.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: SuperVPN, a popular free VPN service provider.
The Take: Exposed database containing of 360,308,817 million records of wide-ranging sensitive information including: email addresses, original IP addresses, geolocation data, UUID numbers, operating systems, internet connection types, and VPN application versions.
The Vector: A misconfigured database was left open and unsecured with no password, meaning anyone with an internet connection could have downloaded the data.
This breach is a perfect example of a preventable cyber incident. Securing access to databases through rigorous password hygiene is an essential component of security. Furthermore, the data stolen in this attack can be used for crafting highly effective phishing attacks. Companies should take every measure necessary to secure customer data.
Blockchain News: Leading cryptocurrency exchange Binance has assisted US law enforcement in seizing $4.4 million and freezing accounts associated with North Korean organized crime.
Business Wire: Organizations of all sizes are increasingly falling victim to ransomware attacks and inadequately protecting against this rising cyberthreat.
Dark Reading: Risk aggregation is not a new phenomenon. The insurance industry, for example, has long examined how shared assets and similarities between organizations in their books bundle potential risk.
Yahoo Finance: Palo Alto Networks Inc. raised its annual forecasts for revenue and adjusted profit as enterprise customers shift to one-stop shops for their cybersecurity needs in a bid to reduce costs.
Forbes: With ever-evolving attack strategies and a growing list of countries and states adding regulations, companies have no choice but to be more proactive about cybersecurity.
City AM: A London-based artificial intelligence firm has announced a $250m cash injection led by the Qatari sovereign wealth fund as investors rush to capitalise on a boom in AI technology.
US News: Top U.S. cybersecurity companies are expected to report another quarter of strong growth as high-profile hacks and a shift in client preference for bigger players with better integrated offerings help support their businesses in a turbulent economy.
The Target: Leverage EDU, a software University Admission platform.
The Take: Exposure of over 240,000 records of Personally Identifiable Information including: names, email addresses, passport scans, applications, bank statements and loan information.
The Vector: A misconfigured database was left open and unsecured with no password, meaning anyone with an internet connection could have viewed and downloaded the trove of data.
This shows how important authentication controls are and that they are purposefully and smartly deployed with security in mind. Multi-factor authentication and password length and complexity rules on server access are effective strategies to mitigate these kinds of breaches to protect a firm’s data.
Funds Tech: Despite the fact that the majority of financial firms have banned the use of social media platforms such as WhatsApp and WeChat, compliance officers are not convinced this will be effective in managing the risk of off-channel communications.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Prague
V Parku 8, 148 00 Praha 11,
Czech Republic
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy