learn more
<https://castlehalldiligence.com>
shutterstock_490960141-1

Industry News: ESG5

      Know Your Breach: First Horizon Bank

      The target: First Horizon Bank, a U.S based financial services company.

      The take: An amount up to $1 million USD, and 200 online customer accounts with personally identifiable information.

      The attack vector: The attacker used illicitly gained login credentials and exploited a vulnerability in third party security software, letting them access customer accounts and siphon funds. In additional to the funds stolen, the detailed personally identifiable data exposed is highly valuable for further phishing and fraud attacks.

      This breach emphasizes the importance of controls around the authentication process – requirements for strong, unique credentials, and implementation of multiple factors of authentication wherever possible to mitigate stolen or brute-forced passwords. Third party software components in an authentication process must also be implemented properly, with security patches tested and applied in a timely manner to maintain a secure posture.

      Read more...

      White House Urged to Address Surge in Ransomware Attacks

      2021-04-29

      Financial Post: Cybersecurity experts, law enforcement agencies and governments urged the White House to root out safe havens for criminals engaging in ransomware and step up regulation of cryptocurrencies, the lifeblood of hackers, in the hopes of controlling a growing wave of attacks.

      Read more...

      Ransomware Demands Estimated to Have Cost Hundreds of Millions of Dollars in Canada in 2020: Report

      2021-04-29

      CTV: A new report released by cybersecurity company Emsisoft estimates that ransomware demands increased by more than 80 per cent globally in 2020, with hundreds of millions of dollars estimated to have been paid out in ransoms in Canada alone.

      Read more...

      Ongoing Maintenance Vital for Successful Cybersecurity

      2021-04-28

      Private Equity Wire: Cybersecurity cannot be a onetime implementation exercise. It requires ongoing management, review and maintenance. And although there has been significant growth in private equity (PE) managers adopting cybersecurity software and solutions, there is still considerable progress to be made.

      Read more...

      Reserve Bank Publishes Cyber Resilience Guidance

      2021-04-28

      RBNZ: The guidance outlines the Reserve Bank’s expectations around cyber resilience, and draws heavily from leading international and national cybersecurity standards and guidelines. The guidance applies to all entities the Reserve Bank regulates, including registered banks, licensed non-bank deposit takers, licensed insurers and designated financial market infrastructures.

      Read more...

      Do Cyberattacks Affect Stock Prices? It Depends on the Breach

      2021-04-27

      DarkReading: In the aftermath of a data breach, ransomware attack, or vulnerability disclosure, organizations may think about how the news will cause their stock price to dip. New research indicates that although security incidents do affect stock price, the size of this impact largely depends on the circumstances — and rarely lasts.

      Read more...

      Proofpoint Enters Definitive Agreement to be Acquired by Thoma Bravo in $12.3 Billion Transaction

      2021-04-26

      Globe Newswire: Proofpoint, Inc., a leading cybersecurity and compliance company, today announced that it has entered into a definitive agreement to be acquired by Thoma Bravo, a leading private equity investment firm focused on the software and technology-enabled services sector, in an all-cash transaction that values Proofpoint at approximately $12.3 billion.

      Read more...

      Update Your Mac Now: The ‘Worst Hack In Years’ Hits Apple Computers

      2021-04-26

      Forbes: Apple Mac users are being urged to update their macOS software now, as they’re at “grave risk” of hackers exploiting what’s been described as one of the worst vulnerabilities to affect the tech giant’s computers in years.

      Read more...

      Know Your Breach: Codecov

      The target: Codecov, a software company which provides code testing and code statistics.

      The take: Security tokens and keys for 29,000 customers and employees, admin credentials, and application source code.

      The attack vector: Attackers gained access to Codecov’s ‘Bash Uploader’ script, a method of uploading unencrypted data to Codecov’s servers used by clients and employees, through a previously unknown vulnerability which let them extract credentials with authority to modify the script. They then used these credentials to have all data sent to Codecov also be sent to their third-party server.

