A high-ranking U.S. government official has been convicted of stealing the personal information of thousands of federal workers as well as government software. Murali Y. Venkata, 56, was acting branch chief at the DHS's Information Technology Division in the Office of the Inspector General.
Investment platform Cash App, a subsidiary of U.S.-based payments company Block, says it has been breached. The incident happened last year when a former employee downloaded reports containing Cash App U.S. customer information, including full names, brokerage account numbers and portfolio values.
The latest edition of the ISMG Security Report reviews the latest cyber resilience "call to action" from the White House and also explores authentication provider Okta's failure to inform hundreds of customers in a timely manner that their data could have been stolen by the Lapsus$ group.
Insider risk and data loss prevention (DLP) are a top concern for organisations today. And it makes sense, with a distributed workforce and increasing reliance on technology, legacy, on-prem DLP technology hasn’t lived up to its promises.
That’s because data loss begins with people, whether careless, compromised...
A consolidated legal case that includes allegations of embezzlement, trade secret theft and intimidation offers an inside look at a complicated and messy alleged insider breach reported last year by a Texas-based accountable care organization.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
The CISO for a Dallas-based school district quit his job over the district's handling of a severe data breach that occurred in August 2021. A TV broadcaster has revealed that two students in the district were responsible even though the district claimed the intruder was a "third party."
In the midst of accelerated modernization, increased cybersecurity risks, and the new normal of hybrid work and learning environments, technology leaders in higher education have had to meet enormous challenges. As we enter the new year, what’s on their minds when it comes to issues of cybersecurity, hybrid...
The increasingly connected home is a vulnerable part of the extended enterprise, especially as the line blurs between personal life and work, says Forrester principal analyst Heidi Shey. She encourages organizations to adopt a two-pronged approach to protecting the "work from home" workforce.
Most organizations deploy defenses to reduce the risk of cyber threats entering their environment. But what about the threats that are already inside? Whether the result of malicious, negligent or compromised users, insider threats pose serious business risks, and most organizations just aren’t prepared.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how the ransomware-as-a-service model shifted in 2021, the rise of fraud in faster payments and how to prevent it, and one CISO's take on the state of the industry.
The Department of Justice says it's thwarted a Sony Group insider who allegedly embezzled $154 million, converted the proceeds to bitcoin, and demanded a ransom payment to return the money. Authorities say the former Sony employee has been criminally charged in Japan.
Michael Lines is working with Information Security Media Group to promote awareness of the need for cyber risk management, and as a part of that initiative, the CyberEdBoard will post draft chapters from his upcoming book, "Heuristic Risk Management: Be Aware, Get Prepared, Defend Yourself." This post's chapter is...