shutterstock_490960141-1

Industry News: ESG5

    Cybersecurity Company Qualys Explores Potential Sale

    2024-11-06

    BNN Bloomberg: Qualys Inc. is exploring options including a potential sale after receiving takeover interest, people familiar with the matter said, as consolidation is expected to accelerate in the cybersecurity sector. The stock rose as much as 33%.

    Read more...

    Germany Drafts Law to Protect Researchers Who Find Security Flaws

    2024-11-06

    Bleeping Computer: The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors.

    Read more...

    Man Arrested in Canada Allegedly Linked to Snowflake Data Thefts

    2024-11-05

    CSO Online: Canadian federal and provincial authorities haven’t released the court documents relating to the arrest, so CSO isn’t naming the accused.

    Read more...

    AI Increases Fraud Risk, Fintechs Say

    2024-11-05

    Cybersecurity Dive: Fraud is on the rise. Americans lost $10.2 billion to fraud in 2023, a 14% increase in reported losses compared to 2022, according to the Federal Trade Commission. And fraudsters are aided in no small part by advanced technology, according to the international police organization Interpol.

    Read more...

    US Cybersecurity Chief Says Disinformation Surge Hasn't Impacted Election

    2024-11-04

    US News: U.S. cybersecurity agency director Jen Easterly said that her department has not seen evidence of any activity that could directly impact the outcome of the election, despite a surge in disinformation.

    Read more...

    UK Banks Urged to Gird for CrowdStrike-Like Outage

    2024-11-04

    Bank Info Security: British financial institutions must ensure by this spring that they could reasonably weather a third-party tech outage on the scale of July's global meltdown of 8.5 million computers triggered by a faulty update from cybersecurity firm CrowdStrike.

    Read more...

    Know Your Breach: Landmark Admin

    The Target: Landmark Admin is a third-party administrator for insurance companies, offering back-office services like new business processing and claims administration for large insurance carriers.

    The Take: The following information related to potentially impacted individuals may have been subject to unauthorized access: first name/initial and last name; address; Social Security number; tax identification number; driver's license number/state-issued identification card; passport number; financial account number; medical information; date of birth; health insurance policy number; and life and annuity policy information.

    The Vector: Landmark says it found evidence that the threat actor accessed some files during the attack that contained the personal information of 806,519 people.

    This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

    Read more...

    Cybersecurity Remains a Tick-The-Box Exercise Despite Jump in Cyberattacks and Ransom Payouts

    2024-10-31

    PR Newswire: With nearly a 10-percentage point jump in cyberattacks over the past year, Canadian business leaders rank cybersecurity as the No. 1 threat to their growth, finds a recent KPMG Private Enterprise™ survey. 

    Read more...

    UK’s CybaVerse Raises $1.4 Million to Expand Cybersecurity Team

    2024-10-29

    PYMNTS.com: U.K. cybersecurity firm CybaVerse is expanding its team after raising $1.4 million. The company announced the fundraise on its website, saying it would use the capital to speed the development of its platform and expand its team.

    Read more...

    Poor Vulnerability Management Could Indicate Larger Cyber Governance Issues, S&P Says

    2024-10-29

    Cybersecurity Dive: The recognition and remediation of software vulnerabilities has become an increasingly urgent issue in the cybersecurity community in recent years.

    Read more...

    About Castle Hall Diligence

    Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

    Subscribe to Cyber Updates