www.fgks.org   »   [go: up one dir, main page]

 Insider Threats

Colorado county files mistakenly posted online

Angela Moscaritolo December 07, 2010

More than 20 years worth of personal and investigative Sheriff's Department records from Mesa County, Colo. were inadvertently posted online, where they remained for several months.
 

IT security budget issues: Fiscal reality

Angela Moscaritolo December 01, 2010

The financial crisis will have a lasting impact, but some organizations have found ways of doing more with less.
 

Disgruntled IT head sentenced for hacking website

Angela Moscaritolo November 01, 2010

A former IT head in Virginia, upset about being fired, was sentenced Friday to two years and three months in prison for hacking into his former employer's website to delete files.
 

Texas insider sentenced to 15 years for medical ID theft

Angela Moscaritolo October 19, 2010

A Texas woman's 15-year prison sentence for stealing hospital patient information underscores a continued upswing in medical identity theft cases.
 

Disgruntled Fannie Mae "logic bomber" found guilty

Dan Kaplan October 11, 2010

A federal jury in Baltimore has convicted a former Fannie Mae programmer of computer intrusion after he sought to destroy more than 4,000 company servers by planting a malicious script that was scheduled to activate roughly three months after he was fired. Rajendrasinh Makwana, 36, faces up to 10 years in prison for seeding a common application with "logic bomb" malware on Oct. 24, 2008, the day he was fired, the U.S. Department of Justice said last week in a news release. Five days later, a senior engineer discovered the disgruntled Makwana's actions, which were meant to destroy financial, securities and mortgage information. Makwana, who had pleaded innocent, is scheduled to be sentenced Dec. 8. — DK
 

Swiss bank accounts under CRA investigation

Danny Bradbury October 08, 2010

The Canadian Revenue Agency (CRA) is investigating more than 1,000 high-value bank accounts in Switzerland, after a former employee stole the account data and handed it to investigators.
 

Entrapment: Somebody told me to do it, officer

Charles Jeter, ESET cybercrime investigator September 22, 2010

Is a sting merely legitimized social engineering? Why cops don't have to tell you they're cops - online or off.
 

Leading Stuxnet theory points toward sabotage and SCADA inside players

Charles Jeter, ESET cybercrime investigator September 17, 2010

IACS researcher says, Welcome to cyberwar
 

Geek squad vs. mod squad: Should use policy become a federal beef?

Charles Jeter, ESET cybercrime investigator September 16, 2010

Should violations of corporate computer use policy be a federal crime, asks Charles Jeter, ESET cybercrime investigator.
 

Delaware retirees' personal information posted on state website

Angela Moscaritolo August 31, 2010

The personal information of Delaware state retirees was included in a request for proposal that made its way onto the state's website for five days before it was discovered and removed.
 

Judge OKs Countrywide breach settlement

Dan Kaplan August 26, 2010

A U.S. District Court judge in Kentucky this week granted final approval to settle a class-action lawsuit relating to a data breach that pinned millions of Countrywide Financial customers against the mortgage company. The agreement provides free credit monitoring for up to 17 million people whose personal data was exposed, according to reports. To be eligible, victims must have used Countrywide, now owned by Bank of America, before July 1, 2008. In addition, participants are eligible to receive up to $50,000 per incident of identity theft, though Countrywide representatives have denied that anyone fell victim to fraud. — DK
 

Security perspectives on call center ID theft risks, Part 2

Charles Jeter, ESET cybercrime investigator August 13, 2010

Call centers have real threats from insiders.
 

Security perspectives on call center ID theft risks, Part 1

Charles Jeter, ESET cybercrime investigator August 13, 2010

It is far too easy for an insider to gather personally identifiable information.
 

Disgruntled San Francisco admin sentenced to four years

Angela Moscaritolo August 09, 2010

Two years after he was charged with holding the city of San Francisco digitally hostage, a disgruntled former network administrator was sentenced to four years in prison.
 

Laptop containing patient data stolen from Philadelphia hospital

Angela Moscaritolo August 04, 2010

A laptop containing the personal information of patients was stolen from an office at Thomas Jefferson University Hospital in Philadelphia.
 

Internal threats double as attackers shift strategy

Angela Moscaritolo July 28, 2010

Cybercriminals are partnering with malicious insiders, according to a report from Verizon Business and the U.S. Secret Service.
 

Cybercrime costs businesses $3.8 million per year

Angela Moscaritolo July 26, 2010

Web attacks, malware and insider threats can cost organizations millions of dollars in losses each year, according to a new Ponemon Institute study.
 

Employee at Maryland state agency posts client information online

Angela Moscaritolo July 21, 2010

The personal information of clients of the Maryland Department of Human Resources (DHR) recently was posted on a third-party website, where it remained for nearly three months.
 

