Detecting malicious activity takes weeks or even months despite the many efforts companies put into building cybersecurity threat detection systems. You can increase your chances of uncovering malicious activity by studying insider threat techniques and applying diverse detection methods. In this article, we discuss the most common techniques behind insider threats and their possible indicators as well as ways you can detect insider threats in an efficient manner.

Our latest analysis of the National Vulnerability Database (NVD) has revealed that 2021 has now officially broken the record for common vulnerabilities and exposures (CVEs) logged by researchers. NIST is the US National Institute of Standards and Technology, and its National Vulnerability Database (NVD) is a repository of Common Vulnerabilities and Exposures (CVEs).

Social engineering is an insidious way of getting "insider access" into an organization's network and data. Threat actors use it to gain sweeping access to carry out sophisticated attacks while evading detection. This "insider" leeway of social engineering makes it an alarming threat that cybercriminals are routinely exploiting now more than ever.

Tim Mackey talks about his journey working in cybersecurity, today’s cyberthreat landscape, and how the industry is evolving.

This blog post is part thirty of the "Hunting with Splunk: The Basics" series. Shannon Davis provided the first half of this blog on pipe hunting in part twenty-nine, and will now run through the second half! – Ryan Kovar

In a pattern of continued growth across the third quarter of 2021, ransomware remains the dominant threat type, more than doubling since 2021 Q1, fuelled by an exponential increase in the initial access broker marketplace. Incidents of unauthorized access and the risk of insider threats also increased, but to a far lesser extent, accounting for roughly 20% of incidents in the same period.

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Most recently we disclosed 11 malicious packages in the PyPI repository, a discovery that shows attacks are getting more sophisticated in their approach.

Imagine it’s December—the biggest sales time of the year. Your e-commerce site is up and running, complete with a robust and diverse inventory for buyers. A few days into the shopping season, you notice an unusually high number of cart abandonments and quite a few customers leaving after viewing a couple of different web pages. You check the web pages. They look fine—in fact, better than fine. (You spent a little extra this year improving the graphic design.) Everyone is stumped.