Questions tagged [insider-threats]

An insider threat is a malicious hacker (also called a cracker or a black hat) who is an employee or officer of a business, institution, or agency. The term can also apply to an outside person who poses as an employee or officer by obtaining false credentials. The cracker obtains access to the computer systems or networks of the enterprise, and then conducts activities intended to cause harm to the enterprise.

33 questions

127

votes

8 answers

Why is storing passwords in version control a bad idea?

My friend just asked me: "why is it actually that bad to put various passwords directly in program's source code, when we only store it in our private Git server?" I gave him an answer that highlighted a couple of points, but felt it wasn't…

asked Aug 15 '18 at 11:05

d33tah

6,524
8
38
60

votes

9 answers

What can a company do against insiders going rogue and negatively affecting essential infrastructure?

In 2013, a Citibank employee had a bad performance review that ticked him off. The results were devastating: Specifically, at approximately 6:03 p.m. that evening, Brown knowingly transmitted a code and command to 10 core Citibank Global Control…

attack-prevention threat-mitigation insider-threats

asked Jul 28 '16 at 12:08

Nzall

7,313
6
29
45

votes

11 answers

How to protect my code from “insider” threats when hiring my first employee?

I quit my job to start my own SaaS product. I’m now looking to hire my first employee (another developer). I will be taking appropriate legal precautions to protect my IP, but I’m wondering what other reasonable actions that I can take to further…

insider-threats

asked Jun 28 '20 at 23:41

arao6

votes

2 answers

What is the procedure to follow against a security breach?

Last week, a couple of guys were fired from the company I work for; all of them had access to sensitive information. One of them erased all the e-mails from the mail server, sent a massive e-mail to most of our customers, insulting them, and…

access-control corporate-policy insider-threats

asked May 08 '12 at 16:51

ILikeTacos

votes

2 answers

What security risks do unauthorized mobile hotspot (MiFi) devices on company proprerty pose?

I'm having some difficulty determining how, or if, MiFi devices on property should be regulated. Personally, I see them as having little difference from any other rogue AP in the environment - the only real distinction being that they're generally…

wifi insider-threats

asked Jan 26 '11 at 16:10

Iszi

26,997
18
98
163

votes

6 answers

How can I secure a network share from the insider threat?

We have a network share that contains thousands of files. I am concerned that anyone with access to the internet could copy that information to a CD. In addition to disabling all removable media, what else could I do to prevent someone from…

windows insider-threats dlp

asked Feb 14 '11 at 15:48

SLY

votes

1 answer

Insider threats for Private Clouds

Any one has any information or pointers to insider threats when cloud platforms like openstack etc deployed within corporate data centers ? What are different kinds of internal threats in general for traditional corporate datacenters ( I.e when…

cloud-computing insider-threats

asked Nov 19 '12 at 05:39

sashank

votes

2 answers

Attack on Tor with stolen private keys of main nodes

What could attacker do with stolen private keys of main nodes? Tor is based on 10 main nodes: moria1, tor26, dizum, Tonga, etc. IP Addresses of this nodes hard-coded into client. ./src/or/config.c: static…

tor insider-threats nsa

asked Sep 21 '13 at 17:09

trankvilezator

votes

1 answer

How does FireEye HX work?

Can someone please expand on how FireEye HX works, what does it do exactly? Here is the site info: https://www.fireeye.com/products/hx-endpoint-security-products.html, but it's written in such an empty language that should get a reward for saying…

threats insider-threats end-points

asked Mar 01 '16 at 22:18

costa

votes

1 answer

How should privileged users keep each other in check?

In order to protect systems from insider attacks, companies can apply policies restricting their access. In the case of an employee's termination, the IT department can disable their account before they receive the news to prevent potential damage…

access-control insider-threats

asked May 30 '18 at 20:17

VortixDev

votes

1 answer

Can cascaded routers protect inner network's machine from attacker from outer network?

Given: Outer Network router A wan ip 209.123.12.11 address 10.10.0.1 machine A address 10.10.0.10 gateway 10.10.0.1 Inner Network router B wan ip 10.10.0.100 address 192.168.10.1 machine B address 192.168.10.10 gateway…

http sniffer router sslstrip insider-threats

asked Sep 10 '15 at 12:58

developer.cyrus

votes

1 answer

How to prevent azure pipelines (yaml) from being used as an attack vector?

Let's say the following scenario exists: A git repository exists on Azure DevOps Repos. The repository uses yaml pipelines (azure-pipelines.yml). The repository has branch policies to ensure that changes go through pull requests. The build pipeline…

source-code attack-vector azure insider-threats

asked May 15 '20 at 04:22

myermian

votes

2 answers

Insider's threat to a hosted server

If we buy a VPS, the admin of the enclosing server can always steal our data, right? Is using a dedicated server a solution? (We can't afford our own datacenter in any case.) But it seems that stealing from a dedicated server is harder, as one needs…

server virtualization insider-threats

asked Dec 26 '16 at 22:24

porton

vote

3 answers

What devices support the permanent addition of an ARP table entry? What tools are available to manage this?

I would like to improve wireless security and certain other on-net security scenarios with a permanent ARP table entry. The idea being that someone on the same subnet or WiFi network will have a more difficult time spoofing my access point. What…

network wifi routing threat-mitigation insider-threats

asked Oct 01 '11 at 00:06

makerofthings7

50,090
54
250
536

vote

2 answers

Can I find out if my employer is snooping on me?

I work at a large university and have a computer supplied by my employer. I would like to find out whether my employer is snooping or can snoop on my files or activity on my computer. Can I find that out? How would I go about? There is apparently…

privacy macos protection insider-threats snooping

asked Aug 26 '14 at 16:54

trmdttr

2 3 Next