DOJ indicts members of Russian threat group Evil Corp

Security Digest: A roundup of security technology content from TechTarget

Security Digest Information security news and advice from TechTarget's network |December 11, 2019 FEATURED STORY DOJ takes action against Dridex malware group, Evil Corp by Michael Heller, Senior Reporter The U.S. Justice Department indicts two alleged members of the Russian threat group behind the Dridex banking Trojan, known as Evil Corp, and offers a $5 million bounty. Advertisement NEWS   NSS Labs drops antitrust suit against AMTSO, Symantec and ESET NSS Labs dropped its antitrust suit against the Anti-Malware Testing Standards Organization, Symantec and ESET, ending a contentious legal battle in the endpoint security market.   City of Pensacola hit by ransomware attack A cyberattack, later confirmed to be ransomware, hit the city of Pensacola, Fla. on Saturday. The city is currently in the process of responding.   Session cookie mishap exposed HackerOne private reports A security researcher used a mishandled session cookie to access private HackerOne bug reports with an account takeover attack and earned a bug bounty for their efforts.   Ryuk ransomware change breaks decryption tool The threat actors behind Ryuk ransomware made changes to their code that have made the official decryption tool unreliable, according to security researchers. EXPERT ADVICE   How should threat management processes change as risk evolves? Advances in security tools are changing threat management processes. Learn how infosec pros are utilizing UTM platforms, AI and threat intelligence services to alleviate risk.   How to prevent port scan attacks The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and prevent port scanning attacks.   Use a data privacy framework to keep your information secure Find out how a data privacy framework gives companies the tools they need to ensure their information is protected -- from both internal and external threats.   What are best practices for a modern threat management strategy? Infosec pros need to mitigate traditional cyberthreats, as well anticipate sophisticated, emerging threats. Learn how to build a threat management strategy that helps with both.   How can companies identify IT infrastructure vulnerabilities? New, sophisticated technology is available to help infosec pros find IT infrastructure vulnerabilities. Automated pen testing and outsourcing threat intelligence services can help.   How to implement zero-trust cloud security The nature of cloud environments and workloads is changing. Security team approaches must evolve in response. Learn how to implement zero-trust cloud security from expert Dave Shackleford. About This E-Newsletter The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List