Security News

Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional's role. Threat intelligence platforms can significantly enhance their ability to do...

Digital forensics plays a crucial role in analyzing and addressing cyberattacks, and it's a key component of incident response. Digital forensics provides vital information for auditors, legal teams, and law enforcement agencies in the aftermath of an attack.

Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition.

The dreaded data breach is an outcome feared by companies of all sizes in today's threat landscape, largely due to the significant costs involved. Each year, IBM's eagerly anticipated Cost of a Data Breach Report seems to come with the bad news of an increase in data breach costs, and 2023 is no exception.

Verizon Business today released the results of its 16th annual Data Breach Investigations Report, which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware - malicious software that encrypts an organization's data and extorts large sums of money to restore access.

In this article, we will cover the transformation in the field of DFIR in the last couple years, focusing on the digital forensics' aspect and how XDR fits into the picture. Transferring Time: the time it takes to deliver the evidence from the compromised machines to the DFIR team labs.

Cybersecurity firm Darktrace says it found no evidence that the LockBit ransomware gang breached its network after the group added an entry to their dark web leak platform, implying that they stole data from the company's systems. Hours after the gang claimed DarkTrace as a victim on their data leak site, the company conducted an investigation and found no evidence of a breach of their systems.

We must remain mindful of the perils of contacting users during an insider risk investigation. As Insider Risk Analysts, our goal is to seek understanding; to assemble a set of facts from disparate sources to generate a clear picture of an event.

How security conducts employee investigations needs to change. All too often, security investigations are an attempt to get an employee to admit to suspected wrongdoing.

British police have charged two teenagers as part of an international investigation into the Lapsus$ cyber extortion gang. "Both teenagers have been charged with: three counts of unauthorised access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorised access to a computer with intent to hinder access to data. The 16-year-old has also been charged with one count of causing a computer to perform a function to secure unauthorised access to a program," he said.