Tag: Audit | Page 3

2018 audit found vulnerabilities in TUSD computer system | News

February 2, 2023/in Computer Security

TUCSON (KVOA)- A 2018 audit of the Tucson Unified School District found several vulnerabilities in the computer system.

The Arizona Auditor General’s report found the district “lacked adequate computer controls” which increased risk of unauthorized access to computer systems.

The report found TUSD had weak password requirements. Common guidelines for strong passwords recommend that passwords be at least eight characters in length; contain a combination of lowercase and uppercase alphabetic characters, numbers, and symbols if permitted in the system; and be changed periodically. However, the District did not require that network and accounting system passwords meet all these requirements.

According to the audit, the district had inadequate procedures for removing access to network and critical systems, with dozens of user accounts still linked to former employees. The report found, “10 user accounts linked to terminated employees who had the ability to access the district’s network using a Virtual Private Network (VPN).”

Finally, TUSD lacked a contingency plan which could help restore systems in case of a breach. Auditors said, “in fiscal years 2016 and 2017, the district did not have a formal, up-to-date, and tested IT contingency plan even though it maintained critical student and accounting information on its network and systems.”

TUSD did not respond to our request for an interview. This report is five-years old, so we don’t know if these issues have been addressed.

But cyber security expert, Sai Huda, CEO of CyberCatch, says it’s happening everywhere.

“These hackers know these school districts have weak security and therefore they’re able to get in very easily, shut things down, encrypt data and put ransomware in the system,” Huda said.

A letter found in school printers attributes the hack to a ransom ware group called Royal. The letter said data had been encrypted, copied and could be posted online.

Tuesday the district released a statement saying it is working with national cyber security experts and that “The forensic investigation is in its early stages and is ongoing. We appreciate the patience of our community as we take essential steps to…

Source…

Central Pattana Public : Notification of the changes of the Company’s Directors, Members of Audit and Corporate Governance Committee and Members of Sub-committees

August 9, 2022/in Computer Security

Lead Independent Director and Chairman of the Risk Policy Committee

Chairman of Audit and Corporate Governance Committee Chairman of the Nomination and Remuneration Committee Member of Audit and Corporate Governance Committee and Member of the Nomination and Remuneration Committee

		(Translation)
9 August 2022	Notification of the changes of the Company’s Directors, Members of Audit and Corporate
	Governance Committee and Members of Sub-committees
No. 51/2022/035	To	President
		The Stock Exchange of Thailand

Enclosure List of Members of the Board of Directors and Form to Report on Names of Members and Scope of Work of the Audit Committee (F24-1)

Central Pattana Public Company Limited ( “the Company“) hereby informs that, on 9 August 2022, its Board of Directors Meeting No.6/2022 has passed significant resolutions as follows:

Acknowledged the resignation from the directorship of Mr. Karun Kittisataporn and Mr. Paitoon Taveebhol. Such directors will perform their duties till end of 31 August 2022.
Appointed Mrs. Parnsiree Amatayakul and Mr. Winid Silamongkol to be directors replacing Mr. Karun Kittisataporn and Mr. Paitoon Taveebhol respectively.
Appointed the following persons to take positions in sub-committees to fulfill the

vacated position.

1) Mr. Veravat Chutichetpong

2)…

Source…

Internet Security Audit Market Analysis By 2022 -2029

March 15, 2022/in Internet Security

New Jersey, USA,- we released research materials for “Global Internet Security Audit Market Report, Trends and Forecasts for 2022-2029, Information by company, region, product, and application”.The market production capacity, production volume, sales volume, sales, price and future trend of Internet Security Audit are explained.We will focus on product features, product specifications, prices, sales revenue of major manufacturers in the global and Chinese markets, and market share of major manufacturers in the global and Chinese markets.The historical data is from 2018 to 2021, and the forecast data is from 2022 to 2029.

Market Research Intellect provides market research reports, F/S, commissioned research, IPO consulting, business plans, etc. to provide you with useful information and data for your global and new business.

Get | Download Sample Copy with TOC, Graphs & List of Figures@ https://www.marketresearchintellect.com/download-sample/?rid=437204

The XX% of the world market for Internet Security Audit in 2021, but it is expected to grow at a XX% CAGR in the period after Corona and reach US$XX million in 2029. On the other hand, the Electronics segment will grow at an average annual growth rate (CARG) XX% until 2029 and will occupy approximately a XX% share by 2029.

Internet Security Audit Market Scale and segment of the world

The global Internet Security Audit market can be subdivided by company, region, product, and application. Key companies, stakeholders, and other participants in the global wire-front semiconductor market can use this report as an important resource. This report focuses on sales performance and forecast by company, region (country), product, and application from 2019 to 2029.

The major players covered in Internet Security Audit Markets:

Symantec
Intel Security
IBM
Cisco
Trend Micro
Dell
Check Point
Juniper Networks
Kaspersky
Hewlett Packard
Microsoft
Huawei
Palo Alto Networks
FireEye
AT&T Cybersecurity
AVG Technologies
Fortinet
ESET
Venustech
H3C Technologies
NSFOCUS

Internet Security Audit Market Breakdown by Type:

System Level Audit
Application Level Audit

Internet Security Audit Market breakdown by application:

Government
…

Source…

2 senators want 3rd party audit on alleged Comelec hacking

January 11, 2022/in Computer Security

Senate of the Philippines *(File photo)*

MANILA – Two senators who are running for president asked the Commission on Elections (Comelec) to allow an independent third party to look into the alleged online attack of its system.

In separate statements Tuesday, Senators Manny Pacquiao and Panfilo Lacson said the poll body must consider an audit into the extent of the alleged hacking.

“The Comelec should clarify the veracity of the hacking incident and be forthright with its findings. More importantly, it should be open to letting experts and related stakeholders help strengthen the security system, including our cybersecurity experts and those of other aspirants. Only through transparency and accountability can we guarantee the integrity of the upcoming elections,” Lacson said.

Pacquiao added the Comelec should allow political parties to conduct an independent investigation while the legislative can exercise its oversight powers to look into the issue.

“Congress should exercise its oversight powers in relation to Republic Act 8436 or the Automated Election Law. This is not the first time that the Comelec has been hacked and this shows very serious security flaws on the poll body’s computer system,” Pacquiao said.

“Hindi na ito dapat palampasin at kailangang magpaliwanag ang Comelec kung ano ang totoong pangyayari at kung ano ang epekto nito sa darating na halalan. Kailangan din nating malaman kung may nakahandang plano ang Comelec kung sakaling nakompromiso ang ating automated polling system (This should not be ignored and its impact on the upcoming elections must be revealed. We must also find out if Comelec has a contingency plan),” he added.

Prior to the 2016 elections, the NBI arrested 20-year-old Paul Loui Biteng and 23-year-old Joenel de Asis for hacking the poll body’s website.

Biteng was cleared of by a Manila Regional Trial Court of criminal liability in 2020 as “there is no direct evidence categorically linking him as the perpetrator for the crimes charged”.

While only Comelec and the Department of Information and Communications Technology can officially confirm or deny if such…

Source…

Tag Archive for: Audit