Insider Threat
August 30, 2024
Employee Arrested for Locking Windows Admins Out of 254 Servers in Extortion Plot Full Text
Abstract
The FBI investigation revealed that the suspect, Daniel Rhyne, had accessed the company's systems without authorization and changed passwords for various accounts. Rhyne's actions were intended to deny the company access to its systems and data.Bleeping Computer
May 27, 2024 – Government
EU Wants Universities to Work with Intelligence Agencies to Protect Their Research Full Text
Abstract
Europe’s leading research universities should work more closely with the continent’s intelligence agencies to help secure their research from being stolen by hostile states, EU member states recommended this week.The Record
May 14, 2024
Insider Threats Maintain a Rising Trend Full Text
Abstract
Insider threats, including dishonest actions to obtain benefits through theft or deception, have seen a significant rise in the past year, driven by factors like rising cost of living, remote work, and the increasing sophistication of fraud tactics.Tripwire
April 25, 2024
Ring Customers Get $5.6 Million in Privacy Breach Settlement Full Text
Abstract
The FTC is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections.Bleeping Computer
April 18, 2024
Insider Threats Surge 14% Annually as Cost-of-Living Crisis Bites Full Text
Abstract
Employee fraud grew significantly last year thanks to the opportunities afforded by remote working and the pressures of a cost-of-living crisis in the UK, according to Cifas.Infosecurity Magazine
April 2, 2024
OWASP Discloses a Data Breach Due to Wiki Misconfiguration Full Text
Abstract
In late February 2024, the Foundation received a few support requests and became aware of a misconfiguration of OWASP’s old Wiki web server. The misconfiguration led to a data breach involving old member resumes.Security Affairs
March 29, 2024
Large Trove of UK Student Records Leaked Due to School Software Server Misconfiguration Full Text
Abstract
According to researcher Jeremiah Fowler, the server was affiliated with OTrack, also known as Optimum Pupil/Sonar Tracker, developed by Juniper Education. OTrack is utilized by over 7,000 primary and secondary schools across the United Kingdom.Hack Read
February 24, 2024
Australia: Second Accidental Data Leak in Four Months ‘Regrettable’, Finance Department Says Full Text
Abstract
The Australian government has experienced a significant increase in data breaches, with human error being the leading cause, highlighting the need for improved detection and response systems.Cyware
February 21, 2024
Insider Steals 80,000 Email Addresses From UK District Councils Full Text
Abstract
A former council worker has been cautioned by police for taking 79,000 residents' email addresses from a database to promote a business unrelated to the council. Another database from Warwick District Council was also affected.Cyware
February 15, 2024
U.S. Internet Corp. Leaked Years of Internal, Customer Emails Full Text
Abstract
U.S. Internet Corp.'s subsidiary, Securence, inadvertently exposed over a decade's worth of internal and client emails, including those of government institutions, due to a misconfigured server, raising serious security concerns.Cyware
February 7, 2024
Medical Center Fined $4.75M in Insider ID Theft Incident Full Text
Abstract
The incident revealed data security failures and led to a corrective action plan, including a thorough security risk analysis and implementation of audit controls, to address vulnerabilities and improve patient information protection.Cyware
January 16, 2024
Case Study: The Cookie Privacy Monster in Big Global Retail Full Text
Abstract
Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn't anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away. Download the full case study here . As a child, did you ever get caught with your hand in the cookie jar and earn yourself a telling-off? Well, even if you can still remember being outed as a cookie monster, the punishments for today's thieving beasts are worse. Millions of dollars worse. Cookies are an essential part of modern web analytics. A cookie is a small piece of text data that records website visitor preferences along with their behaviors, and its job is to help personalize their browsing experience. Just as you needed parental consent to access the cookie jar all those years ago, your business now needs to obtain user consent before iThe Hacker News
December 28, 2023
How to Incorporate Human-Centric Security Full Text
Abstract
Companies need to shift their focus from solely addressing threats to proactively mitigating risks by analyzing behaviors and implementing insider risk management solutions.Cyware
December 18, 2023
Ubiquiti Fixes Glitch That Exposed Private Video Streams to Other Customers Full Text
Abstract
The bug was caused by a misconfiguration during an upgrade to Ubiquiti's cloud infrastructure, resulting in 1,216 accounts being improperly associated with another group of 1,177 accounts.Cyware
November 15, 2023
Three Ways Varonis Helps You Fight Insider Threats Full Text
Abstract
What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary, or private information stolen and exposed by insiders. In each case, the motivations and methods varied, but the risk remained the same: insiders have access to too much data with too few controls. Insider threats continue to prove difficult for organizations to combat because — unlike an outsider — insiders can navigate sensitive data undetected and typically without suspicion. Cybersecurity is not the first industry to tackle insider threats, however. Espionage has a long history of facing and defending against insiders by using the "CIA Triad" principles of confidentiality, integrity, and availability. Varonis' modern cybersecurity answer to insider risk is the data security triad of "sensitivity, access, and activity." Using these three dimensions of data security, you can help reduce the risk and impact of an insider attack. SenThe Hacker News
October 30, 2023
ServiceNow Data Exposure: A Wake-Up Call for Companies Full Text
Abstract
Earlier this week, ServiceNow announced on its support site that misconfigurations within the platform could result in "unintended access" to sensitive data. For organizations that use ServiceNow, this security exposure is a critical concern that could have resulted in major data leakage of sensitive corporate data. ServiceNow has since taken steps to fix this issue . This article fully analyzes the issue, explains why this critical application misconfiguration could have had serious consequences for businesses, and remediation steps companies would take, if not for the ServiceNow fix. (Although, recommended to double check that the fix has closed the organization's exposure.) In a Nutshell ServiceNow is a cloud-based platform used for automating IT service management, IT operations management, and IT business management for customer service, as well as HR, security operations, and a wide variety of additional domains. This SaaS application is considered to be one of the top buThe Hacker News
September 26, 2023
Despite Rising Insider Risk Costs, Budgets are Being Wasted in the Wrong Places Full Text
Abstract
The cost of insider risks for organizations is at an all-time high, with the average annual cost reaching $16.2 million, a 40% increase in four years, according to DTEX Systems.Cyware
September 25, 2023
Average Insider Cyberthreat Cost Spikes 40% in Four Years: Report Full Text
Abstract
Containment and remediation after an insider incident are the most expensive areas, with an average cost of $179,209 and $125,221 per incident respectively, and the average time to contain an incident has increased to 86 days.Cyware
September 19, 2023
Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data Full Text
Abstract
Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. The leak was discovered on the company's AI GitHub repository and is said to have been inadvertently made public when publishing a bucket of open-source training data, Wiz said. It also included a disk backup of two former employees' workstations containing secrets, keys, passwords, and over 30,000 internal Teams messages. The repository, named " robust-models-transfer ," is no longer accessible. Prior to its takedown, it featured source code and machine learning models pertaining to a 2020 research paper titled "Do Adversarially Robust ImageNet Models Transfer Better?" "The exposure came as the result of an overly permissive SAS token – an Azure feature that allows users to share data in a manner that is both hard to track and hard to revoke," Wiz said in a report. The issue was reported to Microsoft on JThe Hacker News
September 1, 2023 – Breach
Data Breach Could Affect More Than 100,000 in Pima County Full Text
Abstract
More than 100,000 Pima County residents could be affected by a nationwide data breach that affected the company that handled COVID-19 case investigations and contact tracing here, officials say.Cyware
August 4, 2023
Burger King Forgets to put a Password on Their Systems, Again Full Text
Abstract
On June 1st, 2023, the Cybernews research team discovered a publicly accessible environment file (.env) belonging to Burger King’s French website, containing various credentials. The file was hosted on the subdomain used for posting job offers.Cyware
July 28, 2023
Monitor Insider Threats but Build Trust First Full Text
Abstract
The issue of how to prevent insider threats without infringing on employee privacy is one that has been a hot topic of debate in recent years. Because insider threats are uniquely challenging to detect and identify, different methods are needed than...Security Affairs
July 28, 2023
CISA to Establish Network of Regional Election Advisers for 2024 Full Text
Abstract
Announced by Director Jen Easterly on Tuesday, the 10 advisers will support election officials working in their respective areas in an effort to “build even stronger connective tissue between state and local election officials and … CISA.”Cyware
July 19, 2023
FIA World Endurance Championship Driver Passports Left Unsecured Full Text
Abstract
On June 16th, Cybernews researchers came across two misconfigured, meaning publicly exposed, Google Cloud Storage buckets. Both combined, they contained over 1.1 million files.Cyware
July 18, 2023
VirusTotal Data Leak Exposes Some Registered Customers’ Details Full Text
Abstract
Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform. The security incident, which comprises a database of 5,600 names in a 313KB file, was first disclosed by Der Spiegel and Der Standard yesterday. Launched in 2004, VirusTotal is a popular service that analyzes suspicious files and URLs to detect types of malware and malicious content using antivirus engines and website scanners. It was acquired by Google in 2012 and became a subsidiary of Google Cloud's Chronicle unit in 2018. When reached for comment, Google confirmed the leak and said it took immediate steps to remove the data. "We are aware of the unintentional distribution of a small segment of customer group administrator emails and organization names by one of our employees on the VirusTotal platform," a Google Cloud spokesperson told The HackerThe Hacker News
July 14, 2023
Defend Against Insider Threats: Join this Webinar on SaaS Security Posture Management Full Text
Abstract
As security practices continue to evolve, one primary concern persists in the minds of security professionals—the risk of employees unintentionally or deliberately exposing vital information. Insider threats, whether originating from deliberate actions or accidental incidents, pose a significant challenge to safeguarding sensitive data. To effectively address insider risks, organizations must adopt a holistic approach that encompasses technical, procedural, and human elements. While access controls, encryption, and monitoring systems are crucial for identifying and mitigating unauthorized access and suspicious activities, the increasing prevalence of cloud-based environments and the surge in SaaS application usage demand a fresh perspective on Insider Risk Management from a SaaS security standpoint. Stay ahead of the game by embracing the SaaS security lens. Join us for an enlightening webinar where we will demonstrate how security practitioners can proactively adapt their approachThe Hacker News
July 14, 2023
AIOS WordPress Plugin Faces Backlash for Storing User Passwords in Plain Text Full Text
Abstract
All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users' passwords being added to the database in plaintext format. "A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them," UpdraftPlus, the maintainers of AIOS, said . "This would be a problem if those site administrators were to try out those passwords on other services where your users might have used the same password. If those other services' logins are not protected by two-factor authentication, this could be a risk to the affected website." The issue surfaced nearly three weeks ago when a user of the plugin reported the behavior, stating they were "absolutely shocked that a security plugin is making such a basic security 101 error." AIOS also noted that the updates remove the existing logged data from thThe Hacker News
July 10, 2023
Former employee charged for attacking water treatment plant Full Text
Abstract
A former employee of Discovery Bay Water Treatment Facility in California was indicted by a federal grand jury for intentionally attempting to cause malfunction to the facility's safety and protection systems.BleepingComputer
May 15, 2023
Former Ubiquiti Employee Gets 6 Years in Jail for $2 Million Crypto Extortion Case Full Text
Abstract
A former employee of Ubiquiti has been sentenced to six years in jail after he pleaded guilty to posing as an anonymous hacker and a whistleblower in an attempt to extort almost $2 million worth of cryptocurrency while working at the company. Nickolas Sharp, 37, was arrested in December 2021 for using his insider access as a senior developer to steal confidential data and sending an anonymous email asking the network technology provider to pay 50 bitcoin (about $2 million at the time) in exchange for the siphoned information. Ubiquiti, however, didn't yield to the ransom attempt and instead looped in law enforcement, which eventually identified Sharp as the hacker after tracing a VPN connection to a Surfshark account purchased with his PayPal account. "Sharp repeatedly misused his administrative access to download gigabytes of confidential data from his employer," the U.S. Justice Department said, adding he "modified session file names to attempt to make it apThe Hacker News
April 22, 2023
CFPB says employee sent confidential data of 256,000 consumers to personal email Full Text
Abstract
An employee at the Consumer Financial Protection Bureau sent confidential data about hundreds of thousands of consumer accounts to their personal email, the agency told CNN on Thursday.Cyware
April 19, 2023
Misconfiguration leaves thousands of servers vulnerable to attack, researchers find Full Text
Abstract
Misconfigured web servers remain a “major problem” with thousands left exposed online waiting for hackers to gain access to valuable information that’s left up for grabs, according to a recent report from the security company Censys.Cyware
April 13, 2023
How to Combat Insider Threats Full Text
Abstract
Knowing that insider threats are a risk is one thing. Knowing how to fight them off is entirely another. Dealing with issues of insider cyber risk can be different and nuanced. It’s hard to admit that someone from within the company could ‘not...Security Affairs
March 17, 2023
Top 5 Insider Threats to Look Out For in 2023 Full Text
Abstract
Unquestionably, 'insider threats' is one of the most neglected aspects of cybersecurity and some companies fail to recognize associated dangers. Cyberattacks are growing more complex as technology advances. Many businesses concentrate their cybersecurity...Security Affairs
March 7, 2023
LastPass hack caused by an unpatched Plex software on an employee’s PC Full Text
Abstract
