Threat actors are recruiting the people who hold cloud logins 2026-06-11 at 11:18 By Anamarija Pogorelec Companies keep most of their data and applications in cloud platforms that anyone can reach with the right login. That setup turns each employee holding those credentials into a security variable, and members of the cybercrime underground have built […]
Threat actors are recruiting the people who hold cloud logins Read More »
Terminated contract led to $2.5 million cyber extortion scheme 2026-03-20 at 19:32 By Sinisa Markovic A federal jury convicted Cameron Curry, 27, a Charlotte resident, of carrying out an extensive cyber extortion scheme targeting a Washington, D.C.-based international technology company. He faces up to two years in prison on each of the six charges. Curry,
Terminated contract led to $2.5 million cyber extortion scheme Read More »
The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one
The $19.5 million insider risk problem Read More »
What happens to insider risk when AI becomes a coworker 2026-01-08 at 08:04 By Help Net Security In this Help Net Security video, Ashley Rose, CEO at Living Security, discusses how AI is changing insider risk. AI is now built into daily work across departments, which shifts how risk shows up and how security teams
What happens to insider risk when AI becomes a coworker Read More »
Understanding AI insider risk before it becomes a problem 2026-01-05 at 07:31 By Help Net Security In this Help Net Security video, Greg Pollock, Head of Research and Insights at UpGuard, discusses AI use inside organizations and the risks tied to insiders. He explains two problems. One involves employees who use AI tools to speed
Understanding AI insider risk before it becomes a problem Read More »
Crypto theft in 2025: North Korean hackers continue to dominate 2025-12-18 at 17:42 By Zeljka Zorz When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new Chainalysis report on crypto theft in 2025 revealed. “North Korean hackers stole $2.02 billion
Crypto theft in 2025: North Korean hackers continue to dominate Read More »
Product showcase: Syteca – The human-centric insider threat management platform 2025-10-29 at 08:00 By Help Net Security Most organizations think the greatest danger lurks outside their walls. But statistics keep proving otherwise. According to Verizon’s 2025 Data Breach Investigation Report, 60% of breaches involve the human element. The real risk often comes from within –
Product showcase: Syteca – The human-centric insider threat management platform Read More »
Ransomware, extortion groups adapt as payment rates reach historic lows 2025-10-27 at 15:12 By Zeljka Zorz Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according
Ransomware, extortion groups adapt as payment rates reach historic lows Read More »
Identifying risky candidates: Practical steps for security leaders 2025-10-16 at 08:32 By Help Net Security Effective insider threat defense begins with candidate vetting. Background checks and reference calls can confirm elements of an applicant’s history, but they rarely surface the deeper risks that can turn into costly problems down the line. Identity verification, credential validation,
Identifying risky candidates: Practical steps for security leaders Read More »
North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S. 2025-10-01 at 17:24 By Zeljka Zorz North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has broadened its scope to attempt to infiltrate a variety of industries worldwide, including finance, healthcare, public
North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S. Read More »
How CISOs are balancing risk, pressure and board expectations 2025-08-28 at 07:05 By Sinisa Markovic AI has moved to the top of the CISO agenda. Three in five CISOs see generative AI as a security risk, with many worried about sensitive data leaking through public tools. At the same time, most organizations are not blocking
How CISOs are balancing risk, pressure and board expectations Read More »
Why a new AI tool could change how we test insider threat defenses 2025-08-25 at 09:04 By Mirko Zorz Insider threats are among the hardest attacks to detect because they come from people who already have legitimate access. Security teams know the risk well, but they often lack the data needed to train systems that
Why a new AI tool could change how we test insider threat defenses Read More »
Developer Who Hacked Former Employer’s Systems Sentenced to Prison 2025-08-22 at 13:57 By Ionut Arghire Davis Lu was sentenced to four years in prison for installing malicious code on employer’s systems and for deleting encrypted data. The post Developer Who Hacked Former Employer’s Systems Sentenced to Prison appeared first on SecurityWeek. This article is an
Developer Who Hacked Former Employer’s Systems Sentenced to Prison Read More »
Most cybersecurity risk comes from just 10% of employees 2025-07-16 at 07:46 By Anamarija Pogorelec A new report from Living Security and the Cyentia Institute sheds light on the real human element behind cybersecurity threats, and it’s not what most organizations expect. The Risky Business: Who Protects & Who Puts You at Risk report analyzes
Most cybersecurity risk comes from just 10% of employees Read More »
Why AI agents could be the next insider threat 2025-06-30 at 07:37 By Help Net Security In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and invisible to identity governance systems. With a special focus on the healthcare sector, Shrestha
Why AI agents could be the next insider threat Read More »
How well do you know your remote IT worker? 2025-05-27 at 08:06 By Sinisa Markovic Is the remote IT worker you recently hired really who he says he is? Fake IT workers are slipping into companies around the world, gaining access to sensitive data. Recently, more of these schemes have been linked to North Korea.
How well do you know your remote IT worker? Read More »
Why layoffs increase cybersecurity risks 2025-05-26 at 08:32 By Sinisa Markovic A wave of layoffs has swept through the tech industry, leaving IT teams in a rush to revoke all access those employees may have had. Additionally, 54% of tech hiring managers say their companies are likely to conduct layoffs within the next year, and
Why layoffs increase cybersecurity risks Read More »
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users 2025-05-21 at 16:54 By Ryan Naraine A mandatory filing to the Maine Attorney General says 69,461 customers nationwide were affected and dates the breach back to last December. The post Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users appeared first on SecurityWeek. This article is
Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users Read More »
Coinbase suffers data breach, gets extorted (but won’t pay) 2025-05-15 at 17:35 By Zeljka Zorz Cryptocurrency exchange platform Coinbase has suffered a breach, which resulted in attackers acquiring customers’ data that can help them mount social engineering attacks, the company confirmed today by filing a report with the US Securities and Exchange Commission (SEC). The
Coinbase suffers data breach, gets extorted (but won’t pay) Read More »
Insider risk management needs a human strategy 2025-05-14 at 08:01 By Mirko Zorz Insider risk is not just about bad actors. Most of the time, it’s about mistakes. Someone sends a sensitive file to the wrong address, or uploads a document to their personal cloud to work from home. In many cases, there is no
Insider risk management needs a human strategy Read More »