      This breach highlights the importance of securing and testing applications and processes which interact with a firm’s data storage. Wherever information is uploaded, either by clients or employees, the method used should be highly scrutinized to ensure its security is in line with industry best practice and standards.

      Read more...

      BlackRock, Tudor Group Back Cybersecurity Startup Deep Instinct

      2021-04-22

      BNN Bloomberg: Other participating investors include Paul Tudor Jones’s Tudor Group, Neeraj Chandra’s Untitled Investments and 23andme co-founder Anne Wojcicki, Deep Instinct Chief Executive Officer Guy Caspi said in an interview. Existing investors Coatue Management, Millennium and Unbound also took part.

      Read more...

      China Behind Another Hack As U.S. Cybersecurity Issues Mount

      2021-04-21

      NBC News: China is behind a newly discovered series of hacks against key targets in the U.S. government, private companies and the country’s critical infrastructure, cybersecurity firm Mandiant said.

      Read more...

      Court Approves Data Breach Settlements with BMO, CIBC

      2021-04-21

      Investment Executive: An Ontario court has approved proposed class action settlements with Bank of Montreal (BMO) and CIBC over cybersecurity breaches involving thousands of clients.

      Read more...

      US Takes New Aim At Ransomware After Most Costly Year

      2021-04-21

      Yahoo Finance: The Justice Department is taking new aim at ransomware after a year that officials say was the most costly on record for the crippling cyberattacks.

      Read more...

      New ICON Report Predicts Record Deal Activity for Cybersecurity Sector

      2021-04-20

      Private Equity Wire: In Q1 2021 USD3.7 billion was invested by VCs globally, an increase of +35 per cent. That looks set to shatter 2020’s record USD8.3 billion (+22 per cent).

      Read more...

      REvil Gang Tries to Extort Apple, Threatens to Sell Stolen Blueprints

      2021-04-20

      Bleeping Computer: The REvil ransomware gang asked Apple to "buy back" stolen product blueprints to avoid having them leaked on REvil's leak site before today's Apple Spring Loaded event.

      Read more...

      Cybersecurity Spending Has Risen Over the Last Year to $2.6m Per US Firm

      2021-04-21

      Security Magazine: Hiscox reveals that U.S. businesses’ cybersecurity spending is on the rise and they are leaders in cyber expertise, but still have more work to do when it comes to ransomware and phishing emails. 

      Read more...

      Know Your Breach: Kentucky Career Centre

      The target: The Kentucky office of Unemployment Insurance.

      The take: Unauthorized access to claimant accounts which had the ability to alter the destination bank accounts of the benefit payments, forwarding the funds to fraudsters.

      The attack vector: Attackers leveraged the lack of robust password hygiene and modern credential management in Unemployment Office’s IT systems. It was reported that some 4000 users had created passwords such as “1-2-3-4” and 1500 used the phrase “2020”, both easily exploited with moderate computing power and password cracking applications.

      Enforcing strong password management across all platforms is critical to protecting customer data. Industry standard practices of password length, complexity, two-factor authentication, and email verification will only be effective if these methods are enforced. Doing so will ensure users, and their data, are protected as much as possible.

      Read more...

      SolarWinds: US and UK Blame Russian Intelligence Service Hackers for Major Cyberattack

      2021-04-15

      ZDNet: Hackers working for the Russian foreign intelligence service are behind the SolarWinds attack, cyber-espionage campaigns targeting COVID-19 research facilities and more, according to the United States and the United Kingdom.

      Read more...

      DFS SuperIntendent Lacewell Announces Cybersecurity Settlement with Licensed Insurance Company

      2021-04-14

      DFS: Superintendent of Financial Services Linda A. Lacewell announced today that National Securities Corporation (“National Securities”) will pay a $3 million penalty to New York State for violations of DFS’s Cybersecurity Regulation that caused the exposure of a substantial amount of sensitive, non-public, personal data belonging to its customers, including thousands of New York consumers. 

      Read more...

