An internal CIA report from 2017 - just released in heavily redacted form - found that the agency's failure to secure its own systems facilitated the massive "Vault 7" data breach that enabled classified information, including details of 35 CIA hacking tools, to be leaked to WikiLeaks.
A former IT administrator for an Atlanta-based building products distribution company has been sentenced to 18 months in federal prison after he sabotaged the firm by changing router passwords and damaging a critical command server. Overall, Charles E. Taylor caused more than $800,000 in damages.
In a video interview, a panel of experts describes why implementing a "zero trust" architecture for the remote workforce during the COVID-19 pandemic requires redefining access control and security strategies.
Even in the best of economic circumstances, enterprises face risks of insiders stealing data or selling access to systems. But Joseph Blankenship of Forrester says the possibility of layoffs due to the COVID-19 pandemic puts enterprises at more risk of insider threats.
Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?
In trying economic times, it's more important than ever to be able to measure and communicate the effectiveness of one's cybersecurity program. Colin O'Connor, COO of ReliaQuest, offers a new alternative to traditional metrics.
The former vice president of finance at a Georgia-based medical supplies company has been charged with hacking into the firm's computers and "sabotaging" shipment of personal protective equipment in the midst of the COVID-19 crisis.
With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved.
The latest edition of the ISMG Security Report offers a discussion of the potential insider threats posed by the remote workforce during the COVID-19 crisis. Also featured: An update on payment fraud shifts and the long-term outlook for the cybersecurity market.
A global health crisis. A remote workforce. Economic uncertainty. These are key ingredients to fuel the insider threat. Randy Trzeciak of the CERT Insider Threat Center at Carnegie Mellon University offers tips for monitoring risky behavior and creating positive incentives to reduce risk.
The SEC has settled charges against two traders who were accused of profiting from the hacking of an SEC EDGAR system server in 2016. The Ukrainian man who allegedly hacked the system by bypassing its authentication control remains at large.
Ransomware, phishing, extortion scams - they all are popular now with COVID-19 themes. But socially-engineered attacks were already on the rise before the pandemic, say Olesia Klevchuk and Nishant Taneja of Barracuda. They share insight on the evolution of cloud-based email defenses.
This webinar will include a live demo showing how you can configure Cloudflare Access to protect your internally-hosted applications and infrastructure.
Careless and malicious insiders, overly complex IT infrastructure and having an excess of privileged users continue to pose serious risks to the integrity of corporate cybersecurity practices, says Timothy Brown of SolarWinds.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.