Troubling New Disk-Level Encryption Ransomware Surfaces

[TechWeb]( Follow Dark Reading: [RSS]( August 17, 2021 LATEST SECURITY NEWS & COMMENTARY [Troubling New Disk-Level Encryption Ransomware Surfaces]( "DeepBlueMagic" also deletes Volume Shadow copy for Windows, making recovery all but impossible without a decryption key. [FireEye Launches XDR Platform]( FireEye debuts its new flagship product following the sale of its products business to Symphony Technology Group for $1.2 billion. [Attackers Change Their Code Obfuscation Methods More Frequently]( Microsoft spotted a campaign that changed its encoding mechanism at least 10 times in the past year to evade detection — even using Morse code as one method. [Reverse-Engineering a New Generation of Mac Malware]( The much-anticipated arrival of Apple's new system-on-a-chip, the M1, brings more built-in security, but it also brings a new generation of malware for threat hunters and researchers to detect. Here, the Dark Reading News Desk learns more. [Finally, a Much-Needed Guide to Microsoft IIS Security]( Your installation of Infrastructure Internet Services (IIS), Microsoft’s web server software, is probably ignored and lazily defended. ESET malware researcher Zuzana Hromcova explains to the Dark Reading News Desk why IIS malware deserves your attention, and provides a new resource to help. [Active Directory Certificate Services Misconfigs Get Used & Abused]( SpecterOps technical architects Lee Christensen and Will Schroeder look inside Active Directory Certificate Services and show how misconfigurations can cause mayhem with enterprise authentication infrastructure. [(Sponsored Article) The Power of Context in an Identity-Powered Era]( We need the right answers to the right questions at the right time. And that deserves a new angle, an identity-powered approach to ensure that the right people (and things) have the right access to information. [T-Mobile Confirms Data Breach]( An investigation has revealed unauthorized access to T-Mobile data; however, it's unclear whether customer data is affected. [Rural Maine Sewage Plants Hit by Ransomware]( Sewage treatment facilities in Mount Desert and Limestone were targeted in separate attacks. [MORE NEWS & COMMENTARY]( HOT TOPICS [Why Security Services Are the M&A Trend to Watch]( Non-security-specific organizations are among those rushing to take advantage of growing enterprise demand for a wide range of service capabilities. [Microsoft Patch Tuesday Puts Spotlight on Windows Print Spooler]( Three of the 44 vulnerabilities patched today exist in Windows Print Spooler, a primary focus of security fixes over the past few months. [Why It's Time for Cybersecurity to Go Mainstream]( Improving cybersecurity must be a collective effort. Here are three achievable steps the government, private sector, and broader public can take to make a difference now. [MORE]( LATEST FROM THE EDGE [7 Steps to a More Secure Social Media Policy]( Social media accounts must be viewed as part of the IT and security infrastructure. Follow these tips for developing a workable social media security program at your company. EDITORS' CHOICE [Cost of Cyberattacks Significantly Higher for Smaller Healthcare Organizations]( Significant oversights, such as lack of automation and continued vulnerability to old threats, leave healthcare organizations at risk. [How to Make Your Next Third-Party Risk Conversation Less Awkward]( The SolarWinds attack has changed what companies expect from third-party vendors in order to earn their trust. That's a good thing. Here are three steps you can take to make conversations with vendors more effective before the next major data breach. Tech Resources - [The 7 Deadly Sins of Access Control, and How to Avoid Them]( - [2021 Data Breach Investigations Report (DBIR)]( - [2021 Data Breach Investigations Report Public Sector snapshot]( - [Policy as Code Guide - Design, Build, & Runtime]( - [The Buyer's Guide to Next Generation Cloud Security Posture Management]( - [Are Your Managed Services Right for Your Business?]( - [Gorilla Guide Extended Detection and Response]( [ACCESS TECH LIBRARY NOW]( - ["The New Normal" of Supply Chain Security]( In this webinar, experts discuss potential vulnerabilities in the new supply chain, and potential threats from online attackers. They also discuss the impact of these changes on compliance with industry and regulatory rules that govern the supply chain. You'll learn ... - [Making Security Orchestration Automation and Response (SOAR) Work in Your Enterprise]( Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How ... [MORE WEBINARS]( FEATURED REPORTS - [Enterprise Cybersecurity Plans in a Post-Pandemic World]( As the COVID-19 pandemic eases, IT security threats and the challenges involved in responding to them are trending upward. Security leaders expect that cyberattacks like ransomware, phishing, and malware will increase even as the pandemic eventually recedes. Download the Dark ... - [Tech Insights: Detecting and Preventing Insider Data Leaks]( [MORE REPORTS]( CURRENT ISSUE [Enterprise Cybersecurity Plans in a Post-Pandemic World]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [AI Technology Startup Data Safeguard Tackles Data Privacy Compliance and Synthetic Fraud Threat]( [RDDoS a More Prevalent Threat to Organizations Than Ransomware]( [Nuspire Launches New Managed Endpoint Detection and Response Service]( [Field Effect Finds Kernel Elevation of Privilege Vulnerabilities in  Almost Every Version of Microsoft Windows Currently Used]( [SecurityScorecard Releases Report on Security Posture of Largest Global Financial Institutions]( [SGT Capital Purchases Utimaco]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)