The LastPass data breach was caused by the failure to update Plex on the home computer of one of the company updates. The security breach suffered by LastPass was caused by the failure to update Plex on the home computer of one of its engineers. Recently,...Security Affairs
February 27, 2023
Employees bypass cybersecurity guidance to achieve business objectives Full Text
Abstract
Gartner research shows that compliance-centric cybersecurity programs, low executive support, and subpar industry-level maturity are all indicators of an organization that does not view security risk management as critical to business success.Cyware
January 30, 2023
Insider attacks becoming more frequent, more difficult to detect Full Text
Abstract
A Gurucul report found that organizations have never felt more vulnerable with three-quarters of respondents saying they feel moderately to extremely vulnerable to insider threats – an increase of 8% over the previous year.Cyware
January 26, 2023
An unfaithful employee leaked Yandex source code repositories Full Text
Abstract
A source code repository allegedly stolen by a former employee of the Russian tech giant Yandex has been leaked online. A Yandex source code repository allegedly stolen by a former employee of the Russian IT giant has been leaked on a popular cybercrime...Security Affairs
January 12, 2023
Threat actors claim access to Telegram servers through insiders Full Text
Abstract
Researchers reported that a threat actor claims to provide access to internal servers at Telegram for $20,000. SafetyDetectives reported that a member of a dark web marketplace is claiming to provide access to internal servers at Telegram for $20,000. The...Security Affairs
November 18, 2022
Meta Reportedly Fires Dozens of Employees for Hijacking Users’ Facebook and Instagram Accounts Full Text
Abstract
Meta Platforms is said to have fired or disciplined over two dozen employees and contractors over the past year for allegedly compromising and taking over user accounts, The Wall Street Journal reported Thursday. Some of these cases involved bribery, the publication said, citing sources and documents. Included among those fired were contractors who worked as security guards at the social media firm's facilities and were given access to an internal tool that allowed employees to help "users they know" gain access to accounts after forgetting their passwords, or had their accounts locked out. The system, called "Oops" and short for Online Operations, is off limits to a vast majority of the platform's users, leading to the rise of a "cottage industry of intermediaries" who charge users thousands of dollars and reach out to insiders who are willing to reset the accounts. "You really have to have someone on the inside who will actually do itThe Hacker News
October 28, 2022
New York Post hacked? No, the culprit is an employee Full Text
Abstract
Threat actors hacked the website and Twitter account of the New York Post and published offensive messages against US politicians. New York Post confirmed that it was hacked, its website and Twitter account were used by the attackers to publish offensive...Security Affairs
October 5, 2022
8 strange ways employees can (accidently) expose data Full Text
Abstract
From eyeglass reflections and new job postings to certificate transparency logs and discarded printers, employees can involuntarily and unintentionally expose confidential data in odd ways.CSO Online
October 03, 2022
Ex-NSA Employee Arrested for Trying to Sell U.S. Secrets to a Foreign Government Full Text
Abstract
A former U.S. National Security Agency (NSA) employee has been arrested on charges of attempting to sell classified information to a foreign spy, who was actually an undercover agent working for the Federal Bureau of Investigation (FBI). Jareh Sebastian Dalke, 30, was employed at the NSA for less than a month from June 6, 2022, to July 1, 2022, serving as an Information Systems Security Designer as part of a temporary assignment in Washington D.C. According to an affidavit filed by the FBI, Dalke was also a member of the U.S. Army from about 2015 to 2018 and held a Secret security clearance, which he received in 2016. The defendant further held a Top Secret security clearance during his tenure at the NSA. "Between August and September 2022, Dalke used an encrypted email account to transmit excerpts of three classified documents he had obtained during his employment to an individual Dalke believed to be working for a foreign government," the Justice Department (DoJ) saiThe Hacker News
September 29, 2022
Fired admin cripples former employer’s network using old credentials Full Text
Abstract
An IT system administrator of a prominent financial company based in Hawaii, U.S., used a pair of credentials that hadn't been invalidated after he was laid off to wreak havoc on his employer.BleepingComputer
September 22, 2022
A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder Full Text
Abstract
A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit ransomware gang. The leak of the builder for the latest encryptor of the LockBit ransomware gang made the headlines, it seems that...Security Affairs
September 16, 2022
LastPass says hackers had internal access for four days Full Text
Abstract
LastPass says the attacker behind the August security breach had internal access to the company's systems for four days until they were detected and evicted.BleepingComputer
