Because open source usages is now so pervasive, companies are increasingly concerned about the security of applications built on the foundation of open source components. Organizations are also keenly aware of the legal risks of failing to comply with the open source licenses that govern the components they use....
Insider threats are a growing concern for every organization — one that is increasingly difficult to manage using conventional security technologies. According to Ponemon’s 2022 Cost of Insider Threats Global Report:
Insider threats have increased in both frequency and cost over the past two years
Credential...
Accenture has bought Morphus to get more intelligence around fraud and other cybercrimes Brazilian criminals are perpetuating in the digital world. The Morphus acquisition will help Accenture customers take on financially motivated cyber fraud and insider threats that are pervasive in Brazil.
Security director Ian Keller, rants about the insider threat and the massive role leadership plays in changing people's behavior so they don't become one. As Keller says, "The way you treat people is directly reflected in how they treat you and your business."
Seattle police have charged an online retailer's "shopping experience" software programmer with engineering a fraud scheme based on the movie "Office Space," in which malicious software was used to transfer a fraction of every transaction into an outside account.
Belgian banking giant Degroof Petercam is warning hundreds of clients that their employees are at risk of fraud after personal details tied to their stock option plans were accessed, potentially by an ex-employee. The bank has reported the data breach to the Belgian Data Protection Authority.
The latest edition of the ISMG Security Report discusses how investigators saw the collapse of cryptocurrency exchange FTX as "one of the biggest financial frauds in American history," how CISOs can guard against their own liability, and major security and privacy shifts and the outlook for 2023.
What is an Endpoint Detection & Response (EDR) solution and why do organizations need it?
Security teams should be cautioned against the false sense of security that comes with legacy protection methods like Antiviruses, as such solutions only offer protection against known threats, but stand vulnerable to zero-day...
Ransomware groups are turning up the pressure on their victims to make sure organizations pay – and are demanding higher ransoms.
According to the Unit 42 Ransomware Threat Report, in 2021, the average ransom demand in cases we handled increased 144% over 2020. On top of that, there was an 85% increase in the...
As cybercriminals evolve their attack techniques, they pose greater risks to the government, businesses and individuals. It’s more critical than ever to improve your security strategy and proactively prepare for the next wave of cyberthreats.
The first step is to understand the latest attack trends and major...
Too often when software developers change jobs, they take source code they've written with them, feeling the code belongs to them even if it belongs to an employer. Code42's Joe Payne shares the challenges of detecting source code theft and ways to protect intellectual property wherever it resides.
The latest edition of the ISMG Security Report discusses the appearance at a Senate hearing this week by the former head of security for Twitter; the top-performing web application and API protection vendors, according to Gartner's Magic Quadrant 2022; and threat trends to watch for in 2023.
The U.S. Department of Justice obtained its first ever guilty plea in a cryptocurrency insider trading case after Nikhil Wahi, 26, admitted to a scheme to buy crypto assets ahead of their listing on Coinbase. Wahi is one of a trio facing charges that includes his brother, a former Coinbase employee.
Twitter security exec-turned-whistleblower Peiter Zatko today listed alleged security and privacy shortcomings of the social media company for a Senate panel. "It's not farfetched to say that an employee inside the company could take over the accounts of all of the senators in this room," he said.
InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches is to implement a comprehensive and efficient third-party security risk management (TPRSM) process.
Join this webinar where Dov Goldman discusses the increasing challenges surrounding...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
