ROPEMAKER Attack Turns Benign Emails Hostile Post-Delivery

[TechWeb](?elq_mid=79940&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170823&cid=NL_DR_EDT_DR_daily_20170823&elqTrackId=798e38fb75db45f5a442c35eb5030899&elq=14c132ee805543d4a2d5de0357fefa7b&elqaid=79940&elqat=1&elqCampaignId=27705) Follow Dark Reading: [RSS]( August 23, 2017 Top!Top?elq_mid=79940&elq_cid=22844169 LATEST SECURITY NEWS & COMMENTARY [ROPEMAKER Attack Turns Benign Emails Hostile Post-Delivery]( The intersection of email and Web technologies has given attackers a way to mess with your email after it has been delivered to your inbox, Mimecast says. [The Benefits of Exploiting Attackers' Favorite Tools]( Symantec senior threat researcher Waylon Grange explains that attackers write vulnerable code, too. [Comparing Private and Public Cloud Threat Vectors]( Many companies moving from a private cloud to a cloud service are unaware of increased threats. [How to Hack a Robot]( Forget 'killer robots:' researchers demonstrate how collaborative robots, or 'cobots,' can be hacked and dangerous. [Battle of the AIs: Don't Build a Better Box, Put Your Box in a Better Loop]( Powered by big data and machine learning, next-gen attacks will include perpetual waves of malware, phishes, and false websites nearly indistinguishable from the real things. Here's how to prepare. [Yahoo Hack Suspect to be Extradited to US]( Karim Baratov, accused of working with Russian intelligence for the 2014 Yahoo breach, has waived an extradition hearing. [MORE NEWS & COMMENTARY]( HOT TOPICS [50% of Ex-Employees Can Still Access Corporate Apps]( Businesses drive the risk for data breaches when they fail to terminate employees' access to corporate apps after they leave. ['Pulse Wave' DDoS Attacks Emerge As New Threat]( DDoS botnets are launching short but successive bursts of attack traffic to pin down multiple targets, Imperva says. [14 Social Media-Savvy CISOs to Follow on Twitter]( A roundup of some of the more social media-engaged security leaders to follow for updates on industry news, trends, and events. [MORE]( EDITORS' CHOICE [Why Most Security Awareness Training Fails (And What To Do About It)](and-what-to-do-about-it)/v/d-id/1329691?elq_mid=79940&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170823&cid=NL_DR_EDT_DR_daily_20170823&elqTrackId=e5ad7e4b80ad465db918c331904fd634&elq=14c132ee805543d4a2d5de0357fefa7b&elqaid=79940&elqat=1&elqCampaignId=27705) Arun Vishwanath discusses why awareness training shouldn't apply the same cure to every ailment then blame the patient when the treatment doesn't work. [Coming Soon to Dark Reading...]( Event calendar: Dark Reading brings you threat intelligence tomorrow, boardroom communication next week, and coming in November, a brand new conference in the D.C. area. Tech Resources - [5 Steps to Quantifying Insider Risk]( - [2017 Threat Report]( - [The DomainTools Report: Spring 2017 Edition]( - [[Best Practices] Office 365 Security Monitoring]( - [The Anatomy of a Ransomware Attack]( - [Cybersecurity 101: The Fundamentals of Today's Threat Landscape](E2%80%99s-threat-landscape-/391153?elq_mid=79940&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170823&cid=NL_DR_EDT_DR_daily_20170823&elqTrackId=8f874cf00a084ef3848a113cee8a951e&elq=14c132ee805543d4a2d5de0357fefa7b&elqaid=79940&elqat=1&elqCampaignId=27705) - [[Checklist] Foolproof Employee Security]( [ACCESS TECH LIBRARY NOW]( - [Faster, More Effective Response With Threat Intelligence & Orchestration Playbooks]( Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the goal of any security team. Baking threat intelligence into the day-to-day efforts of detecting and responding to threats is a great way to see some ... - [Threat Intelligence Overload?]( A wide range of threat intelligence feeds and services have cropped up keep IT organizations up to date on the latest security threats. But without mechanisms in place to actually use the information, these alerts provide little benefit. [MORE WEBINARS]( Partner Perspectives [5 Factors to Secure & Streamline Your Cloud Deployment]( How a Midwestern credit union overcame the challenges of speed, cost, security, compliance and automation to grow its footprint in the cloud. [How to Avoid the 6 Most Common Audit Failures]( In a security audit, the burden is on you to provide the evidence that you've done the right things. [Cloud Complexity Mandates Security Visibility]( The cloud is flexible, but security should be the top priority. Middle!Middle?elq_mid=79940&elq_cid=22844169 FEATURED REPORTS - [How Enterprises Are Attacking the IT Security Problem](strategic-security-report]-how-enterprises-are-attacking-the-cybersecurity-challenge/390403?elq_mid=79940&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170823&cid=NL_DR_EDT_DR_daily_20170823&elqTrackId=fb0fbe06fe3142ae8d0b28ea5d4723ed&elq=14c132ee805543d4a2d5de0357fefa7b&elqaid=79940&elqat=1&elqCampaignId=27705) Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look. - [Assessing Cybersecurity Risk](strategic-security-report]-assessing-cybersecurity-risk/390613?elq_mid=79940&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170823&cid=NL_DR_EDT_DR_daily_20170823&elqTrackId=5bd6d8f40c174c1c937d90de05ea8ca2&elq=14c132ee805543d4a2d5de0357fefa7b&elqaid=79940&elqat=1&elqCampaignId=27705) [MORE REPORTS]( CURRENT ISSUE [Security Vulnerabilities: The Next Wave]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Cisco Spark Announces Breakthroughs in Security, Compliance, and Analytics]( [Nigerian Man Sentenced to Prison for Hacking and Fraud Scheme]( [Rackspace Deploys RiskIQ PassiveTotal]( [IBM Offers Women Scholarships to Hacker Halted Security Conference]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [InformationWeek](?elq_mid=79940&elq_cid=22844169&_mc=NL_DR_EDT_DR_daily_20170823&cid=NL_DR_EDT_DR_daily_20170823&elqTrackId=df7705a29e244a91b0f2650d287d56ca&elq=14c132ee805543d4a2d5de0357fefa7b&elqaid=79940&elqat=1&elqCampaignId=27705) UBM Tech 2 Penn Plaza, 15th Floor, New York, NY 10121 To update your profile, change your e-mail address, or unsubscribe, [cick here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2017]( | [UBM Tech]( | [Privacy Statement]( | [Terms Of Service]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)