Security News

British police have charged two teenagers as part of an international investigation into the Lapsus$ cyber extortion gang. "Both teenagers have been charged with: three counts of unauthorised access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorised access to a computer with intent to hinder access to data. The 16-year-old has also been charged with one count of causing a computer to perform a function to secure unauthorised access to a program," he said.

Reports that ByteDance-owned social media platform TikTok is harmful to children are under investigation by a number of US attorneys general. "Our children are growing up in the age of social media - and many feel like they need to measure up to the filtered versions of reality that they see on their screens," said California attorney general Rob Bonta.

Based on a survey of 150 security professionals, the research examined the challenges and current maturity level of digital forensics and incident response of cyber-attacks on cloud environments. It found that organizations are approximately 4x more likely to say both their cloud DFIR capabilities are less mature and cloud investigations are harder to conduct relative to traditional environments.

Compliance Week conducted a survey which shows the importance of both advanced technology and dedicated teams that can quickly deliver data insights to reduce time and cost and result in better outcomes. "Vast increases in information, changing data privacy and compliance requirements, and growing cybersecurity risks are all contributing to the need for a faster approach to managing and conducting investigations that results in better outcomes."

In the wake of the recent claims that T-Mobile U.S. has suffered a massive data breach and the consequent industry reactions, the company has shared additional information its internal investigation has uncovered. "Yesterday, we were able to verify that a subset of T-Mobile data had been accessed by unauthorized individuals. We also began coordination with law enforcement as our forensic investigation continued," T-Mobile explained.

Published by Cybereason, the report said that it found evidence of three different clusters of attacks going back to at least 2017, all perpetrated by groups or individuals connected in some way to advanced persistent threat groups Soft Cell, Naikon and Group-3390, which have each operated for the Chinese government in the past. Cybereason said it believes the goal of the attacks was to established continuous access to telecom provider records "And to facilitate cyber espionage by collecting sensitive information, compromising high-profile business assets such as the billing servers that contain Call Detail Record data, as well as key network components such as the Domain Controllers, Web Servers and Microsoft Exchange servers."

The predictions generated by Casepoint's CaseAssist technology in eDiscovery, investigations, and other document-intensive review projects eliminate the need for users to review documents that are nearly certain to be non-relevant, saving thousands of dollars in review time. Through CaseAssist Active Learning, users can choose to train a single or multiple models with no sample set requirement and CaseAssist will ensure relevant documents are prioritized for review.

Delivered through an elegant single pane of glass and deployed in a matter of hours, IntSights' External Threat Protection Suite provides enterprise-grade external threat intelligence and IOC management capabilities enabling security teams to defend against a rapidly evolving threat landscape while significantly reducing their workload. Centralizing the collection, management, and integration of dozens of threat intelligence sources in the same platform, security teams can streamline investigation and proactively block threats with IntSights' built-in TIP capabilities. "The enhancements we continue to make to the IntSights ETP allow these teams to significantly streamline threat investigations and proactively block threats from within their connected security devices. Our mission is to empower every organization with threat intelligence, and you just can't utilize TI successfully without built-in TIP capabilities."

While it's true that threat hunting, incident response, and threat research all have their foundations in science, throughout my entire career I have found it is also fundamentally true that the most successful threat hunters, incident responders, and threat researchers are far more artist than scientist. When you write reports about your threat research that will be released publicly, do not simply annotate the threat you documented.

AI officially launched on Thursday with a security investigations platform and $4.6 million in seed funding. AI says it will be used to accelerate adoption of its product.