Industry News: ESG5

2024-11-25

Bleeping Computer: A Kansas City man has been indicted for allegedly hacking into computer networks and using this access to promote his cybersecurity services.

Read more...

2024-11-25

BNN Bloomberg: Cybersecurity startup Halcyon Tech Inc. is the industry’s latest unicorn, reaching $1 billion valuation in a deal to raise $100 million as it aims to combat the rise of ransomware attacks. 

Read more...

The Target: Maxar Space Systems is a major player in the American aerospace industry, considered an expert in building communication and Earth observation satellites.

The Take: Maxar Space Systems says that the attacker likely has access to a system that contained the following employee information: name, home address, social security number, business contact information, gender, employment status, employee number, job title, hire/job termination start dates, supervisor, department.

The Vector: The information security team discovered that a hacker using a Hong Kong-based IP address targeted and accessed a Maxar system containing certain files with employee personal data.

This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

Read more...

2024-11-21

TechCrunch: Wiz, one of the most talked-about names in the world of cybersecurity, is making a significant acquisition to expand its product reach in cloud security, particularly with developers.

Read more...

2024-11-19

SecurityWeek: The US government’s cybersecurity agency CISA on Tuesday confirmed that director Jen Easterly and deputy Nitin Natarajan will depart on January 20, clearing the way for a leadership overhaul by the incoming administration.

Read more...

2024-11-18

CFO Dive: The SEC this year blunted requirements of a rule focused on climate risk disclosure before putting the regulation on hold in the face of legal challenges. Companies would be required to disclose the impact of climate change on their finances, operations and business strategy.

Read more...

The Target: Retail giant Hot Topic, which has more than 640 stores across the U.S.

The Take: The stolen data includes email addresses, physical addresses, phone numbers, purchases, genders, and dates of birth. Partial credit card data was also included in the breach, including credit card type, expiry dates, and the last four digits of the card number.

The Vector: The breach occurred on October 19 and was claimed by a threat actor operating under the alias “Satanic” on October 21. In a post on the cybercrime forum BreachForums, Satanic claimed to have stolen 350 million user records from Hot Topic and its affiliated brands, Box Lunch and Torrid.

This breach highlights the extreme importance of timely software updates for known software vulnerabilities, not only in systems directly under a firm’s control, but in third-party systems the firm relies upon as well. The longer a firm, or its vendors, hold out on deploying the most up-to-date software for their systems, the greater the chance an attacker will exploit the issue.

Read more...

2024-11-14

TechCrunch: More consolidation is afoot in the world of cybersecurity. Bitsight, a cybersecurity startup last valued at $2.4 billion when ratings firm Moody’s took a stake in the business and became its largest shareholder in 2021, is acquiring Cybersixgill for $115 million.

Read more...

2024-11-13

Yahoo News: An Alberta Crown corporation says it recently experienced "network issues" after it was the target of a cyberattack. Dwayne Brunner, a spokesman for Alberta Innovates, wouldn't confirm when the issues began, but said an investigation is underway and all network problems have been resolved.

Read more...

2024-11-12

PR Newswire: Jones Walker LLP today announced the release of its 2024 Community and Mid-Size Banks Cybersecurity Survey, the fourth in the law firm's series of industry-focused, biannual cybersecurity studies. 

Read more...