A Georgia man has been sentenced to federal prison in an unusual case in which he portrayed himself as a whistleblower while falsely reporting to authorities that a hospital worker committed criminal HIPAA violations.
The U.S. Marine Corps looks to expand its insider threat program and seeks proposals to include activity monitoring technology on its enterprise and classified networks. The goal is to give the Marines greater ability to monitor network traffic and stop insiders from exposing data.
Changes in work environments, including the transition to remote working, have led to an increase in demand for assessing and managing insider risk. Security and risk management leaders should evaluate how insider threat solutions can support their security objectives without alienating their workforce due to privacy...
Today's credential based threats
are complex, often touching many systems, using
multiple log-ins, and spanning a period of several
months. These insider threats involve the legitimate
credentials and access privileges of real users,
making them challenging for legacy security solutions
to detect.
In order...
The sentencing this week of a medical researcher who pleaded guilty in a federal case involving conspiracy to steal trade secrets from a children’s hospital and sell them to China spotlights the growing risks to medical intellectual property posed by insiders.
The Department of Veterans Affairs’ watchdog agency alleges that two VA employees “concealed” and “mispresented” the cybersecurity and privacy risks of an ambitious "big data" project that would have analyzed 22 million veterans’ health records dating back two decades.
Does your organization have a plan in place if one of your employees is accused of being an insurrectionist? If your software was being used to spread plans for a riot, could you detect that? Threat modeling expert Adam Shostack discusses how companies should be prepared to respond to issues in the news.
Intel is investigating an incident in which an unauthorized person accessed a portion of the company's latest quarterly financial report, forcing the chipmaker to release its earnings slightly earlier than planned.
Fraud is an increasingly serious threat for businesses around the world, eroding data integrity and security, consumer confidence and brand integrity. When fraud is discussed, hackers or external fraudsters often come to mind. However, insider fraud is a critical threat that is growing.
Download this white...
Ticketmaster has agreed to pay a $10 million criminal fine to resolve charges that the company illegally accessed an unnamed competitor's computer system on at least 20 separate occasions, using stolen passwords to conduct a cyber espionage operation.
It’s common for organizations to focus a large
portion of their security strategy around potential
outside cyber-threats. However, studies show that insider threats are on the rise and many times are
more difficult to identify. Learning and observing common insider behaviors and
technical actions is one of your...
A former Cisco engineer has been sentenced to serve two years in federal prison after pleading guilty to charges that he hacked his former company, causing $1.4 million in damages.
Italian authorities arrested two employees of the Italian defense contractor Leonardo S.p.A. for installing a backdoor Trojan into the company's systems and exfiltrating 10GB of data over a two-year period, according to local law enforcement officials.
A former Microsoft software engineer has been sentenced to nine years in prison after being found guilty on 18 criminal charges in connection with the theft of more than $10 million through the company's online retail platform.
COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.