Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/11/2012
10:08 AM
50%
50%

When Someone Else's Insider Is Your Threat

As Symantec recently learned, your intellectual property could be at risk from third parties with whom you do business.

Protecting intellectual property against insiders is tough enough when the insiders are a company's own employees. The problem becomes even more difficult when a third party--whether a vendor or customer--has access to confidential information.

Just ask Symantec. Last week, the company confirmed that a group of hackers had stolen the source code to two of the firm's older products--Endpoint Protection 11.0 and Antivirus 10.2--from a third party. The group of allegedly Indian hackers, using the name "The Lords of Dharmaraja," claimed that the leak came from the Indian government and planned to release the code to the public.

"Symantec's own network was not breached, but rather that of a third party entity," Symantec spokesman Cris Paden said in an e-mailed statement. "We are still gathering information on the details and are not in a position to provide specifics on the third party involved."

The leak is an embarrassment to the company, but Symantec maintains that it does not represent a major threat. The source code from the two programs is four to five years old, Paden says.

"Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solutions," he said. "In 2010 alone, we distributed 10 million updates to our products in response to new cyber threats. If you extrapolate to four and five years, you can get an idea of how much our ... code has evolved over the following years."

Yet, a significant question for companies is why did the Indian government, if the code was indeed stolen from the government, keep the code so long, says Rob Rachwald, director of security strategy for Imperva.

Read the rest of this article on Dark Reading.

Heightened concern that users could inadvertently expose or leak--or purposely steal--an organization's sensitive data has spurred debate over the proper technology and training to protect the crown jewels. An Insider Threat Reality Check, a special retrospective of recent news coverage, takes a look at how organizations are handling the threat--and what users are really up to. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.
CVE-2021-41395
PUBLISHED: 2021-09-18
Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username.
CVE-2021-3806
PUBLISHED: 2021-09-18
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.