When an employee exits, it's essential to ensure their access rights don't go with them. Too often, however, organizations fail to track who's joining, leaving or changing roles, leaving them at increased risk of malicious activity.
Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
An investigation into last year's attempted theft of $170 million at India's state-owned Union Bank has found strong similarities with the Bangladesh Central Bank heist, which was attributed to North Korea, and resulted in an $81 million loss.
The latest edition of the ISMG Security Report leads off with an interview with the co-editor of a new book, Inside Threat, who uses examples from the physical world that can be applied to the virtual world. Also, organizations fall short on offering identity protection services.
Leading the latest edition of the ISMG Security: A deep dive into the WikiLeaks release of thousands of documents that appear to lay open in detail the CIA's computer hacking techniques Report. Also, tackling the rise of attacks targeting the internet of things.
What did Yahoo executives know about multiple data breaches and attacks that the company suffered, and when did they know it? Those questions have continued to dog Yahoo as it negotiates its sale to Verizon for the now-discounted price of $4.5 billion.
At the request of German authorities, British police have arrested a suspected hacker involved in last year's disruption of 1 million Deutsche Telekom customers' routers via Mirai malware, which targets default credentials on internet-connected devices.
When Army intelligence specialist Chelsea Manning leaked classified documents to WikiLeaks in 2010, the federal government's security clearance process served as the main defense against malicious insiders. CERT's Randy Trzeciak explains how insider threat defenses have changed since then.
A report on passage by the House of Representatives of a bill aimed at toughening insider threat defenses at the Department of Homeland Security leads the latest edition of the ISMG Security Report. Also, analyzing the use of blockchain technology to secure healthcare data.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Nearly three years after the Heartbleed bug - and 600,000 vulnerable servers - was discovered, the vulnerability lives on. The latest scans still count 180,000 at-risk servers. Why won't this bug just die?
An overlooked security setting on Twitter may have allowed a hacker to guess the password-reset email addresses tied to accounts used by President Donald Trump, first lady Melania Trump, Vice President Mike Pence plus a top adviser. What's the risk?
This ISMG Security Report leads with comments from President Donald Trump that suggest the U.S. military will take the lead in defending civilian-owned critical infrastructure. Also, how insider defenses changed since Chelsea Manning's WikiLeaks data dump.