Ransomware Operator Promotes Distributed Storage for Stolen Data

[TechWeb]( Follow Dark Reading: [RSS]( November 18, 2020 LATEST SECURITY NEWS & COMMENTARY [Ransomware Operator Promotes Distributed Storage for Stolen Data]( The criminals behind the DarkSide ransomware-as-a-service operation say the system will be harder to take down. [Researchers Scan for Supply-Side Threats in Open Source]( A recent project to scan the main Python repository's 268,000 packages found only a few potentially malicious programs, but work earlier this year uncovered hundreds of instances of malware. [Nearly Two Dozen AWS APIs Are Vulnerable to Abuse]( Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says. [To Pay or Not to Pay: Responding to Ransomware From a Lawyer's Perspective]( The threat of data extortion adds new layers of risk when determining how to respond to a ransomware attack. [Vulnerability Prioritization Tops Security Pros' Challenges]( Why vulnerability prioritization has become a top challenge for security professionals and how security and development teams can get it right. [EFF, Security Experts Condemn Politicization of Election Security]( Open letter, signed by high-profile security professionals and organizations, urges White House to "reverse course and support election security." [Security Risks Discovered in Tesla Backup Gateway]( Cybersecurity researchers report on the security and privacy risks of leaving a Tesla Backup Gateway exposed to the Internet. [IT Salary Survey]( Want to compare your salary with your IT peers? Take a survey from our sister brand InformationWeek, which has been collecting data on U.S. IT salaries for more than 20 years. [MORE NEWS & COMMENTARY]( HOT TOPICS [How Hackers Blend Attack Methods to Bypass MFA]( Protecting mobile apps requires a multilayered approach with a mix of cybersecurity measures to counter various attacks at different layers. [Breakdown of a Break-in: A Manufacturer's Ransomware Response]( The analysis of an industrial ransomware attack reveals common tactics and proactive steps that businesses can take to avoid similar incidents. [Apple Issues Security Updates]( Vulnerabilities found in three most recent versions of macOS. [MORE]( EDITORS' CHOICE [7 Cool Cyberattack and Audit Tools to be Highlighted at Black Hat Europe]( Platforms, open source tools, and other toolkits for penetration testers and other security practitioners will be showcased at the early December virtual event. [A Call for Change in Physical Security]( We're at an inflection point. The threats we face are dynamic, emerging, and global. Are you ready? LATEST FROM THE EDGE [An Inside Look at an Account Takeover]( AI threat find: Phishing attack slips through email gateway and leads to large-scale compromise. Tech Resources - [The State of Global Phishing]( - [2020 Global Security Report]( - [How to Manage Third-Party Digital Risk]( - [Managing OTT Content Distribution in the Connect World]( - [Frictionless Security for Agile Game Development]( - [World Wide Technology: Digital Transformation Customer Journey]( - [Improve your Business with a Virtual CISO]( [ACCESS TECH LIBRARY NOW]( - [Automating Security Functions in Your Enterprise]( A shortage of skilled IT security professionals has given rise to a whole new class of technology and practices designed to automate repetitive and time-consuming tasks in security operations. But which tasks can enterprises safely automate? In this webinar, top ... - [Effective Cyber Risk Assessment and Measurement]( Learn about the costs associated with today's threats and data breaches, how to measure current threats, and how to quantify the risks to your organization, so that you can implement the tools and processes to prioritize costs and defense strategies ... [MORE WEBINARS]( FEATURED REPORTS - [SANS Report: Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework]( - [IDC MarketScape: Worldwide Managed Security Services 2020 Vendor Assessment]( [MORE REPORTS]( CURRENT ISSUE [2021 Top Enterprise IT Trends]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Aware Acquires AFIX Biometric Products From Maxar Technologies]( [Farsight Security Integrates with Palo Alto Networks Cortex XSOAR to Provide Automated, DNS Intelligence For Cyber Investigations]( [Concentric Resolves Unaddressed Data Security Threats with AI-based Data Access Governance Solution]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2020]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)