How to prevent repeat ransomware attacks; Plus, ransomware gangs merge to form cartels

Security Digest: A roundup of security technology content from TechTarget

Security Digest Information security news and advice from TechTarget's network |June 17, 2020 FEATURED STORY Repeat ransomware attacks: Why organizations fall victim by Alexander Culafi, News Writer Some organizations get hit with ransomware multiple times. Threat researchers explain why repeat attacks happen and how victims can prevent it from occurring again. Advertisement NEWS   New 'Thanos' ransomware weaponizes RIPlace evasion technique Recorded Future's Insikt Group uncovered a new ransomware-as-a-service tool named 'Thanos' that's the first ransomware to use the hard-to-detect RIPlace technique.   Maze ransomware builds 'cartel' with other threat groups Operators behind the Maze ransomware posted data leaks from competing ransomware gangs to their victim shaming website, suggesting they have joined forces.   Italian company implicated in GuLoader malware attacks While analyzing the network dropper GuLoader, researchers found an almost identical commercial software tool called CloudEye offered by a legitimate-looking Italian company.   'CallStranger' vulnerability affects billions of UPNP devices A new vulnerability in the Universal Plug and Play protocol could be used to exfiltrate enterprise data and launch DDoS attacks, and patches may not arrive for a long time. EXPERT ADVICE   How to build an effective IAM architecture Identity and access management is changing and so must strategies for managing it. Read up on IAM architecture approaches and how to select the best for your organization.   Using digital identity management to gain and retain trust Enterprise identity and access management strategies must include processes for managing and securing three types of digital identity. Learn how.   VPC security best practices and how to implement them in AWS To best secure network access, AWS administrators need to create rules for network resources. Learn how to implement Amazon VPC security best practices in this book excerpt.   Benefits of open source container vulnerability scanning Containers have revolutionized app development but pose many security challenges. Uncover how container vulnerability scanning can help and why to consider open source tools.   Overcome AWS security vulnerabilities with VPCs, IAM Securing network access in AWS requires the right rules to be in place. Learn more about Virtual Private Clouds and how implementing them can prevent common cloud security attacks.   Identifying and troubleshooting VPN session timeout issues Troubleshooting VPN session timeout and lockout issues should focus first on isolating where the root of the problem lies -- be it the internet connection, the VPN vendor or the user device. About This E-Newsletter The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List