Anti-NATO disinformation effort uses coronavirus to poke political tensions

A propaganda campaign is using the coronavirus pandemic to inflame anxieties about NATO troops throughout Eastern Europe, security researchers have determined. The group, dubbed Ghostwriter, has been focused on amplifying anti-Western narratives in Poland, Latvia and Lithuania since 2017. Operatives have planted fabricated diplomatic documents, tried spreading the false narrative that Canadian soldiers had been spreading COVID-19 through Latvia and leveraged news sites to spread articles that appear to be legitimate, according to a report the security firm FireEye published Tuesday. While researchers have not attributed the effort to the Russian government, the findings are the latest addition to a growing consensus that pro-Kremlin entities are seizing on COVID-19 to inflame existing political divisions. Russia’s military intelligence agency, the GRU, is using three websites to try to spread disinformation about the U.S. response to the virus, U.S. officials told the Associated Press. “We believe the assets and operations…are for the […]

The post Anti-NATO disinformation effort uses coronavirus to poke political tensions appeared first on CyberScoop.

Continue reading Anti-NATO disinformation effort uses coronavirus to poke political tensions

How do I select a network detection and response solution for my business?

Network detection and response (NDR) solutions enable organizations to improve their threat response, they help protect against a variety of threats, and also provide visibility into what is actually on the network. To select an appropriate network det… Continue reading How do I select a network detection and response solution for my business?

Here’s what that Capital One court decision means for corporate cybersecurity

When a judge ruled last month that Capital One must provide outsiders with a third-party incident response report detailing the circumstances around the bank’s massive data breach, the cybersecurity world took notice. The surprise decision, in effect, determined that Capital One would need to provide the forensic details — warts and all — about the hack to attorneys representing a group of customers suing the bank. It’s the kind of report that, if made public, could highlight technical and procedural failures that made it possible for a single suspect to allegedly collect gigabytes of data about 100 million people from a bank with $28 billion in revenue. Typically, hacked organizations are able to keep incident response reports private and avoid costly suits by shielding the details under attorney-client privilege. Not under this decision. U.S. Magistrate Judge John Anderson of the Eastern District of Virginia ruled that Capital One must provide a […]

The post Here’s what that Capital One court decision means for corporate cybersecurity appeared first on CyberScoop.

Continue reading Here’s what that Capital One court decision means for corporate cybersecurity

Druva and FireEye enable customers to instantly monitor, analyze, detect and respond to insider threats

Druva announced the launch of an API integration with FireEye extending visibility and control over endpoint backup data to monitor, analyze, detect and respond to data breaches from ransomware, data theft, and insider attacks. Joint customers of Druva… Continue reading Druva and FireEye enable customers to instantly monitor, analyze, detect and respond to insider threats

By Light and FireEye incorporate threat intelligence into cyberspace attacks

By Light Professional IT Services and the intelligence-led security company, FireEye announced the integration of Mandiant Threat Intelligence within By Light’s Cyberoperations Enhanced Network and Training Simulators (CENTS). The merged capabilities p… Continue reading By Light and FireEye incorporate threat intelligence into cyberspace attacks

FireEye enables orgs to respond to security incidents faster with flexible and customizable modules

FireEye, the intelligence-led security company, introduced a new Innovation Architecture behind FireEye Endpoint Security, including the availability of several new modules for protection, investigation and response. Through this approach, FireEye is e… Continue reading FireEye enables orgs to respond to security incidents faster with flexible and customizable modules

What one cybersecurity company has learned from responding to Maze ransomware

When hackers lock the computer systems of a big company with ransomware, the gears of corporate damage control kick into action. Lawyers are mobilized, spokespeople are tight-lipped, and negotiation experts are sometimes brought in to talk to the hackers. Those triage teams strictly limit the information on the incident available to the public. But forensic experts hired to salvage a company’s computers sometimes reveal the important data they collect on ransomware gangs. Case in point: A new report from cybersecurity company FireEye helps demystify Russian-speaking hackers behind a spate of recent ransomware attacks in hopes of making them easier to disrupt. Maze ransomware has wreaked havoc across North America and Europe in the last year, leading to warnings from the FBI and the Department of Homeland Security. They have hit over a dozen sectors, from construction to financial services to transportation. But some of the hackers’ most effective tactics are less novel than […]

The post What one cybersecurity company has learned from responding to Maze ransomware appeared first on CyberScoop.

Continue reading What one cybersecurity company has learned from responding to Maze ransomware

Most attacks successfully infiltrate production environments without detection

While organizations continue to invest significant budget dollars in security controls and assume that this means assets are fully protected, the reality is that a majority of attacks successfully infiltrate production environments without their knowle… Continue reading Most attacks successfully infiltrate production environments without detection