Tag: insider threats
42 articles

Physical Security Lapses Grant Hackers Network Admin Access
Meet Kristopher Johnson and Michael, two expert red teamers who walked into a company's office through an unlocked maintenance door, posing as new IT employees, and gained access to the building by simply offering to help shovel ice. Their easy entry exposed a shocking truth: physical security lapses can give hackers an open invitation to wreak havoc on your network.

US Secret Service Exposes Agents to Cyber Risk with Lax Mobile Security
The US Secret Service is putting its agents at risk of cyber attacks by allowing them to use personal phones for work, with over 15,000 instances of unsecured calls made during critical operations. This lax mobile security leaves them vulnerable to hackers, despite having access to supposedly secure government-issued devices.

AI Agents Emerge as Unchecked Identities in Enterprise Security
The equation for enterprise security is no longer simple: with AI agents now connected to critical business services, controlling identities is no longer enough to control risk. These emerging insiders have quietly become privileged - and potentially invisible - attack paths that security and identity programs must urgently address.

Shadow AI Exposes Access Control Gaps
The real risk of Shadow AI isn't about employees sharing sensitive info, but about unauthorized AI agents operating within your organization, connected to critical systems, and taking actions that can lead to data breaches and access-control failures. A staggering 65.4% of unused chatbots still have active credentials, leaving a gaping hole in your security.

Hidden AI Agents Expose Access Risks in Corporate Networks
Can your security team instantly identify who authorized an autonomous AI agent to access your company's core intellectual property? The uncomfortable truth is that most enterprises have no clear answer, leaving them vulnerable to hidden AI access risks.

Security Insider Exposes New Hire's Chaotic Tactics
A security insider recounts a tense confrontation with a new colleague over a departing workstation, revealing a chaotic approach to security protocols. The staffer's casual exit with a PC under their arm sparks a heated debate about data safety and responsibility.

Verizon DBIR Exposes Growing Browser-Based Threats
Employees are unwittingly putting sensitive data at risk by using AI tools like ChatGPT and Gemini on corporate devices, with 67% accessing these services with personal accounts and 45% using them regularly. This Shadow AI phenomenon is rapidly escalating, with a fourfold year-over-year increase in insider risk.

AI Agents Expose Hidden Risks as Insider Threats Evolve
The alarm bells are ringing: cyberattacks now unfold at breakneck speeds, with malicious actors able to wreak havoc in as little as 10-30 minutes, leaving defenders scrambling to keep up. This accelerated threat landscape is fueled by the growing sophistication of AI agents and their integration into business networks.

CEO's File Share Mishap Exposes Workplace Security Lapses
Imagine being called in to help a CEO recover deleted files, only to discover a shocking secret: a treasure trove of explicit content stored on a company file share that's accessible to anyone. The awkward moment that followed will leave you cringing - and wondering how something so sensitive could be so carelessly exposed.

Weak Passwords Expose Networks to Unintended Access
Even a seasoned expert like Roger Grimes, CISO advisor at KnowBe4, has fallen victim to the pitfalls of weak passwords - in a surprising turn of events, he recalling a time when he accidentally gained access to a client's network using the password "rosebud", famously lifted from a film plot.

Employees Willingly Sell Work Credentials
A shocking 13% of employees admit to selling their work logins or knowing someone who has, revealing a surprisingly casual attitude towards protecting sensitive work credentials. This statistic raises serious concerns about workplace security and the vulnerability of company data.
Shadow AI Emerges as Unseen Threat in Enterprise Security
As AI assistants and automation services increasingly seep into everyday use, employers are faced with a daunting question: are productivity gains worth the risk of losing control? Employees are quietly adopting unsanctioned AI tools, often blurring the lines between efficiency and security.

Alarming Rise in Employee Data Breaches Hits Seven-Year High
Employee data breaches have reached a seven-year high, exposing a harsh reality: even the most basic security measures are being overlooked, putting sensitive employee information at risk. Can organizations protect their most valuable asset - their employees' personal data - from these preventable breaches?

Leaks Probe Hits Trump's Ex-Counter-Terrorism Aide
A former top counter-terrorism aide to President Donald Trump is now under investigation for allegedly leaking classified information, raising serious questions about loyalty, accountability, and the security of the nation. This stunning development has left many wondering: who can be trusted with the country's most sensitive secrets?

AI Assistants Spark Alarming New Security Risks
As AI assistants become increasingly popular, a pressing concern emerges: can we trust these powerful tools to keep our data safe? With their ability to access and automate tasks on our computers and online services, AI agents are raising red flags across the tech industry.

insider risk: Essential Defenses Against Costly Breaches
Insider risk is now a frontline threat—77% of organizations have suffered data loss—so prioritize least-privilege access, zero-trust IAM, and integrated DLP/UEBA/SIEM while building a people-first culture that balances privacy with protection. These must-have defenses stop costly breaches before trusted channels become exit ramps.

customer records Shocking Insider Breach Risky Exposure
Nearly 700,000 FinWise customers now face the unsettling possibility that their personal data was accessed for more than a year by an ex-employee. Act now: monitor accounts, enable MFA, and demand clearer disclosures and stronger offboarding controls.

insider threats: Stunning Risky Sabotage Sparks Reform
A trusted developer secretly embedded a “kill switch” into a U.S. company’s systems and has now been sentenced to four years — a stark wake-up call to tighten access controls, code reviews and insider defenses.

AI Agents Gain Root Access Like Employees—How to Regain Control
What if your AI assistant had full control over your systems but no one was watching? Discover why treating AI agents like trusted employees without proper security checks could put your entire enterprise at risk—and how to take back control.

Ex-Soldier Pleads Guilty to Extortion After Treason Search
A former Army soldier’s daring hack into telecom giants exposes the fine line between cybercrime and national security, raising chilling questions about loyalty, treason, and the power of insider threats.

IT Employee Receives Seven-Month Sentence for Sabotaging Company Network
IT employee sentenced to seven months for sabotaging company network, highlighting the serious repercussions of cyber misconduct in the workplace.

Microsoft-Signed Firmware Module Bypasses Secure Boot
Microsoft-signed firmware module bypasses Secure Boot, exposing vulnerabilities in trusted boot protocols and compromising system security.

Former CIA Analyst Unlawfully Transmits National Defense Data, Sentenced to Prison
Former CIA analyst sentenced to prison for unlawfully transmitting national defense data, highlighting severe breaches in national security.

Are technologists a threat to doing business securely?
Explore if technologists pose cybersecurity risks to business, or if innovation drives enhanced security practices in a digital era.