Colonial Pipeline Cyberattack | New Techniques Emerge for Abusing Windows Services

[TechWeb]( Follow Dark Reading: [RSS]( May 13, 2021 LATEST SECURITY NEWS & COMMENTARY [Colonial Pipeline Cyberattack: What Security Pros Need to Know]( As the massive US pipeline operator works to restore operations after a DarkSide ransomware attack late last week, experts say it's a cautionary tale for critical infrastructure providers. [Putting the Spotlight on DarkSide]( Incident responders share insight on the DarkSide ransomware group connected to the recent Colonial Pipeline ransomware attack. [New Techniques Emerge for Abusing Windows Services to Gain System Control]( Organizations should apply principles of least privilege to mitigate threats, security researcher says. [A Startup With NSA Roots Wants Silently Disarming Cyberattacks on the Wire to Become the Norm]( Trinity Cyber takes a new spin on some traditional network-security techniques, but can its approach catch on widely? [How North Korean APT Kimsuky Is Evolving Its Tactics]( Researchers find differences in Kimsuky's operations that lead them to divide the APT into two groups: CloudDragon and KimDragon. [Critical Infrastructure Under Attack]( Several recent cyber incidents targeting critical infrastructure prove that no open society is immune to attacks by cybercriminals. The recent shutdown of key US energy pipeline marks just the tip of the iceberg. [Defending Against Web Scraping Attacks]( Web scraping attacks, like Facebook's recent data leak, can easily lead to more significant breaches. [FBI, NSA, CISA & NCSC Issue Joint Advisory on Russian SVR Activity]( The report provides additional details on tactics of Russia's Foreign Intelligence Service following public attribution of the group to last year's SolarWinds attack. [Tulsa Deals With Aftermath of Ransomware Attack]( Weekend attack shuts down several city sites and service. [Cartoon Caption Winner: Greetings, Earthlings]( And the winner of Dark Reading's April cartoon caption contest is ... [MORE NEWS & COMMENTARY]( HOT TOPICS [Microsoft Patch Tuesday: 4 Critical CVEs, 3 Publicly Known, 1 Wormable]( Microsoft releases security patches for 55 vulnerabilities in its monthly roundup, which includes a critical, wormable flaw in the HTTP protocol stack. [11 Reasons Why You Sorta Love Passwords]( We asked you to tell the truth about why you secretly love passwords. From the heartfelt to the hilarious, here's what you had to say. [Hashes, Salts, and Rainbow Tables: Confessions of a Password Cracker]( Understanding a few basics about how password crackers think and behave could help you keep your users safer. [MORE]( EDITORS' CHOICE [7 Modern-Day Cybersecurity Realities]( Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe. [Exchange Exploitation: Not Dead Yet]( The mass exploitation of Exchange Servers has been a wake-up call, and it will take all parties playing in concert for the industry to react, respond, and recover. LATEST FROM THE EDGE [10 Security Awareness Training Mistakes to Avoid]( Give your cybersecurity culture a boost by adding these to the "don't" column of your cybersecurity awareness training do's and don'ts list. Tech Resources - [Hidden Costs of Endpoint Security]( - [The Definitive Buyer's Guide for Managed Threat Detection and Response Services]( - [Tech Insights: Detecting and Preventing Insider Data Leaks]( - [Protection Strategies for a Cyber-Resilient Organization]( - [Tech Insights: SASE's Pandemic Boost Likely to Stick]( - [Cisco Threat Response]( - [Powering Digital Transformation]( [ACCESS TECH LIBRARY NOW]( - [Ransomware Resilience and Response Playbook]( When ransomware locks up your business's critical data and essential gear, panic can set in fast-which just makes you more vulnerable. But questions abound: is this a ransomworm that's going to spread to other endpoints? Are the attackers going to ... - [Web Security: Protecting Your Data from Internet Threats]( One of the most accessible methods of cracking your corporate data is through a simple Internet connection. In this webinar, experts offer a look at some of the most common ways that cyber attackers use to crack enterprise systems via ... [MORE WEBINARS]( FEATURED REPORTS - [Improving Security by Moving Beyond VPN]( - [Assessing Cybersecurity Risk in Today’s Enterprises]( [MORE REPORTS]( CURRENT ISSUE [2021 Top Enterprise IT Trends]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Sophos Launches XDR Solution that Synchronizes Native Endpoint, Server, Firewall, and Email Security]( [Vulcan Cyber Research Reveals Most Enterprise Cyber Security Teams Lack the Ability to Remediate Risk]( [Arkose Labs Raises $70 Million Led by SoftBank Vision Fund 2]( [Cycode Raises $20 Million Series A Round From Insight Partners]( [ESG Report Uncovers Security Decision Makers 2021 Cybercrime Concerns]( [Kaspersky Research Finds DDoS Sttacks in Q1 2021 Return to Pre-Pandemic Numbers]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)