shutterstock_490960141-1

Industry News: ESG5

    Know Your Breach: Patelco

    The Target: Patelco is an American not-for-profit credit union that provides financial services, including checking and savings accounts, loans, credit cards, insurance plans, and investments, with assets exceeding $9 billion.

    The Take: The information that was exposed to cybercriminals varies per individual and may include: full name, Social Security Number (SSN), driver’s license number, date of birth, email address.

    The Vector: Last month, the company disclosed it suffered a ransomware attack on June 29, 2024, that forced it to shut down customer-facing banking systems to contain the damage and protect people's data.

    As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.

    Read more...

    Cybercrime and Sabotage Cost German Firms $300 Billion in Past Year

    2024-08-28

    MSN/Reuters: Cybercrime and other acts of sabotage have cost German companies around 267 billion euros ($298 billion) in the past year, up 29% on the year before, according to a survey published.

    Read more...

    Indian Lenders Lag Global Peers on Cybersecurity Spends, BCG Says

    2024-08-28

    BNN Bloomberg: Rising cases of online thefts and frauds will push Indian banks that are already lagging behind their global peers in cybersecurity spending to step up, according to Neetu Chitkara, managing director and partner at Boston Consulting Group.

    Read more...

    Chinese Hackers Exploited Bug to Compromise Internet Companies, Cybersecurity Firm Says

    2024-08-28

    MSN/Reuters: A Chinese hacking group exploited a software bug to compromise several internet companies in the U.S. and abroad, a cybersecurity firm said.

    Read more...

    Why The SEC's Four-Day Disclosure Rule Raises The Bar For Security

    2024-08-28

    Forbes: Seventy-four percent of cybersecurity leaders are confident in their ability to detect and respond to cyberattacks in real time, according to new research.

    Read more...

    Falfurrias Management Partners Invests in Cybersecurity Company MOXFIVE

    2024-08-28

    Private Equity Wire: North Carolina-based private equity firm Falfurrias Management Partners has made a growth investment in cybersecurity company MOXFIVE.

    Read more...

    AI-Driven Cybersecurity and Human Collaboration Are Crucial for Adapting to Future Threats, Says Info-Tech Research Group

    2024-08-27

    PR Newswire: The rapid evolution of cyber threats, driven by increasingly sophisticated tactics and automation, has exposed the vulnerabilities of traditional security solutions.

    Read more...

    CrowdStrike Outlook Appears 'Absolutely Solid' Despite Outage

    2024-08-27

    Yahoo Finance: Cybersecurity stocks are in focus this week, with SentinelOne (S) and CrowdStrike (CRWD) earnings giving investors a fresh read on the sector. TD Cowen senior analyst Shaul Eyal joins Market Domination to discuss the state of the cybersecurity industry and some of its key players.

    Read more...

    Know Your Breach: Toyota

    The Target: Toyota Motor Corporation is a Japanese multinational automotive manufacturer headquartered in Toyota City, Aichi, Japan.

    The Take: The threat actor says they breached a U.S. branch and were able to steal 240GB of files with information on Toyota employees and customers, as well as contracts and financial information.

    The Vector: BleepingComputer found that the files had been stolen or at least created on December 25, 2022. This date could indicate that the threat actor gained access to a backup server where the data was stored.

    This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

    Read more...

    Sebi Comes Out With New Cyber Security Framework For Regulated Entities

    2024-08-21

    MSN: Markets watchdog Sebi issued a new cyber security framework wherein all regulated entities are required to have appropriate security monitoring mechanisms, and the fresh norms will be implemented in a graded manner starting from January 2025.

    Read more...

    About Castle Hall Diligence

    Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

    Subscribe to Cyber Updates