NEWS ANALYSIS --  More than 17 years after Bill Gates’s famous declaration that the spam problem was close to being solved for good, the corporate inbox continues to be a lucrative target for malicious hackers.  Now, a wave of well-funded email security startups are emerging to take another stab at securing the entry point for almost all major cybe

Silicon Valley-based venture capital giant Sequoia Capital said the recently disclosed data breach was apparently the result of a business email compromise (BEC) attack attempt.The company informed investors last week that their personal and financial information may have been accessed after an employee fell victim to an email phishing attack.In a data breac

Twitter this week announced that it has suspended multiple accounts that were found to be part of four networks involved in disinformation activities associated with Armenia, Iran, and Russia.The threat actors behind these accounts are believed to be state-sponsored, and Twitter permanently suspended all four networks, for violating its manipulation policies

Leading technology companies said Tuesday that a months-long breach of corporate and government networks was so sophisticated, focused and labor-intensive that a nation had to be behind it, with all the evidence pointing to Russia.In the first congressional hearing on the breach, representatives of technology companies involved in the response described a ha

Transport for NSW, which is the main transport and roads agency in New South Wales, Australia, and NSW Health, the state’s ministry of health, are the latest confirmed victims of a cyber-attack targeting Accellion’s FTA file transfer service.Transport for NSW says that some information was stolen before the attack on Accellion servers was interrupted and tha

A South Carolina county continues to rebuild its computer network after what it called a sophisticated hacking attempt.Hackers sent an email Jan. 22 that allowed them to take over Georgetown County’s computers. They demanded a ransom to return the system to the county’s control, spokeswoman Jackie Broach said.The county did not pay the ransom and has been wo

Carmakers Kia and Hyundai, both owned by the South Korea-based Hyundai Motor Group, said they had found no evidence that the outages they suffered in the past week in the United States were the result of a ransomware attack.Kia Motors America was the first to notify customers via its website that it had been experiencing an IT service outage impacting some o

Microsoft said on Thursday that it has completed its internal investigation into the activities conducted by the hackers that breached Texas-based IT management firm SolarWinds.The tech giant previously admitted that the hackers had managed to access some internal source code, but said they did not compromise or modify its software.The company on Thursday co

 Security Operations Centers (SOCs) Are Now Becoming Detection and Response OrganizationsMore organizations are producing and consuming cyber threat intelligence than ever before, and those measuring the effectiveness of their CTI programs is higher than ever – jumping from 4% in 2020 to 38% in 2021, according to the SANS 2021 Cyber Threat Intellig

French President Emmanuel Macron on Thursday unveiled a plan to better arm public facilities and private companies against cybercriminals following ransomware attacks at two hospitals this month and an upsurge of similar cyber assaults in France.The attacks at the hospitals in Dax and Villefranche-sur-Saone prompted the transfer of some patients to other fac

In the endless quest to research additional Windows system forensic artifacts to use during an Incident Response investigation, I stumbled across something I thought was cool. This definitely wasn’t a new artifact, it was just a specific native Windows XML file that I wasn’t aware of. I noticed this file was not commonly used from a forensic capability

U.S. authorities are still working to unravel the full scope of the likely Russian hack that gave the “sophisticated” actor behind the breach complete access to files and email from at least nine government agencies and about 100 private companies, the top White House cybersecurity official said Wednesday.Anne Neuberger, the newly appointed deputy national s

Three North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyberattacks and Financial Crimes Across the GlobeThe U.S. Justice Department on Wednesday announced the indictment of three North Korean military intelligence officials linked to high-profile cyber-attacks that included the theft of $1.3 billion in money and crypto-currency from o

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack.Centreon, which lists blue-chip French firms from Airbus to Total among its users, was named in a report by the French national cybersecurity agency ANSSI late Monday.The agency said Centreon software had been hacked

The MITRE adversarial tactics, techniques and common knowledge (ATT&CK) framework brings pooled knowledge from across the cyber defense community, including revealing what threat actors are up to and how best you can defend against them. Let’s take a look at what MITRE offers and how this framework goes hand-in-hand with developing a security