Sandworm APT Trolls Researchers on Its Trail as It Targets Ukraine

Researchers who helped thwart the Russian nation-state group's recent attack on Ukraine's power supply will disclose at Black Hat USA what they found while reverse-engineering the powerful Industroyer2 malware used by the powerful hacking team [TechWeb]( Follow Dark Reading: [RSS]( July 18, 2022 LATEST SECURITY NEWS & COMMENTARY [Sandworm APT Trolls Researchers on Its Trail as It Targets Ukraine]( Researchers who helped thwart the Russian nation-state group's recent attack on Ukraine's power supply will disclose at Black Hat USA what they found while reverse-engineering the powerful Industroyer2 malware used by the powerful hacking team. [How Attackers Could Dupe Developers into Downloading Malicious Code From GitHub]( Developers need to be cautious about whom they trust on GitHub because it's easy to establish fake credibility on the platform, security vendor warns. [How Hackers Create Fake Personas for Social Engineering]( And some ways to up your game for identifying fabricated online profiles of people who don't exist. [Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise]( IT asset tracker and auditor software has a critical issue with insecure object deserialization that could allow threat actors to execute code, researchers say. [Ex-CIA Programmer Found Guilty of Stealing Vault 7 Data, Giving It to Wikileaks]( Joshua Schulte has been convicted for his role in the Vault 7 Wikileaks data dump that exposed invasive US cyber intelligence tactics. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Researchers Devise New Speculative Execution Attacks Against Some Intel, AMD CPUs]( "Retbleed" bypasses a commonly used mechanism for protecting against a certain kind of side-channel attack. [DHS Review Board Deems Log4j an 'Endemic' Cyber Threat]( Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says. [3 Golden Rules of Modern Third-Party Risk Management]( It's time to expand the approach of TPRM solutions so risk management is more effective in the digital world. [MORE]( EDITORS' CHOICE [Is Cryptocurrency's Crash Causing Headaches for Ransomware Gangs?]( Bitcoin is down more than 70% from its highs late last year, causing disruptions for cybercriminals and the underground exchanges that fuel the dark markets. LATEST FROM THE EDGE [Internet Searches Reveal Surprisingly Prevalent Ransomware]( Two mostly defunct threats — WannaCry and NonPetya — top the list of ransomware searches, but does that mean they are still causing problems? LATEST FROM DR TECHNOLOGY [The Next Generation of Threat Detection Will Require Both Human and Machine Expertise]( To be truly effective, threat detection and response need to combine the strengths of people and technology. WEBINARS - [Building and Maintaining an Effective Remote Access Strategy]( The COVID-19 pandemic transformed enterprises into remote workplaces overnight, forcing IT organizations to revamp their computing and networking strategies on the fly. Some of the changes were intended to be temporary, and some rules were adopted without thinking through all ... - [Building and Maintaining Security at the Network Edge]( Advances in networking and new technologies have expanded the possibilities of deploying applications at the network edge. These edge devices bring with them their own security management challenges and risks. How do you scale your security to manage the sheer ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Eight Best Practices for a Data-Driven Approach to Cloud Migration]( - [Gartner, Quick Answer: How Can Organizations Use DNS to Improve Their Security Posture?]( - [AppSec Considerations For Modern Application Development]( - [The Many Risks of Modern Application Development]( - [The Many Facets of Modern Application Development]( - [Optimizing Endpoint Protection]( [View More White Papers >>]( FEATURED REPORTS - [Incorporating a Prevention Mindset into Threat Detection and Response]( - [Practical Network Security Approaches for a Multicloud, Hybrid IT World]( The report covers areas enterprises should focus on for their multicloud/hybrid cloud security strategy: -increase visibility over the environment -learning cloud-specific skills -relying on established security frameworks -re-architecting the network - [How Enterprises Are Securing the Application Environment]( Download this report from Dark Reading to learn more about the measures enterprises have adopted to ensure the security of their internally developed applications and third-party packaged applications. [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Bishop Fox Secures $75 Million in Growth Funding From Carrick Capital Partners]( [Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project]( [AEI HorizonX Ventures Joins Shift5 Series B Funding Round]( [Report: Financial Institutions Overly Complacent About Current Authentication Methods]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Implementing Zero Trust In Your Enterprise: How to Get Started]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)