Security news aggregator

Latest coverage for Investigation

Investigation covers the forensic analysis of cyber incidents, helping determine how attacks occurred, what was affected, and which evidence supports response.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Investigation is the systematic examination of an event, claim, or suspected activity to establish what happened, when it happened, and who or what was involved. In information security, it commonly covers suspected intrusions, misuse of accounts, data exposure, fraud, and control failures. Investigators reconstruct an event from sources such as authentication records, endpoint artifacts, network telemetry, cloud logs, and disk or memory images, then determine the affected systems, data, and attack path.

Reliable investigations depend on preserving evidence without altering it, recording its provenance, and separating confirmed facts from assumptions. Findings can guide containment and recovery, reveal vulnerabilities that require remediation, and provide threat intelligence about tools or techniques used against an organization. Privacy and legal requirements may restrict what data can be collected or shared, while weak logging, short retention, or uncontrolled access can leave important questions unanswered and undermine any disciplinary, regulatory, or judicial action.

Showing 2 most recent headlines Filtered view
Krebs on Security 2 years, 1 month ago

Treasury Sanctions Creators of 911 S5 Proxy Botnet

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.

Class Action Law Firms Seek Access to Commissioned Deloitte Report Into Mega-BreachThe Federal Court of Australia has rejected a request from telecommunications giant Optus to keep private a detailed digital forensic investigation report conducted by Deloitte into the massive data breach it suffered in 2022, exposing private information pertaining to nearly 10 million customers.