HackDig : Dig high-quality web security articles for hackers

A Closer Look at the Attempted Ransomware Attack on Tesla

Cybersecurity is in the news again with the disclosure that Tesla, working in conjunction with the FBI, prevented a ransomware attack from being launched at its Gigafactory in Nevada. The cybercriminals targeted Tesla through one of its employees, whom they allegedly promised to pay $1 million in order to help them infect the company’s system with malware.Wh
Publish At:2020-10-20 01:13 | Read:102 | Comments:0 | Tags:Featured Articles IT Security and Data Protection Cyberattac

Loving the Algorithm: User Risk Management and Good Security Hygiene

User risk management watches where people can’t. If you polled a random sampling of employees at various organizations, most would probably consider themselves security-minded. They would argue that they are not actively sending sensitive data to malicious recipients, clicking strange links or downloading attachments from unknown senders. This mindset
Publish At:2020-08-07 09:04 | Read:355 | Comments:0 | Tags:Endpoint Mobile Security Cloud Security Insider Threat Risk

What Are Insider Threats and How Can You Mitigate Them?

What is an insider threat? Insider threats are users with legitimate access to company assets who use that access, whether maliciously or unintentionally, to cause harm to the business. Insider threats aren’t necessarily current employees, they can also be former employees, contractors or partners who have access to an organization’s systems or d
Publish At:2020-07-17 14:07 | Read:405 | Comments:0 | Tags:CISO Endpoint Identity & Access Access Management Cost of a

Copied master key forces South African bank to replace 12 million cards

Fraudsters stole more than $3.2 million from the banking division of South Africa’s post office, after – in a catastrophic breach of security – employees printed out the bank’s master key.According to South African media reports, the security breach occurred in December 2018 when a copy of Postbank’s digital master key was print
Publish At:2020-06-18 12:05 | Read:474 | Comments:0 | Tags:Featured Articles IT Security and Data Protection bank insid

Inadvertent Insider Threats Present a Unique Challenge to Organizations

According to the recent X-Force Threat Intelligence Index 2020, more than 8.5 billion records were exposed due to breaches in 2019, of which 86 percent were due to misconfigured assets. These issues affected only half of the records breached in 2018, and as the 2017 report stated, 70 percent of the 2.9 billion records lost that year were due to misconfigurat
Publish At:2020-03-13 11:46 | Read:1175 | Comments:0 | Tags:CISO Cloud Security Cloud Cloud Services Cloud Services Prov

Gaining Insight Into the Ponemon Institute’s 2020 Cost of Insider Threats Report

Today, I’m pleased to share some of the key findings from the 2020 Cost of Insider Threats Global Report. This is the third benchmark study, independently sponsored by IBM Security and ObserveIT to help understand the direct and indirect costs that result from insider threats. The first study was conducted in 2016 and focused exclusively on companies i
Publish At:2020-02-09 10:30 | Read:750 | Comments:0 | Tags:CISO Security Services Access Management Breach Credentials

Don’t Panic! Create a Winning Cybersecurity Strategy to Preserve CISO Sanity

Stress comes with the territory for chief information security officers (CISOs). As noted by Medium, the job is unpredictable, with “long periods of preparing, watching, waiting, punctuated by periods of high stress and occasional bruising.” As both vendors and cyberthreats proliferate, finding a balance between an effective cybersecurity strateg
Publish At:2017-10-31 05:50 | Read:3979 | Comments:0 | Tags:CISO Automation C-Suite Chief Information Security Officer (

Take a Hike: Navigating Your Identity Governance and Administration Process Engineering Journey

Most of the clients that I speak to say they understand the importance of the processes for identity governance and administration (IGA). These clients typically talk about the familiar people, processes and technologies of identity and access management (IAM), and many of them even consider processes to be a critical element for their IGA program. Unfortuna
Publish At:2017-09-19 12:00 | Read:3957 | Comments:0 | Tags:Identity & Access Identity and Access Governance (IAG) Ident

See No Data, Hear No Data, Speak No Data: Overcoming the Challenges of Risk-Focused Data Management

The art and science known as risk management has been around for years. It is applied in a broad array of areas, including insurance, credit risk ratings, stock and other market risk ratings, foreign policy decisions, military responses and many others. The true irony is that, although risk management has been applied to many aspects of IT, such as change ma
Publish At:2017-09-14 21:10 | Read:5349 | Comments:0 | Tags:Data Protection Risk Management Data Breach Data Management

From Suspicious Activity to Suspended Account in Less Than a Minute: Stopping Insider Threats With Automation

Co-authored by Lauren Horaist. You read the headlines and understand industry trends. There are plenty of horror stories to reference. Organizations have had their reputations destroyed and entire corporations have gone out of business due to insider attacks. How can you avoid being the next victim? First, you need to understand what insider threats really a
Publish At:2017-09-13 08:20 | Read:3435 | Comments:0 | Tags:Cognitive Identity & Access Security Intelligence & Analytic

The CISO’s Guide to Managing Insider Threats

Critical digital and physical assets are becoming increasingly vulnerable due to accelerated connectivity, differing global regulatory requirements, joint ventures and business partnerships and security weaknesses within complex multinational supply chains. These factors have led to a rise in insider threats for enterprises across all industries. An insider
Publish At:2017-09-11 19:25 | Read:4704 | Comments:0 | Tags:CISO Data Protection Identity & Access Chief Information Sec

Spotlight on Energy and Utilities Sector: Attacks Targeting ICS Systems Projected to Increase

There is an increased focus on cybersecurity among governments and energy and utilities organizations worldwide, and for good reason. Attacks on critical infrastructure such as fuel, electricity and drinking water carry the potential for damage far beyond their economic impact. As demonstrated by incidents such as the notorious shutdown of several Iranian nu
Publish At:2017-09-06 20:40 | Read:3943 | Comments:0 | Tags:Advanced Threats Energy & Utility Threat Intelligence Energy

Know Your Data and Your Enemies: Establishing a Baseline for Proactive Threat Hunting

The purveyors of modern threats are not trying to simply deface your website or own your web server. These advanced attackers are attempting to siphon critical and sensitive data from your network over long periods of time, and do so undetected. Where Is Your Data? When threat hunting, at a minimum, you should know where your critical data is stored and how
Publish At:2017-09-06 20:40 | Read:4042 | Comments:0 | Tags:Data Protection Incident Response Risk Management Security I

Seeing Data Security Breaches With Your Own Eyes

Although you can never truly predict the unexpected, most security applications attempt to do just that. They use attack models built to defend against security breaches that follow known patterns or model behaviors using a series of assumptions about exceptions. The attacks that do get through expose the uncomfortable truth that determined attackers can sur
Publish At:2017-08-10 20:40 | Read:3582 | Comments:0 | Tags:Data Protection Access Management Cost of a Data Breach Data

Caveat Emptor: Identifying Insider Threats Acquired From Mergers and Acquisitions

With all the industry studies, articles and literature related to insider threats, it is baffling to see that very few have focused on how insider threats are acquired — in fact, paid for — during a merger and acquisition process. Organizations are so fixated on driving profits and staying competitive that they gobble up any tangible asset they can. Compani
Publish At:2017-08-02 12:30 | Read:5252 | Comments:0 | Tags:Risk Management Acquisition audit Insider Threat Risk Risk A

Tools

Tag Cloud