Server Management Software Found Harboring Backdoor | What GoT Teaches about Security

[TechWeb](?elq_mid=79831&elq_cid=22844169&_mc=NL_DR_EDT_DR_weekly_20170817&cid=NL_DR_EDT_DR_weekly_20170817&elqTrackId=7df4d92ad4bb4991bdb5a45cb2068cd7&elq=69a796b7b9dc4ae0b22e435e60f14e03&elqaid=79831&elqat=1&elqCampaignId=27650) Follow Dark Reading: [RSS]( August 17, 2017 Top!Top?elq_mid=79831&elq_cid=22844169 LATEST SECURITY NEWS & COMMENTARY [Server Management Software Discovered Harboring Backdoor]( ShadowPad backdoor found embedded in a software product used by major organizations around the globe to manage their Linux, Windows, and Unix servers. [Amazon Tackles Security of Data in S3 Storage]( Amazon Macie is a new security service built to protect AWS S3 data from accidental leaks and breaches. [Cerber Fights Anti-Ransomware Tools]( Deception technology is the popular ransomware's latest target. [The Day of Reckoning: Cybercrime's Impact on Brand]( Why the security industry needs to invest in architecture that defends against reputational damage as well as other, more traditional threats. [Old Flaws, New Tricks: CVE-2017-0199 and PowerPoint Abuse]( Researchers discover attackers are using a patched Microsoft vulnerability to abuse PowerPoint files and distribute malware. [What CISOs Need to Know about the Psychology behind Security Analysis]( Bandwidth, boredom and cognitive bias are three weak spots that prevent analysts from identifying threats. Here's how to compensate. [Cybersecurity's Ceiling]( Security spending and staffing are rising, but restrained resources are tempering market growth. [20 Tactical Questions SMB Security Teams Should Ask Themselves]( Or why it pays for small- and medium-sized businesses to plan strategically but act tactically. [MORE NEWS & COMMENTARY]( Middle!Middle?elq_mid=79831&elq_cid=22844169 HOT TOPICS [Breaches Are Coming: What Game of Thrones Teaches about Cybersecurity]( Whether you're Lord Commander of the Night's Watch or the CISO of a mainstream business, it's not easy to defend against a constantly evolving threat that is as deadly as an army of White Walkers. [HBO Offers Hackers $250,000 as 'Show Of Good Faith' on $6 Million Ransom Request](250000-as-show-of-good-faith-on-$6-million-ransom-request-/d/d-id/1329625?elq_mid=79831&elq_cid=22844169&_mc=NL_DR_EDT_DR_weekly_20170817&cid=NL_DR_EDT_DR_weekly_20170817&elqTrackId=31549dc5516f4ad590fc2fa8dd55ac6e&elq=69a796b7b9dc4ae0b22e435e60f14e03&elqaid=79831&elqat=1&elqCampaignId=27650) The offer was reportedly designed to stall for time, with no plans to ever pay it. [APT28 Uses EternalBlue to Spy on Hotel Wifi Networks]( Hacker group APT28 is using the EternalBlue hacking tool to spread throughout hotel networks and collect guests' information. [MORE]( EDITORS' CHOICE [9 of the Biggest Bug Bounty Programs]( These programs stand out for the size of their rewards and how much they have paid in total to security researchers in bounties over the last several years. DARK READING NEWS DESK [Behind the Briefings: How Black Hat Sessions Get Chosen]( Daniel Cuthbert and Stefano Zanero explain what the Black Hat review board is looking for in an abstract submission for the Briefings. Tech Resources - [2017 Webroot Threat Report]( - [The DomainTools Report: Spring 2017 Edition]( - [GDPR: What It Means & How SAS Data Mgmt Can Help]( - [[Best Practices] Office 365 Security Monitoring]( - [Network Intelligence at Tomorrow's Scale](s-scale/390263?elq_mid=79831&elq_cid=22844169&_mc=NL_DR_EDT_DR_weekly_20170817&cid=NL_DR_EDT_DR_weekly_20170817&elqTrackId=f7b90a5eec9b4a95922233ec5df95274&elq=69a796b7b9dc4ae0b22e435e60f14e03&elqaid=79831&elqat=1&elqCampaignId=27650) - [Ransomware and the Limits of Conventional Protection]( - [Legacy Decommissioning: Good for the Budget, Good for Compliance](-good-for-compliance-/391103?elq_mid=79831&elq_cid=22844169&_mc=NL_DR_EDT_DR_weekly_20170817&cid=NL_DR_EDT_DR_weekly_20170817&elqTrackId=09583539169841619295c6c23c5b01f3&elq=69a796b7b9dc4ae0b22e435e60f14e03&elqaid=79831&elqat=1&elqCampaignId=27650) [ACCESS TECH LIBRARY NOW]( - [Threat Intelligence Overload?]( A wide range of threat intelligence feeds and services have cropped up keep IT organizations up to date on the latest security threats. But without mechanisms in place to actually use the information, these alerts provide little benefit. - [Using Threat Data to Improve Your Cyber Defense]( Attend this webinar to learn how you can determine which threats pose the greatest danger to your enterprise, and how to analyze threat data and use it to help improve your organization's cyber defense. [MORE WEBINARS]( FEATURED REPORTS - [[Security Breach Report] Overall Impact of & Steps to Prevent Breaches]( Despite the escalation of cybersecurity staffing and technology, enterprises continue to suffer data breaches and compromises at an alarming rate. How do these breaches occur? How are enterprises responding, and what is the impact of these compromises on the business? ... - [How to Invest in Cybersecurity & Prioritize Resources](strategic-security-report]-how-enterprises-are-attacking-the-cybersecurity-challenge/390403?elq_mid=79831&elq_cid=22844169&_mc=NL_DR_EDT_DR_weekly_20170817&cid=NL_DR_EDT_DR_weekly_20170817&elqTrackId=3ab30aae6b424199a494cd29d6377200&elq=69a796b7b9dc4ae0b22e435e60f14e03&elqaid=79831&elqat=1&elqCampaignId=27650) In 2016, enterprises encountered a range of new exploits and threats -- including ransomware and state-sponsored attacks -- and developed new plans of defense. How will these organizations be investing their cybersecurity budgets and staffing in the next 12 months? What tools ... [MORE REPORTS]( CURRENT ISSUE [Security Vulnerabilities: The Next Wave]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Exploit Leaks Led to Over Five Million Attacks in Q2 2017]( [Hackers: Privileged Accounts Provide Fastest Access to Sensitive, Critical Data]( [IBM Offers Women Scholarships to Hacker Halted Security Conference]( [Dash Employs Bugcrowd to 'Hack' Its Blockchain]( [Alert Logic Releases 2017 Cloud Security Report]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [InformationWeek](?elq_mid=79831&elq_cid=22844169&_mc=NL_DR_EDT_DR_weekly_20170817&cid=NL_DR_EDT_DR_weekly_20170817&elqTrackId=64086362e2d945779c754c0d5df691b5&elq=69a796b7b9dc4ae0b22e435e60f14e03&elqaid=79831&elqat=1&elqCampaignId=27650) UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [cick here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2017]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)