Compliance Week conducted a survey which shows the importance of both advanced technology and dedicated teams that can quickly deliver data insights to reduce time and cost and result in better outcomes. "Vast increases in information, changing data privacy and compliance requirements, and growing cybersecurity risks are all contributing to the need for a faster approach to managing and conducting investigations that results in better outcomes."
In the wake of the recent claims that T-Mobile U.S. has suffered a massive data breach and the consequent industry reactions, the company has shared additional information its internal investigation has uncovered. "Yesterday, we were able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals. We also began coordination with law enforcement as our forensic investigation continued," T-Mobile explained.
Published by Cybereason, the report said that it found evidence of three different clusters of attacks going back to at least 2017, all perpetrated by groups or individuals connected in some way to advanced persistent threat groups Soft Cell, Naikon and Group-3390, which have each operated for the Chinese government in the past. Cybereason said it believes the goal of the attacks was to established continuous access to telecom provider records "And to facilitate cyber espionage by collecting sensitive information, compromising high-profile business assets such as the billing servers that contain Call Detail Record data, as well as key network components such as the Domain Controllers, Web Servers and Microsoft Exchange servers."
The predictions generated by Casepoint's CaseAssist technology in eDiscovery, investigations, and other document-intensive review projects eliminate the need for users to review documents that are nearly certain to be non-relevant, saving thousands of dollars in review time. Through CaseAssist Active Learning, users can choose to train a single or multiple models with no sample set requirement and CaseAssist will ensure relevant documents are prioritized for review.
Delivered through an elegant single pane of glass and deployed in a matter of hours, IntSights' External Threat Protection Suite provides enterprise-grade external threat intelligence and IOC management capabilities enabling security teams to defend against a rapidly evolving threat landscape while significantly reducing their workload. Centralizing the collection, management, and integration of dozens of threat intelligence sources in the same platform, security teams can streamline investigation and proactively block threats with IntSights' built-in TIP capabilities. "The enhancements we continue to make to the IntSights ETP allow these teams to significantly streamline threat investigations and proactively block threats from within their connected security devices. Our mission is to empower every organization with threat intelligence, and you just can't utilize TI successfully without built-in TIP capabilities."
While it's true that threat hunting, incident response, and threat research all have their foundations in science, throughout my entire career I have found it is also fundamentally true that the most successful threat hunters, incident responders, and threat researchers are far more artist than scientist. When you write reports about your threat research that will be released publicly, do not simply annotate the threat you documented.
AI officially launched on Thursday with a security investigations platform and $4.6 million in seed funding. AI says it will be used to accelerate adoption of its product.
Ireland's Data Protection Commission is investigating a massive data leak concerning a database containing personal information belonging to more than 530 million Facebook users. "Previous datasets were published in 2019 and 2018 relating to a large-scale scraping of the Facebook website which at the time Facebook advised occurred between June 2017 and April 2018 when Facebook closed off a vulnerability in its phone lookup functionality," the DPC said.
CSAE framework: Smart data science technologies supporting criminal investigations. A frequently proposed solution is the introduction of 'smart' data science technologies to support criminal investigations.
Brewing company Molson Coors acknowledged on Thursday that it has "Experienced a systems outage that was caused by a cybersecurity incident," according to a Form 8-K filed with the SEC. The company did not say which type of attack has caused widespread issues across its entire business - including its brewery operations, production and shipments - but given recent major attacks on other mainstream companies, security experts are speculating that it could have been a ransomware attack. "High-profile attacks are becoming all too common, as attackers have realized they are immensely more profitable when they target large organizations and disrupt their critical business operations - in this case, the brewing operations of the world's biggest, well-known beer brands," observed Edgard Capdevielle, CEO at Nozomi Networks, in an email to Threatpost.