Security News

Brewing company Molson Coors acknowledged on Thursday that it has "Experienced a systems outage that was caused by a cybersecurity incident," according to a Form 8-K filed with the SEC. The company did not say which type of attack has caused widespread issues across its entire business - including its brewery operations, production and shipments - but given recent major attacks on other mainstream companies, security experts are speculating that it could have been a ransomware attack. "High-profile attacks are becoming all too common, as attackers have realized they are immensely more profitable when they target large organizations and disrupt their critical business operations - in this case, the brewing operations of the world's biggest, well-known beer brands," observed Edgard Capdevielle, CEO at Nozomi Networks, in an email to Threatpost.

The Woodland Trust, a peaceful British charity that looks after trees, was struck by a "Cyber attack" before Christmas. Members of the trust, which says it has planted 43 million trees since its foundation in 1972, were informed last night of what was inevitably described as a "Sophisticated, high level cyber-incident."

Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company's Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on customer infrastructure.

Cybersecurity companies and U.S. intelligence agencies are investigating the possible role played by a product from JetBrains in the recently discovered SolarWinds hack, according to reports. The New York Times and Reuters reported on Wednesday that cybersecurity experts and government agencies are trying to determine whether the hackers that targeted SolarWinds may have abused software created by JetBrains to achieve their goal.

Exterro announced it has acquired AccessData, a provider of digital forensic investigation technology. By combining forces with AccessData, Exterro can now provide companies, government agencies, law enforcement, law firms and legal service providers with the only solution available to address all Legal GRC and digital investigation needs in one integrated platform.

Uptycs announced a robust update that enhances detection and investigation for on-premises and cloud workloads. The new capabilities enable the continuous capture of rich host data for Linux, Windows, macOS, and containers, as well as cloud provider data for AWS -to ensure the broadest detection coverage possible.

Siren announced the release of Siren 11.0. The latest version of Siren is a major step forward in enabling investigative teams to quickly conduct advanced Signal Intelligence, Cyber Intelligence, and Open Source Intelligence investigations.

Michael Breslin, Strategic Client Relations director for Federal Law Enforcement at LexisNexis Risk Solutions, has been selected by the U.S. Secret Service from a small group of private sector executives, government officials and academic experts to advise the agency's investigations team on how it can better use technology to get ahead of criminals. The newly formed 16-member Cyber Investigations Advisory Board will provide the Secret Service's Office of Investigations with outside strategic input for the agency's investigative mission, including insights on the latest trends in cybercrime, financial crime, technology, and investigative techniques.

An internal investigation typically follows five key phases: a trigger event; a legal hold and custodian interviews; requests for data and data collection; processing, review and analysis of files; and the recommendation of next steps. While complaints to HR alleging discrimination or harassment based on race or gender are among the most common triggers of an internal investigation, other triggers include leaked or stolen intellectual property, whistle-blower complaints alleging fraud or compliance violations, the loss or theft of physical assets, or leaked or stolen data containing sensitive or personally identifiable information.

More than a dozen U.S. officials have sent a letter to California-based networking and cybersecurity solutions provider Juniper Networks to ask the company about the results of the investigation launched in 2015 following the discovery of a backdoor in its products. Dual EC DRBG was known to contain a backdoor introduced by the NSA, which led some to speculate that the NSA may have planted the unauthorized code in Juniper products, while others said it could have been the work of a foreign government.