September 15, 2022
5 Ways to Mitigate Your New Insider Threats in the Great Resignation Full Text
Abstract
Companies are in the midst of an employee "turnover tsunami" with no signs of a slowdown. According to Fortune Magazine, 40% of the U.S. is considering quitting their jobs. This trend – coined the great resignation - creates instability in organizations. High employee turnover increases security risks, and companies are more vulnerable to attacks from human factors worldwide. At Davos 2022 , statistics connect the turmoil of the great resignation to the rise of new insider threats. Security teams are feeling the impact. It's even harder to keep up with your employee security. Companies need a fresh approach to close the gaps and prevent attacks. This article will examine what your security teams must do within the new organizational dynamics to quickly and effectively address unique challenges. Handling Your New Insider Threats Implementing a successful security awareness program is more challenging than ever for your security team—the new blood coming in causeThe Hacker News
September 14, 2022
One in 10 employees leaks sensitive company data every 6 months: report Full Text
Abstract
On average, 2.5% of employees exfiltrate sensitive information in a month, but over a six-month period, nearly one in 10, or 9.4% of employees, do so, Cyberhaven noted in its report.CSO Online
September 01, 2022
Over 1,000 iOS apps found exposing hardcoded AWS credentials Full Text
Abstract
Security researchers are raising the alarm about mobile app developers relying on insecure practices that expose Amazon Web Services (AWS) credentials, making the supply chain vulnerable.BleepingComputer
August 17, 2022
Microsoft Employees Exposed Own Company’s Internal Logins Full Text
Abstract
Microsoft refused to elaborate on what systems the credentials were protecting when asked multiple times by Motherboard. But generally speaking, an attacker may have an opportunity to move on to gain initial access to an internal system.Vice
August 11, 2022
Ex Twitter employee found guilty of spying for Saudi Arabian government Full Text
Abstract
A former Twitter employee was found guilty of spying on certain Twitter users for Saudi Arabia. A former Twitter employee, Ahmad Abouammo (44), was found guilty of gathering private information of certain Twitter users and passing them to Saudi Arabia. "Ahmad...Security Affairs
August 10, 2022
Former Twitter Employee Found Guilty of Spying for Saudi Arabia Full Text
Abstract
A former Twitter employee has been pronounced guilty for his role in digging up private information pertaining to certain Twitter users and turning over that data to Saudi Arabia. Ahmad Abouammo, 44, was convicted by a jury after a two-week trial in San Francisco federal court, Bloomberg reported Tuesday. He faces up to 20 years in prison when sentenced. The verdict comes nearly three years after Abouammo, along with Ali Alzabarah and Ahmed Almutairi (Ahmed Aljbreen) were indicted in 2019 for acting as "illegal agents" of Saudi Arabia, with the former also charged with destroying, altering, and falsifying records in a federal investigation. Prosecutors accused Abouammo and Alzabarah, both of whom joined Twitter in 2013, of being enlisted by officials of the Kingdom of Saudi Arabia for unmasking its critics on the social media platform. According to court documents, both individuals leveraged their access to internal systems to unauthorizedly get hold of nonpubliThe Hacker News
July 14, 2022
Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak Full Text
Abstract
Former CIA programmer, Joshua Schulte, was convicted in a US federal court of the 2017 leak of a massive leak to WikiLeaks. The former CIA programmer Joshua Schulte (33) was found guilty in New York federal court of stealing the agency’s hacking...Security Affairs
July 8, 2022
Cloud Misconfiguration Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket Full Text
Abstract
The exposed information, uncovered by Skyhigh Security, includes employee personal identification information (PII) and other sensitive company data affecting at least four airports in Colombia and Peru.Dark Reading
July 4, 2022
Unfaithful HackerOne employee steals bug reports to claim additional bounties Full Text
Abstract
Bug bounty platform HackerOne disclosed that a former employee improperly accessed security reports submitted to claim additional bounties The vulnerability coordination and bug bounty platform HackerOne disclosed that a former employee improperly...Security Affairs
July 02, 2022
Rogue HackerOne employee steals bug reports to sell on the side Full Text
Abstract
A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards.BleepingComputer
June 30, 2022
Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker Full Text
Abstract
A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. to charges related to his involvement...Security Affairs
June 29, 2022
Avaya sysadmin indicted for illegally generating, selling VoIP licenses Full Text
Abstract
Three defendants who allegedly sold over $88 million worth of software licenses belonging to Avaya Holdings Corporation have been charged in Oklahoma, U.S., facing 14 counts of wire fraud and money laundering.BleepingComputer
May 14, 2022
Angry IT admin wipes employer’s databases, gets 7 years in prison Full Text
Abstract
Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data.BleepingComputer
May 9, 2022
Cloud Tech Powers the Hybrid-remote Workforce — and Increases Insider Risk Full Text
Abstract
Cybersecurity practitioners are sounding the alarm bells. Amplified by the not-going-away-anytime-soon Great Resignation and the here-to-stay shift to hybrid-remote work models, Insider Risk sees exponential growth.Threatpost
April 06, 2022
Block Admits Data Breach Involving Cash App Data Accessed by Former Employee Full Text
Abstract
Block, the company formerly known as Square, has disclosed a data breach that involved a former employee downloading unspecified reports pertaining to its Cash App Investing that contained information about its U.S. customers. "While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after their employment ended," the firm revealed in a April 4 filing with the U.S. Securities and Exchange Commission (SEC). Block advertises Cash App as "the easiest way to send money, spend money, save money, and buy cryptocurrency." The breach is said to have occurred last year on December 10, 2021, with the downloaded reports including customers' full names as well as their brokerage account numbers, and in some cases, brokerage portfolio value, brokerage portfolio holdings, and stock trading activity for one trading day. The San Francisco-based company emphasizedThe Hacker News
April 1, 2022
NSA employee indicted for ‘leaking top secret defense info’ Full Text
Abstract
The United States Department of Justice (DoJ) has accused an NSA employee of sharing top-secret national security information with an unnamed person who worked in the private sector.The Register
January 4, 2022
SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More Full Text
Abstract
SEGA’s disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets.Threatpost
January 3, 2022
SEGA Europe Inadvertently Exposed Internal Data and Infrastructure to Attack Full Text
Abstract
The unsecured S3 bucket could potentially also grant access to user data, including information on hundreds of thousands of users of the Football Manager forums at community.sigames.com.Security Affairs
November 8, 2021
Healthcare – Patient or Perpetrator? – The Cybercriminals Within Full Text
Abstract
The healthcare industry might be known for the work it does to treat patients. But it is also a prime target for malicious cyber actors. With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities. Moreover,...Security Affairs
October 20, 2021
Microsoft 365 will get enhanced insider risk management tools Full Text
Abstract
Microsoft is updating Microsoft 365 to allow admins to better manage insider security threats in their environments with improvements to risky activity detection and visibility.BleepingComputer
October 13, 2021
Former Executive Accessed PHI of Nearly 38,000 Individuals Full Text
Abstract
A compromise of sensitive health information at Premier Patient Healthcare affecting nearly 38,000 individuals was discovered nearly a year after a terminated company executive accessed the data.Gov Info Security
October 11, 2021
Nuclear engineer’s espionage plans unraveled by undercover FBI agent Full Text
Abstract
A Navy nuclear engineer and his wife were arrested under espionage-related charges alleging violations of the Atomic Energy Act after selling restricted nuclear-powered warship design data to a person they believed was a foreign power agent.BleepingComputer
October 09, 2021
Bank of America insider charged with money laundering for BEC scams Full Text
Abstract
The U.S. District Court for the Eastern District of Virginia has charged three men with money laundering and aggravated identity theft after allegedly conducting a business email compromise (BEC) scheme.BleepingComputer
September 15, 2021
Three formers NSA employees fined for providing hacker-for-hire services to UAE firm Full Text
Abstract
Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the payment of a penalty. Three former NSA employees (Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke,...Security Affairs
September 01, 2021
Fired NY credit union employee nukes 21GB of data in revenge Full Text
Abstract
Juliana Barile, the former employee of a New York credit union, pleaded guilty to accessing the financial institution's computer systems without authorization and destroying over 21 gigabytes of data in revenge.BleepingComputer
August 26, 2021
ULA email leak: internal emails allege smear campaign against SpaceX and Elon Musk Full Text
Abstract
Six internal emails, allegedly involving correspondence between a union lobbyist and a senior official of American spacecraft launch service provider ULA, have been leaked on a popular hacker forum.Cyber News
August 11, 2021
LockBit 2.0 is Now Hiring Corporate Insiders Full Text
Abstract
LockBit 2.0 ransomware group is hiring and promising corporate insiders millions of dollars if they assist attackers in infiltrating and encrypting corporate networks. The recent finding indicates the LockBit gang probably wants to remove the middleman hackers for companies’ login credentials. Such ... Read MoreCyware Alerts - Hacker News
July 16, 2021
57% of reported incidents are caused by insiders Full Text
Abstract
Insider data breaches were the top cause of data and cybersecurity incidents reported in the first quarter of 2021, according to the ICO, with over 1,000 incidents reported in the Q1 2021.Help Net Security
