Network Computing Dark Reading

Advertise

Vulnerabilities / Threats

4/9/2013
03:11 PM

Ericka Chickowski
Slideshows

Connect Directly

1 Comment
Comment Now

50%

Slide Show: 8 Egregious Examples Of Insider Threats

Real-world case studies from the CERT Insider Threat Center

1 of 9

Unlike large customer information data breach cases that are publicly announced due to disclosure laws, many of the most intriguing insider theft, sabotage, and fraud cases never see the light of public scrutiny because companies would rather not air their dirty laundry if they don't have to. But these cases can offer valuable lessons on how insiders can be a threat in future situations. That is why the folks at the CERT Insider Theft Center work with private sector firms and law enforcement authorities to discretely study insider cases for the benefit of the industry. Since 2001, CERT has studied more than 800 cases.

Here are eight illustrative examples of the kind of damage these insiders can do to an organization.

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. View Full Bio

1 of 9

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

The Insider Threat: Real Defense for Real Businesses

Cyber Threat Intelligence Inside Your Organization

More Webcasts

White Papers

4 Support Teams That Embraced Mobile

If It Ain't Broke, Don't Fix It: Cofense Malware Review Q2-Q3 2018

More White Papers

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Managing the Risk of Post-breach or Resident Attacks

More Reports

Comments

Newest First | Oldest First | Threaded View

[close this box]

50%

hrutledge974,
User Rank: Apprentice
5/2/2013 | 6:16:06 PM

re: Slide Show: 8 Egregious Examples Of Insider Threats

The arrows on the slide show don't work. They are grayed out.

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

Veterans Find New Roles in Enterprise Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading, 11/12/2018

To Click or Not to Click: The Answer Is Easy

Kowsik Guruswamy, Chief Technology Officer at Menlo Security, 11/14/2018

Understanding Evil Twin AP Attacks and How to Prevent Them

Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies, 11/14/2018

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

4 Support Teams That Embraced Mobile

The IT Pro's Guide to DIY Antivirus Testing

SANS 2018 Threat Hunting Survey Results

The Changing Landscape of U.S. Election Security

Securing your Code for GDPR Compliance

More White Papers

Video

All Videos

Cartoon

Latest Comment: You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Online Malware and Threats: A Profile of Today's Security Posture

This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!

Download Now!

The Risk Management Struggle

0 comments

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-5407
PUBLISHED: 2018-11-15

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

CVE-2018-14934
PUBLISHED: 2018-11-15

The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.

CVE-2018-14935
PUBLISHED: 2018-11-15

The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.

CVE-2018-16619
PUBLISHED: 2018-11-15

Sonatype Nexus Repository Manager before 3.14 allows XSS.

CVE-2018-16620
PUBLISHED: 2018-11-15

Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control.

Terms of Service
Privacy Statement
Legal Entities