How a Manufacturing Firm Recovered from a Devastating Ransomware Attack

[TechWeb]( Follow Dark Reading: [RSS]( May 21, 2019 Top!Top?elq_mid=91150&elq_cid=22844169 LATEST SECURITY NEWS & COMMENTARY [How a Manufacturing Firm Recovered from a Devastating Ransomware Attack]( The infamous Ryuk ransomware slammed a small company that makes heavy-duty vehicle alternators for government and emergency fleet. Here's what happened. [Data Security: Think Beyond the Endpoint]( A strong data protection strategy is essential as data moves across endpoints and in the cloud. [97% of Americans Can't Ace a Basic Security Test]( Still, a new Google study uncovers a bit of good news, too. [New Trickbot Variant Uses URL Redirection to Spread]( Switch in tactic is the latest attempt by operators of the prolific banking Trojan to slip past detection mechanisms. [Killer SecOps Skills: Soft Is the New Hard]( The sooner we give mindsets and tool sets equal bearing, the better. We must put SOC team members through rigorous training for emergency situations. [Financial Sector Under Siege]( The old take-the-money-and-run approach has been replaced by siege tactics such as DDOS attacks and land-and-expand campaigns with multiple points of persistence and increased dwell time. [DHS Warns of Data Theft via Chinese-Made Drones]( The drones are reportedly built with parts that can compromise organizations' data and share it on a server accessible to the Chinese government. [MORE NEWS & COMMENTARY]( HOT TOPICS [Attackers Are Messing with Encryption Traffic to Evade Detection]( Unknown groups have started tampering with Web traffic encryption, causing the number of fingerprints for connections using Transport Layer Security to jump from 19,000 to 1.4 billion in less than a year. [Effective Pen Tests Follow These 7 Steps]( Third-party pen tests are part of every comprehensive security plan. Here's how to get the most from this mandatory investment. [Microsoft Patches Wormable Vuln in Windows 7, 2003, XP, Server 2008]( Microsoft releases security updates for some out-of-support systems to fix a bug that could be weaponized as a worm if exploited. [MORE]( EDITORS' CHOICE [7 Signs of the Rising Threat of Magecart Attacks in 2019]( Magecart attacks continue to grow in momentum. Here are the stats and stories that show what's behind the mayhem. [Black Hat Q&A: Bruce Schneier Calls For Public-Interest Technologists]( Ahead of his 2019 Black Hat USA talk, cybersecurity luminary Bruce Schneier explains why it's so important for tech experts to be actively involved in setting public policy. Tech Resources - [[Checklist] Vendor Risk Management Fundamentals]( - [Building and Managing an IT Security Operations Program]( - [6 Keys to Faster Phishing Mitigation]( - [The Total Economic Impact(tm) Of The CB Predictive Security Cloud]( - [A Guide to Assessing Security Maturity]( - [Definitive Guide to Securing DevOps]( - [Why Cloud-based DCIM is not Just for Data Centers]( [ACCESS TECH LIBRARY NOW]( - [Automating Cybersecurity Functions in Your Enterprise]( Organizations face tremendous challenges when trying to keep pace with the volume of cyber incidents they are seeing today. Information security leaders are looking to the benefits of security orchestration and automation to relieve the strain on their incident response ... - [Becoming a Threat Hunter in your Enterprise]( Hear as a top expert discusses the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization. [MORE WEBINARS]( FEATURED REPORTS - [How Enterprises Are Developing Secure Applications]( IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening. - [Managing the Risk of Post-breach or Resident Attacks]( How well-equipped is your organization to stop insider attacks or external attackers once they're inside your network? According to this study, almost two-thirds of respondents lack efficient capabilities to detect and investigate "stealth" attackers before serious damage occurs. [MORE REPORTS]( Middle!Middle?elq_mid=91150&elq_cid=22844169 CURRENT ISSUE [Building and Managing an IT Security Operations Program]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [xMatters open-sources its Chaos Engineering tool]( [Sectigo Sponsors Let's Encrypt to Enable Certificate Transparency Log Operation]( [LogRhythm Releases Cloud-Based NextGen Security Information and Event Management (SIEM) Platform]( [Rackspace and Telos Team Up to Accelerate FedRAMP Journey]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [InformationWeek]( UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)