Forget the outside hacker, the bigger threat is inside The Register

Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the "Your Consent Options" link on the site's footer. Kettle In this week's Kettle the topic is one that's been much in the news this week - the much-underrated insider threat issue. While there are thousands of security shops willing to sell elaborate firewalls, zero-trust barriers, and AI security systems that claims to be able to spot a wrong'un easily. Time and again the most effective thieves are already inside the building and using their corporate-issued credentials. Such was the case this week in the NSA of all places, where a rogue systems engineer, who resigned in anger, tried to sell purloined documents to a Russian agent in exchange for cryptocurrency. Brandon Vigliarolo covered the case and explains what motivated the plot and the surprisingly easy way he was discovered. News of another insider who did get away with it, it seems, came on Tuesday, as an ex-staffer at Dutch chip-making biz ASML appears to have taken a new job with Huawei, and is accused of taking secrets with him. Tobias Mann has the inside information of the case and, as Biden's sanctions bite harder, we may see more of these sorts of shenanigans. On Wednesday Jessica Hardcastle reported on an ACLU Freedom of Information lawsuit showing that US Immigration and Customs Enforcement hired security snoops to trawl through social media content to look for anti-American sentiments. She explains the complex web behind this and it's something we all had a lot to say on. So join us for 15 minutes of news, insight, and more than a little snark in the latest Kettle, hosted by Iain Thomson and spun to gold by producer Nicole Hemsoth. There's also an audio version available now on Apple, Amazon, Spotify and Google.

This Cyber News was published on www.theregister.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Forget the outside hacker, the bigger threat is inside The Register

TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
9 months ago Feeds.fortinet.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
7 months ago Microsoft.com
What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
8 months ago Feeds.dzone.com
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
8 months ago Techrepublic.com
Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
8 months ago Techrepublic.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
3 months ago Securityweek.com
Hacking Protected Java-Based Programs - This article provides examples of hacking techniques that can help Java developers avoid vulnerabilities in their programs. It is not intended to train hackers but rather for naive developers who think that standard obfuscators will save them from ...
9 months ago Feeds.dzone.com
How to Use Threat Intelligence Feeds for SOC/DFIR Teams - Threat intelligence feeds provide real-time updates on indicators of compromise, such as malicious IPs and URLs. Security systems can then ingest these IOCs to identify and block potential threats, which essentially grants organizations immunity to ...
4 months ago Cybersecuritynews.com
How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
9 months ago Cyberdefensemagazine.com
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
4 months ago Tenable.com
Windows Incident Response: Human Behavior In Digital Forensics, pt III - Digital forensics can provide us insight into a threat actor's sophistication and situational awareness, which can, in turn, help us understand their intent. Observing the threat actor's actions helps us understand not just their intent, but what ...
9 months ago Windowsir.blogspot.com
New Tool Set Found Used Against Organizations in the Middle East, Africa and the US - Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. We will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors' activity. We ...
10 months ago Unit42.paloaltonetworks.com
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
8 months ago Thedfirreport.com
Hacker 'ShinyHunters' Pleads Not Guilty in Cybercrime Case - A hacker known as 'ShinyHunters' has pleaded not guilty in a case of cybercrime. The hacker is accused of taking part in illegal activities to steal data from victims, including passwords, credit card information, and other personal details. The ...
1 year ago Blog.cloudflare.com
Forget the outside hacker, the bigger threat is inside The Register - Review and manage your consent Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the "Your Consent Options" link on the site's footer. Kettle In this week's ...
10 months ago Theregister.com
Multiple Flaws in Google Kubernetes Engine - Google Kubernetes Engine has been detected with two flaws that a threat actor can utilize to create significant damage in case the threat actor already has access inside the Kubernetes cluster. The first issue was associated with FluentBit with ...
9 months ago Gbhackers.com
Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
9 months ago Microsoft.com
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
9 months ago Cisa.gov
Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor's Activity - By analyzing tools, logs and artifacts left open to the internet, we were able to profile the threat actor and their victims. After analyzing the artifacts we can conclude with moderate confidence that the majority of the threat actor activity ...
9 months ago Thedfirreport.com
Python in Threat Intelligence: Analyzing and Mitigating Cyber Threats - In the world of emerging cybersecurity threats, understanding the significance of threat intelligence is crucial and can not be ignored. Threat intelligence involves the systematic collection, analysis, and application of data to understand potential ...
9 months ago Hackread.com
Hacker Conversations: Stephanie 'Snow' Carruthers, Chief People Hacker at IBM X-Force Red - Social engineering is effectively hacking human thought processes. Social engineering is a major factor in the overall process but is not directly part of repurposing electronic systems. A social engineer is usually classified as a hacker, and is ...
6 months ago Securityweek.com
It's Time to Tear Down the Barriers Preventing Effective Threat Intelligence - Today, organizations are confronted with a deluge of cyber threats, ranging from sophisticated AI-powered ransomware to tried and true brute force attacks. At this point, IT security teams know it's essential to stay one step ahead of cybercriminals, ...
8 months ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)