Security News

Security leaders need more data and context to conduct cloud investigations
2021-11-18 04:30

Based on a survey of 150 security professionals, the research examined the challenges and current maturity level of digital forensics and incident response of cyber-attacks on cloud environments. It found that organizations are approximately 4x more likely to say both their cloud DFIR capabilities are less mature and cloud investigations are harder to conduct relative to traditional environments.

Increasing number of investigations calls for advanced technology and dedicated teams
2021-09-03 05:00

Compliance Week conducted a survey which shows the importance of both advanced technology and dedicated teams that can quickly deliver data insights to reduce time and cost and result in better outcomes. "Vast increases in information, changing data privacy and compliance requirements, and growing cybersecurity risks are all contributing to the need for a faster approach to managing and conducting investigations that results in better outcomes."

T-Mobile data breach: New information uncovered by the investigation
2021-08-18 07:55

In the wake of the recent claims that T-Mobile U.S. has suffered a massive data breach and the consequent industry reactions, the company has shared additional information its internal investigation has uncovered. "Yesterday, we were able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals. We also began coordination with law enforcement as our forensic investigation continued," T-Mobile explained.

Chinese threat actors have been compromising telecom networks for years, investigation finds
2021-08-10 22:00

Published by Cybereason, the report said that it found evidence of three different clusters of attacks going back to at least 2017, all perpetrated by groups or individuals connected in some way to advanced persistent threat groups Soft Cell, Naikon and Group-3390, which have each operated for the Chinese government in the past. Cybereason said it believes the goal of the attacks was to established continuous access to telecom provider records "And to facilitate cyber espionage by collecting sensitive information, compromising high-profile business assets such as the billing servers that contain Call Detail Record data, as well as key network components such as the Domain Controllers, Web Servers and Microsoft Exchange servers."

Casepoint CaseAssist helps organizations expedite review and investigations
2021-06-18 00:30

The predictions generated by Casepoint's CaseAssist technology in eDiscovery, investigations, and other document-intensive review projects eliminate the need for users to review documents that are nearly certain to be non-relevant, saving thousands of dollars in review time. Through CaseAssist Active Learning, users can choose to train a single or multiple models with no sample set requirement and CaseAssist will ensure relevant documents are prioritized for review.

IntSights enhances its platform to expand investigation capabilities and threat library
2021-05-28 01:00

Delivered through an elegant single pane of glass and deployed in a matter of hours, IntSights' External Threat Protection Suite provides enterprise-grade external threat intelligence and IOC management capabilities enabling security teams to defend against a rapidly evolving threat landscape while significantly reducing their workload. Centralizing the collection, management, and integration of dozens of threat intelligence sources in the same platform, security teams can streamline investigation and proactively block threats with IntSights' built-in TIP capabilities. "The enhancements we continue to make to the IntSights ETP allow these teams to significantly streamline threat investigations and proactively block threats from within their connected security devices. Our mission is to empower every organization with threat intelligence, and you just can't utilize TI successfully without built-in TIP capabilities."

Cyber investigations, threat hunting and research: More art than science
2021-05-17 05:00

While it's true that threat hunting, incident response, and threat research all have their foundations in science, throughout my entire career I have found it is also fundamentally true that the most successful threat hunters, incident responders, and threat researchers are far more artist than scientist. When you write reports about your threat research that will be released publicly, do not simply annotate the threat you documented.

Query.AI Launches With Security Investigations Platform, $4.6 Million Seed Funding
2021-05-13 13:17

AI officially launched on Thursday with a security investigations platform and $4.6 million in seed funding. AI says it will be used to accelerate adoption of its product.

Facebook data leak now under EU data regulator investigation
2021-04-06 14:22

Ireland's Data Protection Commission is investigating a massive data leak concerning a database containing personal information belonging to more than 530 million Facebook users. "Previous datasets were published in 2019 and 2018 relating to a large-scale scraping of the Facebook website which at the time Facebook advised occurred between June 2017 and April 2018 when Facebook closed off a vulnerability in its phone lookup functionality," the DPC said.

CSAE: Guiding principles and best practices for data scientific investigations of organized crime
2021-03-23 11:28

CSAE framework: Smart data science technologies supporting criminal investigations. A frequently proposed solution is the introduction of 'smart' data science technologies to support criminal investigations.