Skip to main content

Tag: insider threats

42 articles

Maintenance door left ajar in a dimly lit office corridor, with an open and unlocked door handle in the foreground.

Physical Security Lapses Grant Hackers Network Admin Access

Meet Kristopher Johnson and Michael, two expert red teamers who walked into a company's office through an unlocked maintenance door, posing as new IT employees, and gained access to the building by simply offering to help shovel ice. Their easy entry exposed a shocking truth: physical security lapses can give hackers an open invitation to wreak havoc on your network.

Analyst 207
Secret Service agent in airport terminal looks concerned at personal smartphone.

US Secret Service Exposes Agents to Cyber Risk with Lax Mobile Security

The US Secret Service is putting its agents at risk of cyber attacks by allowing them to use personal phones for work, with over 15,000 instances of unsecured calls made during critical operations. This lax mobile security leaves them vulnerable to hackers, despite having access to supposedly secure government-issued devices.

Analyst 207
Blurred laptop screen on office table surrounded by coworkers.

AI Agents Emerge as Unchecked Identities in Enterprise Security

The equation for enterprise security is no longer simple: with AI agents now connected to critical business services, controlling identities is no longer enough to control risk. These emerging insiders have quietly become privileged - and potentially invisible - attack paths that security and identity programs must urgently address.

Analyst 207
Dusty, idle computer servers and network equipment in a dimly lit, abandoned server room.

Shadow AI Exposes Access Control Gaps

The real risk of Shadow AI isn't about employees sharing sensitive info, but about unauthorized AI agents operating within your organization, connected to critical systems, and taking actions that can lead to data breaches and access-control failures. A staggering 65.4% of unused chatbots still have active credentials, leaving a gaping hole in your security.

Analyst 207
Dusty computer servers and tangled cables in a dimly lit, abandoned server room.

Hidden AI Agents Expose Access Risks in Corporate Networks

Can your security team instantly identify who authorized an autonomous AI agent to access your company's core intellectual property? The uncomfortable truth is that most enterprises have no clear answer, leaving them vulnerable to hidden AI access risks.

Analyst 207
Security staff member holding a PC near exit as Head of Security intervenes with concern.

Security Insider Exposes New Hire's Chaotic Tactics

A security insider recounts a tense confrontation with a new colleague over a departing workstation, revealing a chaotic approach to security protocols. The staffer's casual exit with a PC under their arm sparks a heated debate about data safety and responsibility.

Analyst 207
Employees work at desks with laptops and computers, some with blurred screens, in an office with a cityscape visible…

Verizon DBIR Exposes Growing Browser-Based Threats

Employees are unwittingly putting sensitive data at risk by using AI tools like ChatGPT and Gemini on corporate devices, with 67% accessing these services with personal accounts and 45% using them regularly. This Shadow AI phenomenon is rapidly escalating, with a fourfold year-over-year increase in insider risk.

Analyst 207
Concerned person in a brightly-lit office setting with a sense of urgency and accelerated activity.

AI Agents Expose Hidden Risks as Insider Threats Evolve

The alarm bells are ringing: cyberattacks now unfold at breakneck speeds, with malicious actors able to wreak havoc in as little as 10-30 minutes, leaving defenders scrambling to keep up. This accelerated threat landscape is fueled by the growing sophistication of AI agents and their integration into business networks.

Analyst 207
Laptop screen displays file share interface on a plain surface in a corporate office setting.

CEO's File Share Mishap Exposes Workplace Security Lapses

Imagine being called in to help a CEO recover deleted files, only to discover a shocking secret: a treasure trove of explicit content stored on a company file share that's accessible to anyone. The awkward moment that followed will leave you cringing - and wondering how something so sensitive could be so carelessly exposed.

Analyst 207
Person sitting at computer workstation with login screen and password notes in background.

Weak Passwords Expose Networks to Unintended Access

Even a seasoned expert like Roger Grimes, CISO advisor at KnowBe4, has fallen victim to the pitfalls of weak passwords - in a surprising turn of events, he recalling a time when he accidentally gained access to a client's network using the password "rosebud", famously lifted from a film plot.

Analyst 207
A dimly lit office cubicle with scattered papers and a hand reaching for a wallet near a laptop and login credentials list.

