Blog Posts Tagged with "Insider Threats"

5e402abc3fedaf8927900f014ccc031f

Out with the Desktop PC, In with the Thin Client: Let’s Start the Conversation

July 30, 2013 Added by:Allan Pratt, MBA

Whether by accident or on purpose, the PC is now becoming an attack vector. Employees can bring USB drives from home – that are infected without their knowledge – and infect their office machines as well as the network. Malicious individuals can do the same.

Comments  (3)

E745f78c8d9499cf7e9aea2084be2e0a

2013 - Year of the D(efense)

December 26, 2012 Added by:Matthew McWhirt

Many of the security incidents encompassing 2012 could have been mitigated, and some even fully prevented, if fundamental information security best practices had been reviewed and assessed, and controls encompassing incident response phases had been fully vetted...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

CFAA Does Not Bar Misappropriation when Employee Authorized

September 27, 2012 Added by:David Navetta

The CFAA only permits claims for accessing a protected computer “without authorization” and “exceeds authorized access” “only when an individual accesses a computer without permission or obtains or alters information on a computer beyond that which he is authorized to access...”

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Clipboards, Confidence, and Information Security

September 17, 2012 Added by:Tripwire Inc

How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...

Comments  (1)

4de72ea3c29fd5b60b5b95627242871a

Data is the New Perimeter for Cloud Security

September 12, 2012 Added by:Mike Gault

The security market in 2012 is estimated at $60 billion, yet adding more layers of perimeter security may be completely useless against a determined sysadmin working on the inside. The end result is that your data might or might not be secure – you simply have no way to prove it...

Comments  (0)

296634767383f056e82787fcb3b94864

Lessons for CEOs from the Saudi Aramco Breach

August 27, 2012 Added by:Jeffrey Carr

Most security operations centers are monitoring for an APT-style attack and their defensive tactics are geared towards interrupting it by use of an "intrusion kill chain". The attack on Saudi Aramco didn't fit this model, and hence would have been completely missed by most of the world's largest companies...

Comments  (1)

F63d0b2876c57f0bb53f053dd6b7b747

Employee Fired for Spying on Management with RAT

August 08, 2012 Added by:Jeremy Sobeck

An executive discovered that an unauthorized remote access tool (RAT) on his computer. This type of attack requires very little sophistication. The company assumed the worst: confidential files had been stolen, malware had been installed, and the fired employee still had remote access to their systems...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Why Does Data Leak?

August 06, 2012 Added by:Danny Lieberman

Data is leaked or stolen because it has value. The financial impact of a breach is directly proportional to the value of the asset. The key attack vector for an event is people - often business partners working with inside employees. People handle electronic data and make mistakes or do not follow policies...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Army Translator Re-Sentenced for Possession of Classified Docs

August 06, 2012 Added by:Headlines

The defendant took classified documents from the U.S. Army without authorization. While assigned to an intelligence group in the 82nd Airborne Division of the U.S. Army at Al Taqqadam Air Base, he downloaded a classified electronic document and took hard copies of several other classified documents...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

Critical Vulnerability in SAP Message Server: A Worldwide Scan

July 04, 2012 Added by:Alexander Polyakov

Two buffer overflow vulnerabilities in SAP Message Server can be exploited remotely so that exploit code can be executed. Out of 1000 companies that use SAP worldwide, randomly selected in the course of the research, 4% expose SAP Message Server to the Internet. This can lead to critical consequences...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Insider Threats Confound Enterprise Security Efforts

June 20, 2012 Added by:Headlines

"The majority of staff within any organization are trustworthy and honest. But businesses must understand the scale of the threat posed by the small proportion of staff who act dishonestly and defraud their employer and the numerous ways in which an organization can be targeted"...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Tripwire Examines the State of Risk-Based Security Management

June 14, 2012 Added by:Headlines

"Though organizations profess a commitment to RBSM... this security practice is still in its infancy. To establish an effective... program, certain barriers need to be addressed. These include securing adequate resources, having employees with the necessary expertise and designating strong leaders..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Judge Upholds Charges Against WikiLeaker Bradley Manning

June 12, 2012 Added by:Headlines

Manning is accused of the largest intelligence leak in U.S. history while deployed to Iraq as a military intelligence analyst, including installing unauthorized software onto government computers to extract classified information and transmitting the data to the whistle-blowing group WikiLeaks...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Programmer Pleads Guilty to Stealing Code from Federal Reserve

May 30, 2012 Added by:Headlines

“Bo Zhang may have thought that he left no fingerprints when he engaged in his high-tech thievery—stealing proprietary government software worth nearly $10 million using little more than a mouse—but he was mistaken. He was caught in his tracks and now he will be punished for his cyber-thievery"...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Insider Threat: Former PNC Manager Pleads Guilty to Bank Theft

May 25, 2012 Added by:Headlines

Laird stole the funds through a number of means: opening credit accounts in her father’s name without authorization; making redemptions from CD accounts of five customers; opening checking accounts in other names and wroting checks to pay her personal bills and expenses...

Comments  (0)

37d5f81e2277051bc17116221040d51c

IT Security: Preventing Insider Threats

May 24, 2012 Added by:Robert Siciliano

An employee at Fannie Mae, knowing he is about to be fired, installed a logic bomb set to detonate almost 3 months after his departure. The detonation would have taken the organization off line for almost a week and cost millions and millions of dollars...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »