An insider threat is a threat to an organization that comes from negligent or malicious insiders, such as employees, former employees, contractors, third-party vendors, or business partners, who have inside information about cybersecurity practices, sensitive data, and computer systems.

All National Health Service (NHS) and social care organisations in the United Kingdom have always been and will always be a target for bad actors. The nature of their business and the sensitive data they hold make these entities appealing to bad actors who know that legacy systems, and/or, not regularly patched systems, such as those employed by healthcare organizations are easy to penetrate.

A 64-year-old man has pleaded guilty in a Texan court to charges of money laundering after a series of attacks that defrauded companies out of hundreds of thousands of dollars. Kenenty Hwan Kim (who sometimes went by the name Myung Kim) took advantage of a simple trick that has proven highly effective to fraudsters in recent years. The method of tricking businesses into handing over large amounts of money is known as Business Email Compromise (BEC), and comes in a variety of flavours.

When organizations around the world began shifting their workforces in response to the COVID-19 crisis, the question on everyone’s mind was “When will things go back to normal?” When social media giant Twitter announced it would be allowing employees to work remotely permanently, the conversation took a quick shift: Forget normal, are traditional offices gone for good?

The nature of work these days is collaborative. Teams that work together get more done. But successful collaboration in business goes beyond people; it applies to the tools teams use to get their work done. Never has this been more true than now with the global pandemic that has shut most offices down and led to widespread remote-work situations for employees.

In May 2013, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its updated Internal Control-Integrated Framework. COSO is an organization that aims to improve organizational performance and corporate governance through effective internal control, enterprise risk management, and fraud deterrence.

JFrog is pleased to announce that our comprehensive Cloud Enterprise+ plan is now available on Amazon Web Services (AWS) Marketplace through Private Offers. JFrog Cloud Enterprise+ on AWS is a universal, highly-available SaaS offering of the JFrog Platform for demanding DevSecOps at global scale.

Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a foreign program or device and immediately block them.

Ervin McBride IV – TDP Engineer II contributed to this article. Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.

June 1st 2020: Fireeye end of life The Email Laundry email security service. This comes as a surprise to many as Fireeye acquired The Email Laundry back in 2017 and seemingly had plans to greatly expand the service. The Email Laundry serviced MSPs and small organizations whereas Fireeye had a conserted desire and history servicing Enteprise businesses. This may be why Fireeye decided to exit the SME Email Security service market.