China-Backed APT Pwns Building-Automation Systems with ProxyLogon

The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks. [TechWeb]( Follow Dark Reading: [RSS]( June 29, 2022 LATEST SECURITY NEWS & COMMENTARY [China-Backed APT Pwns Building-Automation Systems with ProxyLogon]( The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks. [Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign]( The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn. [Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter]( Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta). ['Raccoon Stealer' Scurries Back on the Scene After Hiatus]( Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting. [Google Analytics Continues to Lose SEO Visibility as Bans Continue]( Google Analytics has been found to be in violation of GDPR privacy laws by Italy — the third country to ban it. [Atlassian Confluence Exploits Peak at 100K Daily]( Swarms of breach attempts against the Atlassian Confluence vulnerability are likely to continue for years, researchers say, averaging 20,000 attempts daily as of this week. [A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset]( Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process. [How to Find New Attack Primitives in Microsoft Azure]( Abuse primitives have a longer shelf life than bugs and zero-days and are cheaper to maintain. They're also much harder for defenders to detect and block. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [New Vulnerability Database Catalogs Cloud Security Issues]( Researchers have created a new community website for reporting and tracking security issues in cloud platforms and services — plus fixes for them where available. [LockBit 3.0 Debuts With Ransomware Bug Bounty Program]( LockBit 3.0 promises to 'Make Ransomware Great Again!' with a side of cybercrime crowdsourcing. [Name That Toon: Cuter Than a June Bug]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE]( EDITORS' CHOICE [Are You Hiring Enough Entry-Level Security Pros?]( New (ISC)² survey shows employment levels for entry-level cyber pros lag behind every other experience level. LATEST FROM THE EDGE [What We Mean When We Talk About Cyber Insurance]( Cyber insurance is more than a policy for paying off ransomware gangs. It's designed to be something you transfer risk to when security controls fail. LATEST FROM DR TECHNOLOGY [Can Zero-Knowledge Cryptography Solve Our Password Problems?]( Creating temporary keys that are not stored in central repositories and time out automatically could improve security for even small businesses. WEBINARS - [Building and Maintaining Security at the Network Edge]( Advances in networking and new technologies have expanded the possibilities of deploying applications at the network edge. These edge devices bring with them their own security management challenges and risks. How do you scale your security to manage the sheer ... - [Using Threat Modeling to Improve Enterprise Cyber Defenses]( As enterprises deal with multiple threats coming in different forms, security teams are shifting to a risk-based security to handle these challenges. One of the key tools is threat modeling, a process intended to help identify potential weaknesses and prioritize ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Eight Best Practices for a Data-Driven Approach to Cloud Migration]( - [Sumo Logic for Continuous Intelligence]( - [Gartner, Quick Answer: How Can Organizations Use DNS to Improve Their Security Posture?]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( - [Endpoint Detection Net Suite Use Cases]( - [Optimizing Endpoint Protection]( [View More White Papers >>]( FEATURED REPORTS - [State of the Cloud: A Security Perspective]( Cloud computing has evolved over the years from a nice-to-have item on the IT wish list to a core technology driving business initiatives. But despite widespread adoption, cloud-based IT systems continue to be saddled with issues related to data security, ... - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( With attacks and breaches on the rise, enterprise security teams need full visibility over what they have in their network. DNS is a key tool for visibility and asset discovery. Proactive DNS-layer security - such as using DNS data to ... - [How Enterprises Are Securing the Application Environment]( Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications. [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Kaspersky Reveals Phishing Emails That Employees Find Most Confusing]( [Thrive Acquires DSM]( [Palo Alto Networks Bolsters Its Cloud Native Security Offerings With Out-of-Band WAAS]( [Synopsys Completes Acquisition of WhiteHat Security]( [Zscaler and AWS Expand Relationship]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Improving Enterprise Cybersecurity With XDR]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)