Security News
Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security. In its latest report on the SolarWinds attack, which it tracks as Solorigate, Microsoft explains how the attackers got from the Sunburst malware to the Cobalt Strike loaders, and how they kept the components separated as much as possible to avoid being detected.
Cyan Forensics announced a new partnership with Susteen, the California-based developer of mobile forensic tools. Founded in 2016, Cyan Forensics' technology for scanning computers is already used by the Home Office Child Abuse Image Database system and policing across the UK for offences relating to Child Sexual Abuse Material, and is deployed with counter terror policing in the UK and Europe.
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
Endace announced that the EndaceProbe Analytics Platform is now integrated with Palo Alto Networks Cortex XSOAR, the industry's first extended security, orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise. Through this integration, Endace and Cortex XSOAR provide customers with network packet capture from within Cortex XSOAR playbooks to enable accelerated, evidence-led, forensic investigation of cyberthreats.
Zimperium, the global leader in mobile security, announced a strategic partnership with ZecOps, the leading agentless automated Digital Forensics and Incident Response provider, enhancing Zimperium's offering with ZecOps' advanced mobile forensics capabilities. "Through our partnership with ZecOps, Zimperium is now the only company that can provide companies and government agencies with on-device, machine learning-based threat detection and automated digital-rich forensics for incident response efforts."
Criminals sometimes damage their mobile phones in an attempt to destroy data. Manufacturers use those taps to test their circuit boards, but by soldering wires onto them, forensic investigators can extract data from the chips.
Magnet Forensics released Magnet AXIOM Cyber, an innovative new solution purpose-built for organizations that need to perform remote acquisitions as well as collect and analyze evidence from cloud sources, computers and mobile devices. In addition to all the innovative features found in Magnet AXIOM, Magnet Forensics' best-in-class digital forensics solution, AXIOM Cyber enables investigators to remotely collect evidence from target endpoints.
With NetWars SANS has raised the ante with a set of cyber-tournaments that let participants work through a range of challenging levels and master the skills employed by information security professionals. SANS certified instructor Steve Armstrong, with SANS since 2007, explains how NetWars work.
ExtraHop, the leader in cloud-native network detection and response, announced a new integration with Amazon Web Services (AWS) that automates the isolation of compromised Amazon Elastic Compute...
Probing contraband mobes to reduce prison crimes The UK Ministry of Justice is setting up a digital forensics lab to probe mobile phones seized from prisoners.…