July 13, 2021
US indicts dark web user ‘The Bull’ for insider trading Full Text
Abstract
The U.S. Department of Justice (DoJ) has charged an individual for engaging in insider trading on the darknet. Greece-based Apostolos Trovias, known as the "The Bull" frequently used encrypted messaging services and the dark web for soliciting, exchanging and selling inside information.BleepingComputer
July 13, 2021
U.S. Prosecutors: Insider Trading Tips Sold on Darknet Sites Full Text
Abstract
A Greek national has been indicted by a federal grand jury on charges of selling insider trading tips and other proprietary financial data on darknet sites over several years, according to the DoJ.Gov Info Security
July 8, 2021
Pentagon Office Left Military Designs for Body Armor, Vehicle Gear Unsecured Online Full Text
Abstract
The office in charge of the U.S. military’s 3D printing left designs for defense technology vulnerable to theft by hackers and adversaries, according to a DODIG report made public on Wednesday.Cyberscoop
July 7, 2021
Most Insider Data Breaches Aren’t Malicious Full Text
Abstract
New research finds 78% of reported breaches that involve an insider were not maliciousInfosecurity Magazine
July 1, 2021
Feds file new charges against Amazon employee that leveraged server access to hack Capital One Full Text
Abstract
The Amazon employee used knowledge she gained working at the company, along with scripts, to scan Amazon Web Service servers for misconfigured web application firewalls.SCMagazine
June 28, 2021
Former Health Secretary Faces Probe Over Use of Personal Emails Full Text
Abstract
Experts say move could have exposed UK government to increased cyber-riskInfosecurity Magazine
June 15, 2021
Insider Risks In the Work-From-Home World Full Text
Abstract
Forcepoint’s Michael Crouse talks about risk-adaptive data-protection approaches and how to develop a behavior-based approach to insider threats and risk, particularly with pandemic-expanded network perimeters.Threatpost
May 24, 2021
FBI Employee Indicted Over Illegal Document Removal Full Text
Abstract
Intelligence analyst allegedly took secret national security documents home for more than a decadeInfosecurity Magazine
May 22, 2021
FBI Analyst Charged With Stealing Counterterrorism and Cyber Threat Info Full Text
Abstract
The U.S. Department of Justice (DoJ) indicted an employee of the Federal Bureau of Investigation (FBI) for illegally removing numerous national security documents and willfully retaining them at her personal residence during a 13-year period from June 2004 to December 2017. The federal indictment charged Kendra Kingsbury, 48, with two counts of having unauthorized possession of documents relating to the national defense, according to an unsealed indictment that was made public on Friday. Kingsbury worked as an intelligence analyst in the FBI's Kansas City Division for more than 12 years, until her suspension in 2017. "The breadth and depth of classified national security information retained by the defendant for more than a decade is simply astonishing," said Alan E. Kohler, Jr. Assistant Director of the FBI's Counterintelligence Division, in a statement. Stating that Kingsbury knew she was not authorized to remove and retain access to these sensitive governThe Hacker News
May 07, 2021
Bulletproof hosting admins plead guilty to running cybercrime safe haven Full Text
Abstract
Four individuals from Eastern Europe are facing 20 years in prison for Racketeer Influenced Corrupt Organization (RICO) charges after pleading guilty to running a bulletproof hosting service as a safe haven for cybercrime operations targeting US entities.BleepingComputer
April 9, 2021
Learning from Recent Insider Data Breaches Full Text
Abstract
Organizations need to ramp up their monitoring and detection capabilitiesInfosecurity Magazine
April 7, 2021
Coca-Cola trade secret theft underscores importance of insider threat early detection Full Text
Abstract
A research engineer used basic exfiltration techniques to steal trade secrets from Coca-Cola, but wasn't caught until she attempted to steal similar data from another company.CSO Online
March 31, 2021
Three-Quarters of Legal Breaches Caused by Insiders Full Text
Abstract
NetDocuments FOI data shows scale of employee threatInfosecurity Magazine
March 29, 2021
SpaceX Engineer Pleads Guilty for Insider Trading on the Dark Web Full Text
Abstract
A SpaceX engineer pleaded guilty for exchanging insider trading tips on the dark web. James Roland Jones, aged 33, of Hermosa Beach,...Cyber Security News
March 29, 2021
UK’s CNI Security Threatened by Staff Burnout Full Text
Abstract
IT skills shortage could also weaken Britain’s defense against attacks on critical national infrastructuresInfosecurity Magazine
March 26, 2021
Burned Out Employees Put Corporate Security at Risk Full Text
Abstract
Remote workers are making mistakes and using shadow ITInfosecurity Magazine
March 25, 2021
A Former IT Consultant Hacked a Company and Deleted 1,200 User Accounts Full Text
Abstract
An IT Contractor, Deepanshu Kher was sentenced to two years in prison for accessing the server of a Carlsbad Company and deleting...Cyber Security News
March 25, 2021
Engineer reports data leak to nonprofit, hears from the police Full Text
Abstract
A security engineer and ex-contributor to the open systems non-profit organization, Apperta Foundation, recently reported a data leak to them. In return, he gets contacted by their lawyers and eventually the police.BleepingComputer
