#insider-threat

#insider-threat

"As part of the alleged scheme to commit trade secret theft, the defendants used their employment to obtain access to confidential and sensitive information," the DoJ said in a press release. "The defendants then exfiltrated confidential and sensitive documents, including trade secrets related to processor security and cryptography and other technologies, from Google and other technology companies to unauthorized third-party and personal locations, including to work devices associated with each other's employers, and to Iran."

That changed last week when the US Department of Justice published a sentencing memorandum [PDF] that frames Williams' conduct as a betrayal of his employer and the US government, and the cause of significant harm to US national security. Williams "made it possible for the Russian Broker to arm its clients with powerful cyber exploits that could be used against any manner of victim, civilian or military around the world," the DoJ said.

Over the past few years, while applying for security and risk-related roles, I noticed a pattern that surprised me: many background screening vendors only asked for a few years of employment history, minimal address information, minimal educational verification, and returned results within one or two days. In contrast, I also noticed that industries with higher regulatory standards, such as finance and transportation, conduct far deeper checks that can span from weeks to months.

The individual was believed to have been paid around $25,000 for this, which all things considered, I think, is quite low when you're risking being fired and, you know, a potential jail sentence in the aftermath of this. So these were leaked on Telegram. CrowdStrike, obviously, was made aware of this and they reacted pretty swiftly like we mentioned. That person has since been dismissed, I don't think it was too much of an issue for HR in that situation.

Today's reminder of the insider threat comes to us from the National Health Service in the U.K. Craig Meighan and Billy Gaddi report: A woman has been charged after Scots patients had their private medical records accessed during an NHS data breach. Reports suggest around 100 patients in NHS Lothian could have had their records accessed as a result of the incident. The health board said it discovered patients in the region may have had their information "inappropriately accessed" during routine monitoring.

Microsoft announced that its SIEM and SOAR solution Sentinel has evolved into a unified AI-ready platform that connects users, agents, devices, actions, and risks across the security environment. This enables defenders to trace attack paths, assess blast radius, and prioritize responses with greater clarity. Security Copilot builds on this foundation, allowing teams to create custom AI agents (no coding required) that integrate seamlessly into daily workflows.

A US-based fintech firm has warned customers their data may have been exposed following an insider attack.

Students acting maliciously - often for fun - are increasingly the cause of cyber attacks affecting schools and colleges in the UK, according to new data from the Information Commissioner's Office, which today warned that the culprits may be setting themselves up for a life of cyber crime.

Since 2022, the ICO has investigated 215 hacks and breaches in education settings and says 57% were carried out by children. According to the new data, almost a third of the breaches involved students illegally logging into staff computer systems by guessing passwords or stealing details from teachers. In one incident, a seven-year-old was involved in a data breach and subsequently referred to the National Crime Agency's Cyber Choices programme to help them understand the seriousness of their actions.

A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company's servers. Davis Lu, 55, spent a dozen years at Eaton and rose to become a senior developer of emerging technology, before the company demoted him after restructuring. Lu unwisely responded to that setback by installing a "kill switch" that would activate if the company revoked his network access.

Rahman unlawfully retained and transmitted Top Secret National Defense Information, affecting national security and exposing sensitive details about a U.S. ally.

The RN accessed medical records for reasons unrelated to patient care while on a leave of absence, highlighting serious weaknesses in privacy protections.