learn more
<https://castlehalldiligence.com>
shutterstock_490960141-1

Industry News: ESG5

      Cloud Security Firm Lacework Secures $1.3 Billion In New Funding Round

      2021-11-18

      ZDNet: The Series D funding round was led by existing investors Sutter Hill Ventures, Altimeter Capital, D1 Capital Partners, and Tiger Global Management. 

      Read more...

      US, UK Warn of Iranian Hackers Exploiting Microsoft Exchange, Fortinet

      2021-11-17

      Bleeping Computer: The warning was issued as a joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), and the United Kingdom's National Cyber Security Centre (NCSC).

      Read more...

      Vaccine Research Among Cyber Attack Targets

      2021-11-17

      BBC: The National Cyber Security Centre says it handled a record 777 incidents between August 2020 and September 2021. Its annual review said protecting the health sector became an urgent priority over the period.

      Read more...

      FBI Left Out of the Loop In Cyberattack Reporting Bill

      2021-11-16

      Politico: The FBI could be sidelined in new cybersecurity legislation, a top Bureau official told lawmakers. And, in the view of America’s most powerful law enforcement agency, that would be a big problem.

      Read more...

      Ethical Hackers Reduce $27 Billion In Risk During COVID-19 Vulnerability Surge

      2021-11-26

      Cision: Bugcrowd, the world's first crowdsourced cybersecurity platform for multiple solutions, released its annual Inside the Mind of a Hacker '21 report, which provides CIOs and CISOs valuable insight on ethical hackers and the economics of security research.

      Read more...

      DHS Announces New Program to Attract and Retain Cybersecurity Talent

      2021-11-15

      The Hill: The Department of Homeland Security (DHS) announced a new program to attract and retain cybersecurity professionals, as major cyber incidents have ticked up over the past year and are drawing more government attention.

      Read more...

      Know Your Breach: Robin Hood

      The target: Robin Hood, a U.S based investment and trading platform.

      The take: Exposure of an estimated 7 million customer accounts with Personally Identifiable Information including: 5 million email addresses and 2 million full names. For a small number of the exposed records, dates-of-birth and zip codes were also vulnerable.

      The attack vector: The attacker used social engineering to target one of Robin Hood’s Customer Support Representatives, tricking them into thinking they had authentication to access the firm’s internal systems and handed over their credentials. Using these legitimate permissions, the threat actors immediately accessed the sensitive data. 

      This breach highlights the great and always on-going risk that social engineering attacks pose to organizations. The strongest security controls are often only as effective as the employees who maintain them. Regular awareness testing and training, along with an emphasis on the importance of critical thinking and caution when receiving access requests from third parties is critical to a robust cybersecurity posture.

      Read more...

      Ethical Hackers In Saudi Arabia Take On Cybercriminals, Fraudsters

      2021-11-12

      Arab News: The growing popularity of e-commerce, online public services and social media in Saudi Arabia has brought many benefits that can improve the quality of day-to-day life.

      Read more...

      Cyber Security Breaches Are Greatest Staff-Related Risk, According to Attendees of Walkers’ Employment Conference on Equipping the Board

      2021-11-11

      Lexology: Cyber security breaches are overwhelmingly the greatest staff-related risk for a financial services business, according to a survey of Channel Island employers at Walkers' three-day virtual employment law conference.

      Read more...

      VP Harris Announces US Support for International Cybersecurity Partnership in Paris

      2021-11-11

      ZDNet: US Vice President Kamala Harris said the US will be joining the Paris Call for Trust and Security in Cyberspace -- a voluntary agreement between more than 80 countries, local governments, and tech companies centered on advancing cybersecurity and "preserving the open, interoperable, secure, and reliable Internet."

      Read more...