ID thief receives 30 months in prison

Angela Moscaritolo June 28, 2010

A California woman was sentenced late last week to 2 1/2 years in federal prison after pleading guilty earlier this year to charges of access device fraud, according to a news release from the U.S. Department of Justice. Stephanie Fahlgren, 33, of Sacramento accessed the database of a national life insurance company and obtained the personal and financial information of more than 114 individuals. Using the stolen information, Fahlgren opened lines of credit and credit cards in victims' names and made purchases without their consent. Another court appearance is scheduled for July 29, when a judge will determine the amount of restitution owed to the victims. — AM
 

Five years for Utah man who stole $2M from credit unions

Angela Moscaritolo May 03, 2010

A Utah computer consultant was sentenced last week to five years in federal prison for stealing $2 million from several credit unions for which he worked.
 

Guilty plea for disgruntled San Francisco admin

Greg Masters April 28, 2010

A San Francisco network administrator on Tuesday was found guilty on one count of denying computer services, a violation of California's computer crime law. The case of Terry Childs dates back to July 2008 when, reportedly disgruntled about imminent dismissal, he refused to hand over administrative control to the city's FiberWAN network. His refusal to reveal his exclusive credentials left San Francisco without control of the network for 12 days and led to the city spending $900,000 to reconfigure routers to regain access to the system. Sentencing is set for June 14. He faces up to five years in prison. — GM
 

Security training won't solve the negligent insider threat

Phil Lieberman, CEO, Lieberman Software April 07, 2010

Technology is necessary to stave off hacker attempts because humans cannot always be perfect.
 

TSA insider indicted on tampering charges

Angela Moscaritolo March 12, 2010

A former U.S. Transportation Security Administration (TSA) employee was indicted Wednesday for planting malicious code on a government server, which contained data about suspected terrorists that was used to screen airport workers, federal authorities said. Douglas James Duchak, 46, of Colorado Springs, Colo. was a data analyst at the TSA from 2004 to 2009. He carried out the scheme, which caused at least $5,000 in damages, after learning his employment would be terminated. If convicted, he faces up to 10 years in federal prison and a fine of up to $500,000. — AM
 

Is increased government regulation the answer to increased privacy protection?

Glen Kosaka, director of marketing, Trend Micro February 25, 2010

Data breaches involving privacy information continue to increase despite the costs, embarrassment and negative publicity associated with them.
 

YouSendIt founder indicted

Dan Kaplan October 30, 2009

The former CEO and co-founder of YouSendIt, a popular file transfer service, was indicted this week on four counts of mail fraud. Khalid Shaikh, who left the Campbell, Calif.-based company in November 2006, was charged with using the ApacheBench tool to launch four separate denial-of-service attacks, between December 2008 and June 2009, against YouSendIt's servers, disabling the service for customers. Each count of mail fraud carries a maximum five-year prison term, three years of supervised release and a fine of $250,000. -- DK
 

Microsoft disputes password-stealing SQL Server bug

Angela Moscaritolo September 02, 2009

Researchers at a security company say they have discovered a vulnerability in Microsoft's SQL Server, but the software giant disputes the claim.
 

Strained budgets cause severe security cutbacks

Angela Moscaritolo July 27, 2009

Due to strained budgets, some IT departments are cutting funding for technologies that would help mitigate threats they are most concerned about, according to a survey from RSA Conference, released Wednesday.
 

Industry group releases software integrity framework

Dan Kaplan July 21, 2009

Not enough emphasis is placed on the integrity of software, according to a software assurance group, which hopes to change that mentality with a new framework.
 

Miami inside hacker sentenced to one year

Angela Moscaritolo July 16, 2009

A former computer support technician will serve one year in prison for hacking into his former employer's computer network and causing more than $30,000 worth of damage.
 

IT admin sentenced

Angela Moscaritolo July 15, 2009

The former IT director of the Houston-based LifeGift Organ Donation Center, who had been fired in 2005, was sentenced Wednesday to two years in prison and ordered to pay $94,222 for hacking into the computer network of the nonprofit, the U.S. Department of Justice said. Danielle Duann, 51, of Houston pleaded guilty in late April to deleting organ donation database records, accounting files and applications -- then erasing logs to conceal her actions. — AM
 

Latest News

Popular Topics
Android Breaches & Exposures Cyber Attack Cyber War Cyberattack Cybercrime Cyberwarfare Data Breaches DDoS Education Email Security Finance Government Hackers Insider Threat Malware Mobile Devices Mobile Endpoint Security Patch Management Phishing Retail SCADA Social Media Spam Vulnerabilities & Flaws