October 30, 2024 at 11:24AM A former Disney employee, Michael Scheuer, was arrested for hacking into the company’s systems post-termination, altering restaurant menus to eliminate allergen information and redirect QR codes. These actions could have posed serious health risks. Charged with multiple violations, he faces significant prison time if convicted. A bond hearing is pending. … Read more
October 18, 2024 at 10:48AM North Korean IT workers are infiltrating Western companies under false identities, stealing intellectual property, and demanding ransoms, indicating a shift towards more aggressive tactics. Secureworks highlights evolving risks, advocating for rigorous recruitment checks and awareness regarding suspicious behaviors and financial activities to mitigate insider threats and data extortion. ### Meeting … Read more
September 2, 2024 at 10:48PM A 57-year-old man from Missouri has been arrested for a failed data extortion campaign against his former employer, an industrial company in New Jersey. Daniel Rhyne faces charges including extortion, intentional damage to a protected computer, and wire fraud after attempting to extort 20 bitcoins, valued at $750,000. He could … Read more
July 26, 2024 at 06:27AM Email security providers are expanding their offerings to include human risk management tools for data loss prevention (DLP). Mimecast acquired Code42, their second human risk management acquisition this year. Competitors like Proofpoint, Sophos, and ESET are also making similar moves. Mimecast’s CEO highlighted plans to integrate Code42’s capabilities and maintain … Read more
May 17, 2024 at 05:54AM The US government has charged, seized funds, and made arrests in an effort to disrupt a North Korean scheme involving IT workers infiltrating companies. The workers stole identities to secure jobs and diverted their earnings to fund North Korea’s nuclear program. Two individuals have been arrested, with rewards offered for … Read more
May 1, 2024 at 03:12AM A former NSA employee has been sentenced to 22 years in prison for attempting to transfer classified documents to Russia. Despite a short tenure at NSA, Jareh Dalke made contact with an undercover FBI agent posing as a Russian, and transmitted top-secret documents in exchange for money. Dalke pleaded guilty … Read more
March 15, 2024 at 11:29AM Former telecom manager in New Jersey pleads guilty to conspiracy charges for unauthorized SIM swaps enabling hacking of customer accounts. SIM swaps involve porting a person’s phone number without authorization. The swaps aim to receive SMS-based one-time passwords for account takeovers. Telecom providers have since implemented measures to prevent such … Read more
March 8, 2024 at 05:05PM Former Google software engineer Linwei Ding, also known as Leon Ding, has been charged by the US Justice Department with stealing AI-related trade secrets from Google. If convicted, he faces up to 10 years in prison and a $250,000 fine on each of the four counts. The case highlights the … Read more
October 30, 2023 at 07:39AM Whistleblowing in the field of cybersecurity is on the rise, with recent high-profile cases involving Twitter and Penn State’s Applied Research Laboratory. Whistleblowers play a crucial role in uncovering compliance and security issues within organizations, and their concerns should be encouraged, heard, and addressed internally. Ignoring whistleblowers can lead to … Read more
October 26, 2023 at 04:25PM This week’s Kettle discusses the issue of insider threats and highlights recent cases involving rogue employees attempting to sell stolen documents and secrets. It also brings attention to the use of security snoops by US Immigration and Customs Enforcement to monitor social media content. The Kettle is hosted by Iain … Read more