Doxware: Is the new extortion attack worse than ransomware?

Security Digest Information security news and advice from TechTarget's network | January 11, 2017 FEATURED STORY Doxware: New ransomware threat, or just extortionware rebranded? by Michael Heller, Senior Reporter The threat of ransomware continues to evolve, with a new spin on extortionware, called doxware, that's designed to target and potentially expose sensitive data of ransomware victims. (SearchSecurity.com) Advertisement NEWS   January Patch Tuesday sparse before Windows security updates change Microsoft offers up a meager January 2017 Patch Tuesday release before bigger changes planned for Windows security update announcements, set to take effect in February. (SearchSecurity.com)   FTC launches competition to improve IoT device security News roundup: FTC starts a contest to create a better IoT device security tool. Plus, ransomware is now illegal in California; Google patches 29 critical Android flaws; and more. (SearchSecurity.com)   Risk & Repeat: Corero on DDoS defense in the IoT era In this episode of SearchSecurity's Risk & Repeat podcast, Dave Larson of Corero Network Security discusses how DDoS defense has shifted to deal with IoT threats. (SearchSecurity.com)   In a post-Mirai world, the FTC wants more secure routers from D-Link The Federal Trade Commission filed a lawsuit against D-Link, and experts said the move was likely to push more secure routers in the wake of the Mirai botnet attacks. (SearchSecurity.com)   SSL certificate validation flaw discovered in Kaspersky AV software Google Project Zero discovers more antivirus vulnerabilities. This time, the issues are with how Kaspersky Lab handles SSL certificate validation and CA root certificates. (SearchSecurity.com)   Git repos hide secret keys, rooted out by Truffle Hog Truffle Hog utility roots out and detects text blobs with enough entropy to be secret keys -- even those buried deep in old Git repositories -- to prevent exploits. (SearchSecurity.com) EXPERT ADVICE   How to maintain digital privacy in an evolving world Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data. (SearchSecurity.com)   How cloud endpoint protection products benefit enterprises Cloud endpoint protection products are outpacing standard endpoint protections. Expert Frank Siemons discusses the evolution of these products and how they benefit enterprises. (SearchCloudSecurity.com)   The dangers of using security policy templates in the enterprise Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky. (SearchSecurity.com)   Are investigations crucial to data breach protection? SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2016 TechTarget. All rights reserved.