Advertise

Vulnerabilities / Threats

4/9/2013
03:11 PM

Ericka Chickowski
Slideshows

Connect Directly

1 Comment
Comment Now

50%

Slide Show: 8 Egregious Examples Of Insider Threats

Real-world case studies from the CERT Insider Threat Center

1 of 9

Unlike large customer information data breach cases that are publicly announced due to disclosure laws, many of the most intriguing insider theft, sabotage, and fraud cases never see the light of public scrutiny because companies would rather not air their dirty laundry if they don't have to. But these cases can offer valuable lessons on how insiders can be a threat in future situations. That is why the folks at the CERT Insider Theft Center work with private sector firms and law enforcement authorities to discretely study insider cases for the benefit of the industry. Since 2001, CERT has studied more than 800 cases.

Here are eight illustrative examples of the kind of damage these insiders can do to an organization.

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. View Full Bio

1 of 9

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

Improving Enterprise Authentication: Taming the Password Beast

Learn About Cyber Attackers and How They Target Your Organization

More Webcasts

White Papers

Phishing Attack Bypasses Two-Factor Authentication

Mobile Devices: The New Support Frontier for IT (IDG Report)

More White Papers

Reports

2018 State of the Cloud Report

[Dark Reading Report] Navigating the Threat Intelligence Maze

More Reports

Comments

Newest First | Oldest First | Threaded View

[close this box]

50%

hrutledge974,
User Rank: Apprentice
5/2/2013 | 6:16:06 PM

re: Slide Show: 8 Egregious Examples Of Insider Threats

The arrows on the slide show don't work. They are grayed out.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

New Mexico Man Sentenced on DDoS, Gun Charges

Dark Reading Staff 5/18/2018

Cracking 2FA: How It's Done and How to Stay Safe

Kelly Sheridan, Staff Editor, Dark Reading, 5/17/2018

What Israel's Elite Defense Force Unit 8200 Can Teach Security about Diversity

Lital Asher-Dotan, Senior Director, Security Research and Content, Cybereason, 5/21/2018

Webinars

Improving Enterprise Authentication: Taming the Password Beast

Malicious Insiders: Real Defense for Real Businesses

Dark Reading Virtual Event: Why Cybercriminals Attack

Webinar Archives

White Papers

Phishing Attack Bypasses Two-Factor Authentication

Mobile Devices: The New Support Frontier for IT (IDG Report)

Cyber-Attack Security Guide

Malware Review: A Look Back & Look Forward

Virtual Support Agent Evaluation

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Shhh! They're watching... And you have a laptop?

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Navigating the Threat Intelligence Maze

Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.

Download Now!

The State of Ransomware

0 comments

[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem

0 comments

The Impact of a Security Breach 2017

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-10000
PUBLISHED: 2018-05-24

In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.

CVE-2018-10001
PUBLISHED: 2018-05-24

OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID (DataPath IDentifier) in the features_reply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network Instabil...

CVE-2018-10001
PUBLISHED: 2018-05-24

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed ...

CVE-2018-10003
PUBLISHED: 2018-05-24

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerab...

CVE-2018-10003
PUBLISHED: 2018-05-24

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been...

Terms of Service
Privacy Statement
Legal Entities