A U.S. federal jury convicted former Twitter employee Ahmad Abouammo for spying on Saudi Arabian dissidents on behalf of Saudi Arabia. The jury also found him guilty of conspiracy to commit wire fraud, falsification of records and money laundering.
Cybersecurity doesn’t have competitors, it has adversaries. They react to every defense we put in place and seek new ways to achieve their aims - whether they be cybercrime, espionage, or hacktivism. The attackers are innovative, and they share new ways to exploit any vulnerability, so defenders need to share...
Joshua Schulte now faces a minimum of 80 years in prison after a Manhattan federal jury returned guilty verdicts in all nine counts brought against the former CIA programmer by U.S. prosecutors. Schulte leaked a trove of classified hacking secrets used in espionage.
Threat actors are using deepfakes to apply for remote employment at U.S. tech companies in a bid to gain access to corporate financial and customer data, internal databases and proprietary information. Fraudsters used stolen PII to make deepfake videos for personal interviews, says the FBI.
Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.
When building an insider risk management program, don't start "too large or too quickly," says Randy Trzeciak of Carnegie Mellon University. He says the first step is to protect your organization's critical assets and services and then "build a risk program appropriate to those assets."
The "Great Resignation" over the past year has created a host of concerns around both malicious and accidental data theft, says Code42 President and CEO Joe Payne. Even though employees often aren't looking to wreak havoc on their way out, a lack of understanding can lead to serious headaches.
The pandemic has raised the ante significantly for the attack surface and the level of insider threats facing healthcare sector entities, according to Dave Bailey, vice president of security services, and attorney Andrew Mahler, vice president of privacy and compliance, of consultancy CynergisTek.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
No matter the root cause, the result is the same: reputation damage, fines, compliance issues, and of course the ripple effects that extend outward from a breach.
The increasingly connected home is a vulnerable part of the extended enterprise, especially as the line blurs between personal life and work, says Forrester principal analyst Heidi Shey. She encourages organizations to adopt a two-pronged approach to protecting the "work from home" workforce.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the ransomware-as-a-service model shifted in 2021, the rise of fraud in faster payments and how to prevent it, and one CISO's take on the state of the industry.
Michael Lines is working with Information Security Media Group to promote awareness of the need for cyber risk management, and as a part of that initiative, the CyberEdBoard will post draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This post's chapter is...
The U.K. High Court has upheld the U.S. government's request to extradite WikiLeaks founder Julian Assange, after receiving assurances about the conditions in which the 50-year-old would be held. Assange reportedly plans to appeal the ruling.
A former employee of a New York-based technology company, likely to be IoT technology company Ubiquiti, has been arrested for stealing confidential data and extorting his employer for nearly $2 million. If convicted, the suspect faces up to 37 years in prison.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.