Shopify's announcement this week that two employees inappropriately accessed transactional data from 200 of the merchants that use its e-commerce platform demonstrates the importance of taking a "zero trust" approach to security and improving identity and access management capabilities, security experts say.
What will be the impact of the leak of investigatory documents from FinCEN - the U.S. Treasury Department's Financial Crimes Enforcement Network? For starters, experts warn that FinCEN reports may reveal sensitive information tied to banks and law enforcement agencies' investigatory tools and tactics.
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
A former Cisco engineer has pleaded guilty to causing $1.4 million in damages to his former employer. Sudhish Kasaba Ramesh admitted to deleting 456 virtual machines that affected 16,000 WebEx accounts for weeks, according to the Justice Department.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
Tesla CEO Elon Musk says a "serious attack" aimed at stealing corporate data and holding his company to ransom has been thwarted. The FBI has accused a Russian national of attempting to recruit an insider to install malware to steal data, which criminals hoped to ransom for $4 million.
According to the study, the average global cost of Insider Threats rose by 31% in two years to $11.45 million, and the frequency of incidents spiked by 47% in the same time period.
This report outlines in detail the primary cost centers for Insider Threats, as well as the industries, company sizes, and regions most...
The emerging cloud-delivered service model known as security access service edge, or SASE, is designed to help simplify security for remote access, says Sean Duca of Palo Alto Networks, who explains how the model works.
Organizations across the country are closing their offices and opening their laptops to provide services to millions of Americans who are under guidance to stay home. With the increase in remote work has come a surge of cyberattacks on all critical resources such as state and local governments, healthcare facilities,...
Russia, China and Iran are all seeking to influence the 2020 U.S. Presidential election in November, according to a new report from the Office of the Director of National Intelligence that offers details about each country's plans and goals.
Verizon's 2020 Data Breach Investigations Report (DBIR) reveals that, across all industries, "inside actors" are responsible for nearly 1/3 of data breaches -- and the number is even higher in some industries. Join cybersecurity experts from Verizon for a look at how insiders can accidentally (or intentionally) cause...
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
Twitter says attackers who hijacked more than 130 high-profile Twitter accounts used social engineering to bypass its defenses, including two-factor authentication on accounts. Experts say companies must have defenses in place against such schemes, which have long been employed by fraudsters.
As companies lay off employees and deal with financial challenges during the COVID-19 pandemic, they're also facing an increase in the number of insider fraud incidents, says Randy Trzeciak, director of the National Insider Threat Center at Carnegie Mellon University, who offers fraud detection tips.
The latest edition of the ISMG Security Report analyzes the surge in the use of employee monitoring tools for the increasingly remote workforce. Also featured: Discussions about IoT security guidelines and CCPA compliance requirements.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.