      AMF Warns French Firms on Cybersecurity Complacency

      2021-04-14

      Funds Europe: French asset managers have been warned that they could be nurturing a false sense of security over their management of cybersecurity risks.

      Read more...

      Financial Institutions Have Become High-Value Targets for Cybercriminals

      2021-04-14

      Barron's: Over the past year, lockdowns complicated traditional crime groups’ ability to conduct conspiracies. As a result, many migrated to the dark web, a digital underground where cybercriminals can remain anonymous. This trend popularized a shadow industry of services that allow criminals to continue to partake in activities like extortion and money laundering. 

      Read more...

      Crosspoint Capital Partners Raises USD1.3bn for Debut Private Equity Fund Focused on Cybersecurity, Privacy and Infrastructure Software

      2021-04-13

      Private Equity Wire: Fund I closed at USD1.3 billion, exceeding its target of USD1 billion and making it one of the largest first-time, technology-focused private equity funds ever raised. Managing Partners of the firm include Greg Clark, Ian Loring, Steve Luczo, Matt MacKenzie and Hugh Thompson.  

      Read more...

      Biden Names 2 Ex-NSA Officials for Senior Cyber Positions

      2021-04-12

      Yahoo Finance: Chris Inglis, a former NSA deputy director, is being nominated as the government's first national cyber director. Jen Easterly, a former deputy for counterterrorism at the NSA, has been tapped to run the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security.

      Read more...

      KKR-backed Cybersecurity Firm KnowBe4 Aims for $3 Billion Valuation in U.S. IPO

      2021-04-12

      Reuters: Cybersecurity company KnowBe4 Inc, backed by private-equity firm KKR & Co and funds affiliated with Goldman Sachs, said it was aiming for a valuation of up to $3 billion in its initial public offering in the United States.

      Read more...

      Know Your Breach: Office Depot

      The target: Office Depot, a European online seller of office equipment

      The take: 974,050 wide-ranging records of sensitive information including: monitoring logs, server IP addresses, secure remote login credentials, and customer’s personally identifiable information such as names, physical addresses, and order history. 

      The attack vector: A non-password protected, unencrypted Elasticsearch database was left online, allowing anyone to access the information by entering the URL. 

      Leaving databases exposed to the internet without any credential management impacts its confidentiality, integrity, and availability. Furthermore, collecting and storing sensitive data in plain text without encryption increases the risk to clients. In some cases, the database credentials needed to access the encrypted data is stored on the same server, rendering the encryption ineffective. Proper credential access, along with best encryption practices is essential in keeping data secure.

      Read more...

      96% Of Security Professionals Preparing for AI-Powered Cyber-Attacks

      2021-04-08

      Cision: Darktrace, a leading autonomous cyber security AI company, today announced that a study conducted by MIT Technology Review finds that 96% of security leaders are now preparing for the emergence of AI-powered cyber-attacks, with many embracing AI defenses.

      Read more...

      Why Do Phishing Attacks Work? Blame the Humans, Not the Technology

      2021-04-08

      ZDNet: Phishing attacks remain a huge problem and crooks are spending a lot of time and effort to ensure that, for the potential victim, clicking on a bad link is the most intuitive and easiest thing to do.

      Read more...

      Key House Leader to Press for Inclusion of Cybersecurity in Infrastructure Bill

      2021-04-07

      The Hill: Rep. Yvette Clarke (D-N.Y.), the chair of a key cyber House panel, said Wednesday that she would push for inclusion of language on securing critical systems as part of negotiations around President’s Biden’s infrastructure proposal.

      Read more...

      Facebook Does Not Plan to Notify Half-billion Users Affected by Data Leak

      2021-04-07

      Reuters: Facebook Inc did not notify the more than 530 million users whose details were obtained through the misuse of a feature before 2019 and recently made public in a database, and does not currently have plans to do so, a company spokesman said.

      Read more...

