Latest coverage for Investigation
Investigation covers the forensic analysis of cyber incidents, helping determine how attacks occurred, what was affected, and which evidence supports response.
Refine the feed
Search across headline titles and summaries.
Tag briefing
Background for this topic.
Investigation is the systematic examination of an event, claim, or suspected activity to establish what happened, when it happened, and who or what was involved. In information security, it commonly covers suspected intrusions, misuse of accounts, data exposure, fraud, and control failures. Investigators reconstruct an event from sources such as authentication records, endpoint artifacts, network telemetry, cloud logs, and disk or memory images, then determine the affected systems, data, and attack path.
Reliable investigations depend on preserving evidence without altering it, recording its provenance, and separating confirmed facts from assumptions. Findings can guide containment and recovery, reveal vulnerabilities that require remediation, and provide threat intelligence about tools or techniques used against an organization. Privacy and legal requirements may restrict what data can be collected or shared, while weak logging, short retention, or uncontrolled access can leave important questions unanswered and undermine any disciplinary, regulatory, or judicial action.
Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches
The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups
FBI warns of patched Barracuda ESG appliances still being hacked
The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks. [...]
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million
Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset
ESET's investigation also revealed that certain Spacecolon versions contain Turkish strings
Tesla Data Breach Investigation Reveals Inside Job
The carmaker also reported it's taken legal action against the former employees involved in the data breach, which involved more than 75,000 names.