Threat actors behind Trisis malware step up ICS attacks

Security Digest Information security news and advice from TechTarget's network| May 30, 2018 FEATURED STORY Creators of Trisis malware have expanded their ICS attacks by Madelyn Bacon, Associate Site Editor News roundup: Dragos researchers say the group behind the Trisis malware has expanded its ICS attacks. Plus, Roaming Mantis malware now targets iOS devices, and more. (SearchSecurity.com) Advertisement NEWS   Dragos' Robert Lee explains why ICS security isn't all doom and gloom Dragos' Robert Lee talks with SearchSecurity at RSA Conference 2018 about why there are reasons to be optimistic about the state of ICS security, despite growing threats. (SearchSecurity.com)   Risk & Repeat: Breaking down the Efail flaws In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Efail vulnerabilities in PGP and S/Mime protocols, as well as the rocky disclosure process for the flaws. (SearchSecurity.com)   VPNFilter malware infects 500,000 devices for massive Russian botnet New malware, dubbed 'VPNFilter' by Cisco Talos, infects 500,000 devices and triggers action from Justice Department, which seized and sinkholed the botnet's domain. (SearchSecurity.com)   Wicked botnet: Another Mirai variant targets connected devices Fortinet researchers uncovered a new variant of the Mirai malware, known as the Wicked botnet, which targets vulnerable IoT devices and uses multiple existing exploits. (SearchSecurity.com) EXPERT ADVICE   How the Meltdown and Spectre vulnerabilities impact security The Meltdown and Spectre vulnerabilities impact the physical and hardware security of systems, making them extremely difficult to detect. Learn how to prevent these attacks with Nick Lewis. (SearchSecurity.com)   Are Amazon certificate authority services trustworthy? AWS now operates as its own CA. What are the potential risks of the new Amazon certificate authority services? Expert Dave Shackleford outlines the pros and cons of this new setup. (SearchCloudSecurity.com)   Building an effective security program for beginners Charles Kao explains why continuous learning, observation of merit and appreciation of others are key elements for an effective security program -- and for preventing cyberattacks. (SearchSecurity.com)   How did Strava's Global Heatmap disclose sensitive U.S. info? Fitness tracking app Strava released its Global Heatmap that unknowingly disclosed routes of U.S. soldiers. Discover how this happened and how geolocation data can be blocked. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.