      Data Breach Disclosures Drop in 2020

      2021-04-07

      Compliance Week: The report, “Trends in Cybersecurity Breach Disclosures,” was released and analyzes public company disclosures of cyber-breaches since 2011. According to the report, the 117 breaches that were disclosed in 2020 represents a 19 percent drop from 2019 (144). Still, it is the third highest figure in a single year, behind 2019 and 2018 (130). The number had gone up each year since a dip to 50 in 2015.

      Read more...

      European Institutions Were Targeted in a Cyber-Attack Last Week

      2021-04-06

      BNN Bloomberg: A spokesperson for the commission said that a number of EU bodies “experienced an IT security incident in their IT infrastructure.” The spokesperson said forensic analysis of the incident is still in its initial phase and that it’s too early to provide any conclusive information about the nature of the attack.

      Read more...

      LinkedIn Phishing Ramps Up With More-Targeted Attacks

      2021-04-05

      Dark Reading: Phishing attacks are targeting out-of-work users on LinkedIn, creating lures using job titles scraped from the targeted workers' profiles in an attempt to convince them to open and execute different malicious files or links, according to a new analysis from cybersecurity firm eSentire.

      Read more...

      Know Your Breach: Ubiquiti

      The target: Ubiquiti, a major vendor of cloud-enabled networking devices. 

      The take: Source code, customer data, and cryptographic secrets which would enable remote access to both professional and consumer-grade customer devices.

      The attack vector: The attackers gained control of administrative credentials stored on an IT employee’s LastPass account. With these in hand, the threat actors gained high-level access to Ubiquiti Amazon Web Services accounts, including database storage servers, application logs, and user credentials. Multiple backdoor accounts were reportedly created. A whistleblower alleged that due to an absence of database access logging, Ubiquiti were unable to confirm which records had been accessed, by whom, and when.

      While use of password vaults and privileged account management tools are absolutely a best practice, these tools can only be as secure as the authentication measures enforced upon them. Complex, unique passwords in addition to two-factor authentication should be in place wherever possible to protect privileged credentials and management consoles.

      Additionally – comprehensive logging practices are critical to the reconstruction of events when investigating a breach, and the absence thereof can severely limit a firm’s the ability to determine the full scope of the attack.

      Read more...

      Vanguard Targeted in Bond Fund Scam

      2021-03-31

      Financial Standard: The asset manager said scammers are buying advertisements on search engines for terms relating to "bond or high yield investments". When a person clicks on the ad link, they are taken to a fake investment comparison website with a name like "Investment Compare".

      Read more...

      Cybercrime in the US Jumped By 55% in the Past Two Years

      2021-03-31

      CNet: Cybercrime is on the rise as hackers continue to steal data, disrupt business and cause harm online. The result is billions of dollars in losses: The total annual loss in the US from cybercrime reached $4.2 billion in 2020, according to data released from StockApp.com

      Read more...

      83% of Businesses Hit With a Firmware Attack in Past Two Years

      2021-03-31

      Dark Reading: Firmware attacks targeting enterprises are up over the past two years. However, most victims are too preoccupied with patches and upgrades to invest resources into preventing them. 

      Read more...

      Ransomware Tops U.S. Cyber Priorities, Homeland Secretary Says

      2021-03-31

      Financial Post: Department of Homeland Security (DHS) Secretary Alejandro Mayorkas said on Wednesday that dealing with ransomware will be a top priority, highlighting the growing threat of the data-scrambling software.

      Read more...

      Data Breaches Are A Frequent Occurrence for the Pensions Industry, Says Sackers Webinar

      2021-03-30

      Institutional Asset Manager: The survey showed that just over a third of those responding to the survey have suffered a breach in the last twelve months, with almost half of such breaches reported to the Information Commissioners Office.  

      Read more...

      Cyberattack Forces Australian TV Channel Off Air

      2021-03-29

      CNN Business: Australian broadcaster 9 News suffered a cyberattack that forced a number of live shows off air on Sunday, as the country's federal parliament also reported an attack on its computer network.

      Read more...