Employees Willingly Sell Work Credentials

A shocking 13% of employees admit to selling their work logins or knowing someone who has, revealing a surprisingly casual attitude towards protecting sensitive work credentials. This statistic raises serious concerns about workplace security and the vulnerability of company data.

Analyst 207

Shadow AI Emerges as Unseen Threat in Enterprise Security

As AI assistants and automation services increasingly seep into everyday use, employers are faced with a daunting question: are productivity gains worth the risk of losing control? Employees are quietly adopting unsanctioned AI tools, often blurring the lines between efficiency and security.

Analyst 207
Alarming Rise in Employee Data Breaches Hits Seven-Year High

Alarming Rise in Employee Data Breaches Hits Seven-Year High

Employee data breaches have reached a seven-year high, exposing a harsh reality: even the most basic security measures are being overlooked, putting sensitive employee information at risk. Can organizations protect their most valuable asset - their employees' personal data - from these preventable breaches?

Analyst 207
Leaks Probe Hits Trump's Ex-Counter-Terrorism Aide

Leaks Probe Hits Trump's Ex-Counter-Terrorism Aide

A former top counter-terrorism aide to President Donald Trump is now under investigation for allegedly leaking classified information, raising serious questions about loyalty, accountability, and the security of the nation. This stunning development has left many wondering: who can be trusted with the country's most sensitive secrets?

Analyst 207
AI Assistants Spark Alarming New Security Risks

AI Assistants Spark Alarming New Security Risks

As AI assistants become increasingly popular, a pressing concern emerges: can we trust these powerful tools to keep our data safe? With their ability to access and automate tasks on our computers and online services, AI agents are raising red flags across the tech industry.

Analyst 207
insider risk: Essential Defenses Against Costly Breaches

insider risk: Essential Defenses Against Costly Breaches

Insider risk is now a frontline threat—77% of organizations have suffered data loss—so prioritize least-privilege access, zero-trust IAM, and integrated DLP/UEBA/SIEM while building a people-first culture that balances privacy with protection. These must-have defenses stop costly breaches before trusted channels become exit ramps.

Analyst 207
customer records Shocking Insider Breach Risky Exposure

customer records Shocking Insider Breach Risky Exposure

Nearly 700,000 FinWise customers now face the unsettling possibility that their personal data was accessed for more than a year by an ex-employee. Act now: monitor accounts, enable MFA, and demand clearer disclosures and stronger offboarding controls.

Analyst 207
insider threats: Stunning Risky Sabotage Sparks Reform

insider threats: Stunning Risky Sabotage Sparks Reform

A trusted developer secretly embedded a “kill switch” into a U.S. company’s systems and has now been sentenced to four years — a stark wake-up call to tighten access controls, code reviews and insider defenses.

Analyst 207
AI Agents Gain Root Access Like Employees—How to Regain Control

AI Agents Gain Root Access Like Employees—How to Regain Control

What if your AI assistant had full control over your systems but no one was watching? Discover why treating AI agents like trusted employees without proper security checks could put your entire enterprise at risk—and how to take back control.

Analyst 207
Ex-Soldier Pleads Guilty to Extortion After Treason Search

Ex-Soldier Pleads Guilty to Extortion After Treason Search

A former Army soldier’s daring hack into telecom giants exposes the fine line between cybercrime and national security, raising chilling questions about loyalty, treason, and the power of insider threats.

Analyst 207
IT Employee Receives Seven-Month Sentence for Sabotaging Company Network

IT Employee Receives Seven-Month Sentence for Sabotaging Company Network

IT employee sentenced to seven months for sabotaging company network, highlighting the serious repercussions of cyber misconduct in the workplace.

Analyst 207
Microsoft-Signed Firmware Module Bypasses Secure Boot

Microsoft-Signed Firmware Module Bypasses Secure Boot

Microsoft-signed firmware module bypasses Secure Boot, exposing vulnerabilities in trusted boot protocols and compromising system security.

Analyst 207
Former CIA Analyst Unlawfully Transmits National Defense Data, Sentenced to Prison

Former CIA Analyst Unlawfully Transmits National Defense Data, Sentenced to Prison

Former CIA analyst sentenced to prison for unlawfully transmitting national defense data, highlighting severe breaches in national security.

Analyst 207
Are technologists a threat to doing business securely?

Are technologists a threat to doing business securely?

Explore if technologists pose cybersecurity risks to business, or if innovation drives enhanced security practices in a digital era.

Analyst 207