Today's credential based threats
are complex, often touching many systems, using
multiple log-ins, and spanning a period of several
months. These insider threats involve the legitimate
credentials and access privileges of real users,
making them challenging for legacy security solutions
The sentencing this week of a medical researcher who pleaded guilty in a federal case involving conspiracy to steal trade secrets from a children’s hospital and sell them to China spotlights the growing risks to medical intellectual property posed by insiders.
The Department of Veterans Affairs’ watchdog agency alleges that two VA employees “concealed” and “mispresented” the cybersecurity and privacy risks of an ambitious "big data" project that would have analyzed 22 million veterans’ health records dating back two decades.
Does your organization have a plan in place if one of your employees is accused of being an insurrectionist? If your software was being used to spread plans for a riot, could you detect that? Threat modeling expert Adam Shostack discusses how companies should be prepared to respond to issues in the news.
Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned.
Fraud is an increasingly serious threat for businesses around the world, eroding data integrity and security, consumer confidence and brand integrity. When fraud is discussed, hackers or external fraudsters often come to mind. However, insider fraud is a critical threat that is growing.
Download this white...
Ticketmaster has agreed to pay a $10 million criminal fine to resolve charges that the company illegally accessed an unnamed competitor's computer system on at least 20 separate occasions, using stolen passwords to conduct a cyber espionage operation.
It’s common for organizations to focus a large
portion of their security strategy around potential
outside cyber-threats. However, studies show that insider threats are on the rise and many times are
more difficult to identify. Learning and observing common insider behaviors and
technical actions is one of your...
Italian authorities arrested two employees of the Italian defense contractor Leonardo S.p.A. for installing a backdoor Trojan into the company's systems and exfiltrating 10GB of data over a two-year period, according to local law enforcement officials.
A former Microsoft software engineer has been sentenced to nine years in prison after being found guilty on 18 criminal charges in connection with the theft of more than $10 million through the company's online retail platform.
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
A remote workforce. Economic stress. Pandemic fatigue. These ingredients create a "perfect storm" for insider risk, whether through malicious acts or accident. What can you do to improve monitoring and mitigation of insider risk in these unique conditions?
Randy Trzeciak, director of the CERT Insider Threat Center...
Amidst this new "perfect storm" of insider risk, enterprises face new challenges in detecting malicious and accidental activities. Tricia Hoyt, Director of Security Operations at ReliaQuest, offers insight on how to assess and reduce the risks.
A former vice president of a personal protective equipment packaging firm has been sentenced to prison and ordered to pay restitution for sabotaging the company's electronic shipping records during the COVID-19 pandemic - causing delays in deliveries - after he was terminated from his job.