Insider Threats | SC Media

Insider Threats

Twitter hack is a reminder of the dangers of unfettered employee access

Twitter’s acknowledgement that a “coordinated social engineering campaign” involving multiple employees was behind a hack of prominent verified accounts raises significant questions as to whether business organizations are implementing effective security controls that limit potential insider threats’ access to back-end administrative tools. The hacking incident — which promoted a cryptocurrency scam and victimized the accounts…

Ex-CIA exec: Covid-19 has created ideal ‘crisis’ conditions for malicious hackers

Companies trying to stave off business disruption caused by the global Covid-19 pandemic may be ripe for compromise as they introduce new risks in the scramble to maintain business continuity, warned a retired senior CIA executive in a keynote presentation Wednesday at the InfoSec World 2020 digital conference. In essence, the coronavirus has created ideal…

Cyber gangs battle to take down Xbox and PlayStation gaming networks for Christmas.

Roblox hacker enabled by insider threats; expert offers tips to curb rogue employees

A hacker reportedly used both bribery and social engineering to gain unauthorized access to a customer support system operated by the popular video game Roblox — illustrating why companies must be on the lookout for employees who fit the mold of an insider threat. The unnamed hacker told Motherboard that they paid one insider to…

Data Breach Disclosure

GoDaddy takes seven months to discover data breach

Cybersecurity pros are coming down hard on GoDaddy after the domain registry company reported that an outsider had accessed customer login credentials possibly affecting all 19 million company accounts. GoDaddy informed its customers on May 4 of the breach saying an unauthorized individual accessed the login credentials used to connect to SSH on the hosting…

The inside scoop on insider threats

Cybercriminals continue to develop new attack methods that pose a serious risk to enterprise security, but they are not the only threats enterprises need to defend against. Employees – whether well-meaning but careless or those with malicious intentions, pose a great risk. In fact, insider threats are among the leading causes of data breaches. Verizon’s…

VPNs: Not a cybersecurity slam dunk for telecommuters in the age of COVID-19

CISOs and cybersecurity teams around the world are watching their threat surface multiply as millions of staffers find themselves working from home for the first time in order to help constrain the spread of Coronavirus. The removal of these people from the safe and controlled working environment found in their offices and tossing them into…

Wyze Labs data breach exposes 2.4 million, includes PHI

Security camera and smart device maker Wyze Labs has confirmed a data breach that left exposed a database containing information on reportedly 2.4 million of its users. Wyze Co-founder Dongsheng Song confirmed the data breach on December 27 and said the exposed database contained a large amount of personal, product and some medical information. Username…

Zero trust: Trust no one, verify everything

Tried-and-true security solutions like URL filtering, anti-phishing software, firewalls, and other detection and signature-based solutions are able to mitigate most cybersecurity attacks. But they operate on the erroneous assumption that anyone and anything already inside of an organization network perimeter is safe and can be trusted. This line of thinking has long been proven incorrect,…

Next post in Executive Insight