The Default SAP Configuration that Every Enterprise Needs to Fix

[TechWeb](?elq_mid=84491&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20180426&cid=NL_DR_EDT_DR_daily_20180426&elqTrackId=6866ec38e7c541d4afe68c6bce2e86e5&elq=b1eda7d194034988b43f182a725d0bc4&elqaid=84491&elqat=1&elqCampaignId=30528) Follow Dark Reading: [RSS]( April 26, 2018 Top!Top?elq_mid=84491&elq_cid=22844169 LATEST SECURITY NEWS & COMMENTARY [The Default SAP Configuration That Every Enterprise Needs to Fix]( Nine out of ten organizations are vulnerable to a 13-year-old flaw that puts their most critical business systems at risk of complete criminal takeover. [Diversity: It's About Inclusion]( Unrealistic entry-level job requirements, black-hoodie hacker image problems are among the 'uncomfortable conversations' needed to remedy cybersecurity's diversity gap. ['Webstresser' DDoS Attack Site Shut Down in International Operation]( Investigators arrested the admins of Webstresser, the world's largest DDoS marketplace reportedly responsible for more than four million attacks. [Google Adds Security Features to Gmail Face-lift]( A redesigned Gmail brings new security measures to improve data protection and applications for artificial intelligence. [Low-Cost Crimeware Kit Gaining Popularity in Underground Markets]( At $150 for a three-month subscription, Rubella Malware Builder presents a threat to enterprises, Flashpoint says. [Yahoo to Pay SEC Fine of $35 Million](35-million/d/d-id/1331648?elq_mid=84491&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20180426&cid=NL_DR_EDT_DR_daily_20180426&elqTrackId=d7f8d3b1281c418ebbb344351bbf6b82&elq=b1eda7d194034988b43f182a725d0bc4&elqaid=84491&elqat=1&elqCampaignId=30528) While Yahoo senior management and legal team knew of the breach, the company failed to conduct due diligence for disclosing it to investors, the agency rules. [Free New Tool for Building Blockchain Skills]( Blockchain CTF helps pros build skills with simulations. [MORE NEWS & COMMENTARY]( HOT TOPICS [8 Ways Hackers Monetize Stolen Data]( Hackers are craftier than ever, pilfering PII piecemeal so bad actors can combine data to set up schemes to defraud medical practices, steal military secrets and hijack R&D product information. [Threat Actors Turn to Blockchain Infrastructure to Host & Hide Malicious Activity]( .bit domains are increasingly being used to hide payloads, stolen data, and command and control servers, FireEye says. [It's Time to Take GitHub Threats Seriously]( There's a good chance your company has projects on the source code management system, but the casual way many developers use GitHub creates security issues. [MORE]( EDITORS' CHOICE [Cybersecurity Buzz Phrase Bingo]( The RSA Conference expo was chock full of vendors showing off their wares with language as colorful as the blinky lights on a SOC dashboard. [Despite Risks, Nearly Half of IT Execs Don't Rethink Cybersecurity after an Attack]( A recent survey reveals a troubling degree of security inertia lurking among scores of organizations. But there are a few bright spots. Tech Resources - [GDPR Without the Hype]( - [ISA Delivers Major, Ongoing ROI](-ongoing-roi/396033?elq_mid=84491&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20180426&cid=NL_DR_EDT_DR_daily_20180426&elqTrackId=0fc36ddc5ee04b19b0d6a8b77e99d1f1&elq=b1eda7d194034988b43f182a725d0bc4&elqaid=84491&elqat=1&elqCampaignId=30528) - [Cybersecurity Outlook for 2018]( - [Forrester's Best Practices for Mitigating Insider Threats](E2%80%99s-best-practices-for-mitigating-insider-threats-/396423?elq_mid=84491&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20180426&cid=NL_DR_EDT_DR_daily_20180426&elqTrackId=ee57ca03bd6c46899e943b054625dac0&elq=b1eda7d194034988b43f182a725d0bc4&elqaid=84491&elqat=1&elqCampaignId=30528) - [4 Reasons DLPs Aren't Cutting It](E2%80%99t-cutting-it-/396413?elq_mid=84491&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20180426&cid=NL_DR_EDT_DR_daily_20180426&elqTrackId=4f893c775e6d42ddaaa01701f3cba5ae&elq=b1eda7d194034988b43f182a725d0bc4&elqaid=84491&elqat=1&elqCampaignId=30528) - [Endpoint Security Checklist for Small & Medium Business]( - [How Prepared Are CISOs for Cyber Security Breaches?]( [ACCESS TECH LIBRARY NOW]( - [IT Security Strategy: What to Keep in House vs. What to Outsource]( Find out what to do when IT security needs grow & available skilled staff shrinks. - [The Impact of a Data Breach]( Hear as a top expert discusses the many - and sometimes hidden - costs of a data breach, including its impact on customers and end users. [MORE WEBINARS]( Partner Perspectives [Cloud Misconceptions Are Pervasive Across Enterprises]( Shadow IT is rampant at many organizations that rely upon cloud-delivered tools and services to enable remote work, according to a new study. Here's what security teams need to do about it. [IDS & IPS: Two Essential Security Measures]( To protect business networks, one line of security isn't enough. [Researchers Discover Second rTorrent Vulnerability Campaign]( This time attackers appears to have spoofed the Recording Industry Association of America (RIAA) and New York University (NYU) user-agents. Middle!Middle?elq_mid=84491&elq_cid=22844169 FEATURED REPORTS - [The State of Cybersecurity: Defeating Cybercrime with Better Security Strategies]( - [2017 State of IT Report]( In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking ... [MORE REPORTS]( CURRENT ISSUE [How to Cope with the IT Security Skills Shortage]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Splunk Customers Accelerate Business Value through Artificial Intelligence]( [Protecting Confidential Information Remains No. 1 Problem for End Users: Wombat Security]( [SAP Security Tool Now Enables Automated QA & Security Checks for SAPUI5]( [CompTIA Offers Free Cybersecurity Mini Boot Camps at Upcoming AFCEA Defensive Cyber Operations Symposium]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [InformationWeek](?elq_mid=84491&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20180426&cid=NL_DR_EDT_DR_daily_20180426&elqTrackId=51dac46452a443f09773634aa8111058&elq=b1eda7d194034988b43f182a725d0bc4&elqaid=84491&elqat=1&elqCampaignId=30528) UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [cick here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2018]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)