' Workforce

2020-06-10

CRN: Thoma Bravo plans to cut up to 16 per cent of Sophos workforce, according to reports. The private equity giant completed its acquisition of the UK-based cybersecurity firm in early March, and has now moved quickly to cut costs.

Read more...

U.S. Investigating Hacker Ring Paid to Target Corporate Critics

2020-06-09

Yahoo Finance: U.S. authorities are investigating a vast hacking-for-hire operation that involves attempts to pilfer confidential communications from investigative journalists, short sellers and advocacy groups fighting climate change, according to law enforcement officials, court documents and cybersecurity officials who have tracked the scheme for years.

Read more...

Obscure Indian Cyber Firm Spied on Politicians, Investors Worldwide

2020-06-09

Reuters: A little-known Indian IT firm offered its hacking services to help clients spy on more than 10,000 email accounts over a period of seven years.

Read more...

Honda Confirms its Network Has Been Hit by Cyberattack

2020-06-09

ZDNet: Honda, the Japanese car manufacturer, has confirmed it has been hit with a cyberattack that has impacted some of its operations, including production systems outside of Japan.

Read more...

Advent Countersues Forescout, Asking Out of $1.9 Billion Deal

2020-06-08

Bloomberg Law: Advent International Corp. countersued Forescout Technologies Inc. in Delaware Monday, six weeks before a YouTube trial over the breakdown of their $1.9 billion take-private buyout, saying the deal’s collapse can’t be blamed on the coronavirus alone.

Read more...

Know Your Breach: San Francisco Retirement System

The target: San Francisco Employees’ Retirement System, the city’s firm which provides pension, retirement plans, and other benefits to city workers.

The take: Personal information for 74,000 members, including names, home addresses, dates of birth, beneficiary information, username/password combinations, and potentially tax information and bank routing numbers.

The attack vector: A breach notification was filed advising that ‘an unauthorized individual’ gained access to a database hosted in a test environment by one of the SFRS’s vendors.

This case again underlines the importance of validation of service providers and ensuring that third party organizations with access to sensitive data put appropriate controls in place. Furthermore, test and pre-stage environments should, as a best practise, use ‘dummy’ or heavily redacted data, especially in cases where security controls are not as rigid as those protecting production systems.

Read more...

Strengthening Your IT Security Against Cyber Threats

2020-06-05

Cision: In the new guide from IT solutions and services provider, Softcat, in-house cyber security experts explain what it takes to enhance cyber security in collaboration with suppliers, customers and everyone in between, to ensure safety along the supply chain.

Read more...

San Francisco Pension Data Breach May Have Exposed Bank Info

2020-06-04

Government Technology: The pension system’s vendor, 10up Inc., said an outside party accessed a test data server with members’ information on Feb. 24. The server was closed and 10up Inc. said there was no evidence information was removed, but could not confirm whether the data was viewed or copied.

Read more...

CPA Canada Hit by Cyberattack, Affecting Data of More Than 329,000

2020-06-04

Yahoo Finance: A cyberattack on the Chartered Professional Accountants of Canada website has affected the personal information of more than 329,000 members and stakeholders, the organization said.

Read more...

Four Ways You Can Keep the Hackers Away

2020-06-03

ZDNet: CIOs are under more pressure than ever before when it comes to cybersecurity concerns, especially now that many or even all of the staff in their organisation are working from home, perhaps using unfamiliar software and hardware as they try to do their jobs on lockdown. 

Read more...

Illegal Crypto Mining Attacks Surge in Singapore, Experts Blame COVID-19

2020-06-03

Cryptopolitan: From January to March, Kaspersky said it was able to block at least 11,700 cryptojacking attacks launched on computer systems in Singapore for illegal crypto mining. The total number of blocked attacks represents a threefold increment when compared to the cryptojacking attacks it blocked last year.

Read more...

Cybersecurity Startup Foundry Team8 Launches VC Arm, Raises $104 Million

2020-06-03

CTech: Israeli cybersecurity startup foundry Team8 announced it is establishing a new venture capital arm. Veteran investor Sarit Firon will serve as co-managing partner of Team8 Capital, alongside Team8 co-founder Liran Grinberg.

Read more...

Advent Says Revenues, Not Virus, Justify Breaking Forescout Deal

2020-06-02

Bloomberg Law: Advent International Corp. is arguing in Delaware court that it can walk away from its planned $1.9 billion take-private buyout of Forescout Technologies Inc. over the cybersecurity company’s precipitous revenue decline, whether it was caused by the Covid-19 pandemic or not.

Read more...