Industry News: ESG5

The Target: CBIZ is a management consulting company that provides financial and benefits and insurance services to various organizations and individual customers.

The Take: Hackers stole information belonging to nearly 36,000 individuals, which includes: name, contact details, Social Security Number, date of birth/death, retiree health information, welfare plan information.

The Vector: The company informs that a threat actor exploited a vulnerability in one of its web pages and was able to steal customer data between June 2 and June 21.

This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

Read more...

2024-09-04

GlobeNewswire: By leveraging advanced machine learning models, generative AI can anticipate and counteract cyberattacks by identifying patterns, predicting potential vulnerabilities, and even simulating attacks to test system defenses.

Read more...

2024-09-04

Yahoo Finance/Reuters: Zscaler shares tumbled about 16% following the cybersecurity firm's downbeat annual forecast, as macroeconomic challenges slowed spending by its customers.

Read more...

2024-09-04

Dark Reading: The recent arrest and indictment of Telegram CEO Pavel Durov in France will likely have little short-term impact on use of the platform among cybercriminals and nation-state backed hacking groups.

Read more...

2024-09-03

CSO Online: Aligning an organization’s appetite for risk with cybersecurity strategies is a critical challenge CISOs face, one that requires balancing technical controls and business needs.

Read more...

2024-09-03

Axios: Policymakers are preparing for two very different outcomes if former President Donald Trump wins a second term: A world where he overhauls the U.S. approach to defending against nation-state hacks — and another where he leaves everything exactly as it is.

Read more...

2024-09-03

FinTech Global: A recent study highlighted by ISACA points to a staggering 78% of industry professionals ranking the reputational impact as the paramount concern following cyberattacks. 

Read more...

2024-09-03

SecurityWeek: In an updated SEC filing, Halliburton stopped short of confirming a ransomware extortion scheme but said the cyberattack caused significant disruptions and limitation of access to portions of its IT systems.

Read more...

The Target: Patelco is an American not-for-profit credit union that provides financial services, including checking and savings accounts, loans, credit cards, insurance plans, and investments, with assets exceeding $9 billion.

The Take: The information that was exposed to cybercriminals varies per individual and may include: full name, Social Security Number (SSN), driver’s license number, date of birth, email address.

The Vector: Last month, the company disclosed it suffered a ransomware attack on June 29, 2024, that forced it to shut down customer-facing banking systems to contain the damage and protect people's data.

As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.

Read more...

2024-08-28

MSN/Reuters: Cybercrime and other acts of sabotage have cost German companies around 267 billion euros ($298 billion) in the past year, up 29% on the year before, according to a survey published.

Read more...