How a Chinese Nation-State Group Reverse-Engineered NSA Attack Tools

[TechWeb]( Follow Dark Reading: [RSS]( May 08, 2019 Top!Top?elq_mid=90922&elq_cid=22844169 LATEST SECURITY NEWS & COMMENTARY [How a Chinese Nation-State Group Reverse-Engineered NSA Attack Tools]( New Symantec research shows how the Buckeye group captured an exploit and backdoor used by the National Security Agency and deployed them on other victims. [Orgs Are Quicker to Disclose Breaches Reported to Them Via External Sources]( Companies that find a breach on their own take substantially longer to report a breach, a new analysis shows. [The Dark Web is Smaller Than You Think]( The number of live, accessible .onion sites amounts to less than 0.005% of surface web domains, researchers report. [The Big E-Crime Pivot]( Criminals have begun to recognize that enterprise ransomware offers tremendous financial advantage over the more traditional tactics of wire fraud and account takeover. [Better Behavior, Better Biometrics?]( Behavioral biometrics is a building block to be used in conjunction with other security measures, but it shows promise. [US States with the Worst Consumer Cyber-Hygiene]( Ranking based on consumers' cybersecurity practices - or lack thereof. [Baltimore City Network Struck with Ransomware Attack]( Government employees are working to determine the source and severity of a cyberattack that forced most city servers offline. [MORE NEWS & COMMENTARY]( HOT TOPICS [Attackers Used Red-Team, Pen-Testing Tools to Hack Wipro]( Breach of India-based outsourcing giant involved a remote access tool and a post-exploitation tool, according to an analysis by Flashpoint. [The 2019 State of Cloud Security]( Enterprise cloud security is making real progress, but emerging technologies call for security teams to keep up the pace. [Security Doesn't Trust IT - and IT Doesn't Trust Security]( How a rocky relationship between IT operations and cybersecurity teams can compound security risks. [MORE]( EDITORS' CHOICE [7 Types of Experiences Every Security Pro Should Have]( As the saying goes, experience is the best teacher. It'll also make you a better and more well-rounded security pro. [Russian Nation-State Group Employs Custom Backdoor for Microsoft Exchange Server]( Turla hacking team abuses a legitimate feature of the Exchange server in order to hide out and access all of the target organization's messages. Tech Resources - [SANS 2019 Cloud Security Survey]( - [8 'SOC-as-a-Service' Offerings]( - [The State of Mainframe Security]( - [5 Essential Capabilities of an Analytics-Driven SOC]( - [Brochure Ribbon: RoboProtect]( - [STIR/ SHAKEN (Addressing Caller ID Spoofing)]( - [A Guide to Assessing Security Maturity]( [ACCESS TECH LIBRARY NOW]( - [Automating Cybersecurity Functions in Your Enterprise]( Organizations face tremendous challenges when trying to keep pace with the volume of cyber incidents they are seeing today. Information security leaders are looking to the benefits of security orchestration and automation to relieve the strain on their incident response ... - [A Day in the Life of an OT Cybersecurity Expert]( Listen to three OT cybersecurity experts who will share their experience and lessons learned when securing the critical infrastructure. [MORE WEBINARS]( Partner Perspectives [An Industry In Transition: Key Tech Trends In 2018]( [Get Smart About Network Segmentation & Traffic Routing]( Through a combination of intelligent segmentation and traffic routing to tools, you can gain much better visibility into your network. Here's how. [Boosting Security Effectiveness with 'Adjuvants']( How integrating corporate resources like the IT help desk, system administration, quality assurance and HR can breathe new life into your security program. Middle!Middle?elq_mid=90922&elq_cid=22844169 FEATURED REPORTS - [The State of Cyber Security Incident Response]( Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving. - [Managing the Risk of Post-breach or Resident Attacks]( How well-equipped is your organization to stop insider attacks or external attackers once they're inside your network? According to this study, almost two-thirds of respondents lack efficient capabilities to detect and investigate "stealth" attackers before serious damage occurs. [MORE REPORTS]( CURRENT ISSUE [5 Emerging Cyber Threats to Watch for in 2019]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Quad9 Offers Owners of Android-Based Devices DNS Security Protections for Free]( [With Launch of Securepairs.org Top Cybersecurity Experts stand up for Digital Right to Repair]( [NSS Labs Appoints New Chief Executive Officer]( [CrowdStrike Falcon Integrates Firmware Attack Detection Capability]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [InformationWeek]( UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)