March 24, 2021
Resentful employee deletes 1,200 Microsoft Office 365 accounts, gets prison Full Text
Abstract
A former IT consultant hacked a company in Carlsbad, California, and deleted almost all its Microsoft Office 365 accounts in an act of revenge that has brought him two years of prison time.BleepingComputer
March 24, 2021
IT admin with axe to grind sent to prison for wiping Microsoft user accounts Full Text
Abstract
Deepanshu Kher was sentenced to two years in prison for breaking into the network of a California-based firm after being fired potentially in connection to a consultancy job the firm hired him for.ZDNet
March 17, 2021
A New Paradigm in Data Security: Insider Risk Management Full Text
Abstract
Insider Risk Management builds a framework around the new paradigm of “risk tolerance,” aiming to give security teams the visibility and context around data activity to protect that data, without putting rigid constraints on users.Threatpost
March 12, 2021
Apple Sues Employee for Stealing Trade Secrets Full Text
Abstract
Former Apple materials lead sued after allegedly leaking trade secrets to mediaInfosecurity Magazine
March 3, 2021
Canadian Cyber-Agency Workers Threaten Strike Full Text
Abstract
Unionized workers at Communications Security Establishment authorize strike over wagesInfosecurity Magazine
March 2, 2021
SolarWinds blaming intern for leaked password is symptom of ‘security failures’ Full Text
Abstract
Infosec thought leaders say that blaming an intern ignores the true roots of the problem, including insufficient credentials policies and access management practices.SCMagazine
March 1, 2021
Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says Full Text
Abstract
Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing the company to hack. Top executives of the SolarWinds firm believe that the root cause of the recently disclosed supply chain...Security Affairs
February 25, 2021 <br {:=”” .fs-4=”” .fw-700=”” .lh-0=”” }=”” <p=”” style=”font-weight:500; margin:0px” markdown=”1”> Insider Cloud Data Theft Plagues Healthcare Sector Full Text
Abstract
Netwrix finds a third of HCOs suffered internal breaches in 2020Infosecurity Magazine
February 22, 2021
Former Employee Behind Earthquakes Stadium Hack Full Text
Abstract
Spiteful fired employee lost San Jose stadium concessionaire hundreds of thousands of dollarsInfosecurity Magazine
February 15, 2021
Yandex Insider Breach Hits Nearly 5000 Inboxes Full Text
Abstract
Customers informed that employee sold accessInfosecurity Magazine
February 12, 2021
Yandex security team caught admin selling access to users’ inboxes Full Text
Abstract
Russian internet and search company Yandex discloses a data breach, a system administrator was selling access to thousands of user mailboxes. Russian search engine and internet provider Yandex discloses a data breach, the company revealed that one of its system...Security Affairs
February 12, 2021
Yandex suffers data breach after sysadmin sold access to user emails Full Text
Abstract
Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes.BleepingComputer
February 12, 2021
Russian Yandex informs of sysadmin giving access to user mailboxes Full Text
Abstract
Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes.BleepingComputer
January 27, 2021
Tesla Filed a Lawsuit Against Former Employee for Allegedly Stealing Software Code Full Text
Abstract
Recently, the American electric vehicle company Tesla has prosecuted one of its retired employees; Telsa claimed that this employee was allegedly stealing...Cyber Security News
January 25, 2021
Tesla sues former employee for allegedly stealing 26,000 confidential files Full Text
Abstract
Tesla has sued a former employee for allegedly stealing about 26,000 confidential files in his first week of working at the company, according to a court filing seen by AFP.International Business Times
January 24, 2021
Tesla sues former employee for allegedly stealing sensitive docs Full Text
Abstract
Tesla has accused a former employee, a software engineer, of downloading about 26,000 sensitive files and transferring them on his personal Dropbox On Saturday, Tesla sued the former employee Alex Khatilov for allegedly stealing 26,000 confidential...Security Affairs
January 24, 2021
Tesla sues former employee for allegedly stealing sensitive docs Full Text
Abstract
Tesla has accused a former employee, a software engineer, of downloading about 26,000 sensitive files and transferring them on his personal Dropbox On Saturday, Tesla sued the former employee Alex Khatilov for allegedly stealing 26,000 confidential...Security Affairs
December 24, 2020
Account takeovers: Insiders need not be malicious to cause chaos Full Text
Abstract
With 2020 coming to a close, SC Media is delivering through a series of articles our picks of the most high impact events and trends of the last year, which we predict will factor into community strategies in 2021 and beyond. This is the first in that series.SCMagazine
December 18, 2020
Insider Threats: What Are They, Really? Full Text
Abstract
“Insider threat” or “human error” shows up a lot as the major cause of data breaches across all types of reports out there. But often it’s not defined, or it’s not clearly defined, so people conjure up their own definition.Threatpost