insider threat (8)

9573356268?profile=RESIZE_400xInsider threats are of serious concern for all businesses.  Former or recently terminated employees add a much higher level of risk for theft, destruction, or release of company data.   A former credit union employee is now facing a ten (10) prison sentence after pleading guilty to destroying large amounts of corporate data in revenge for being fired.

This former employee who lives in Brooklyn NY, pleaded guilty in the US Eastern District Court recently, admitting to one count of computer intrus

9546325898?profile=RESIZE_400xSecurity professionals have long wrestled with properly identifying rogue employees bent on crippling a company.  This was once evident in identifying stolen proprietary or classified paper documents for personal or professional gains – or some were just plain focused on outright revenge and destruction.  Now ‘everything’ is cyber related, yes everything, and thus cyber security meets with physical security, human resources (HR) and company management teams.  This lateral cooperation is a must i

9465793865?profile=RESIZE_400xA new twist on an old con; remember all the Nigerian Princes who wanted to share their fortune with you, if only you would only send them your bank account number?  Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in bitcoins to deploy Black Kingdom ransomware on companies' networks as part of an insider threat scheme.

"The sender tells the employee that if they're able to deploy ransomware on a company computer or Windows server, then th

9408552270?profile=RESIZE_400xOn 5 August 2021 a threat actor using the handle m1Geelka, made a post on the Russian XSS cybercriminal forum.  In the post, they claim to have leaked the manuals and instructions used by the Conti ransomware group whom with they were previously associated.  These posts provide valuable insight into Conti operations.  While the group is highly likely to change its exposed infrastructure and their tactics, techniques, and procedures (TTP’s), network defenders are now able to research this informa

8123810886?profile=RESIZE_400xThe Covid-19 pandemic has led to dangerous gray areas for employers, such as new BYOD policies, thanks to the rapid and required shift to remote working.  The work to home (WTH) phenomenon has cause numerous cyber challenges.  This creates an ‘insider threat’ scenario.  Yes, trusted employees working at home could become an insider threat, though most likely an unwitting threat.[1]  Many company cyber security professionals are starting to seriously examine the changing nature of traditional ins

6521458097?profile=RESIZE_400xActivity Summary - Week Ending 2 July 2020:

  • Analysts identified 3,351 new IP addresses participating in various Botnets
  • Red Sky Alliance identified 54,358 connections from new unique IP addresses
  • Insider Threats still #1
  • Fileless Attacks
  • SixLittleMonkeys has an API
  • Lucifer Malware
  • Corona’s making a comeback, Oil Prices still in Flux
  • Iran looking to avoid the Strait of Hormuz Oil Shipping Route
  • Russia using Anti-Drone technology to protect Oil Fields
  • The US is opening the Arctic for Oil Explorat

In a recent blog by Nitzan Daube, CTO of NanoLock¸ he provides an explanation regarding the importance of security focus on both IT hardware, physical security and cyber security consequences.  Wapack Labs agrees whole heartedly, and is providing solutions.

Wapack Labs participated in a recent lecture at the October 2018 ASIS Conference, held in Las Vegas NV.  Our joint lecture specifically addressed hardware compromise, adherence to physical security and the psychology of insider threats.  Rece

Cyber security professionals often get focused on dangers which appear inside their networks or within company messages, sometimes overlooking physical threats.  Laptops and devices routinely leave the confines of network cyber security parameters.  In this circumstance, a hacker can easily get physically next to a vulnerable laptop, which may permit firewall rules and DNS Security inoperable to a bad guy hacking into “your” laptop.[1]  This is why Wapack Labs strongly suggest linking physical s