How to Stop Fileless Malware

/0 Comments/in /by

In 2017, SonicWall Capture Labs discovered 56 million new forms of malware from across the globe. Threat actors are constantly creating updates to known versions of malware to get past defenses that rely on identifying malware (i.e., signatures). The forms of security that stop malware and ransomware based on signatures are only effective if they can identify the strain.

Since malware authors don’t want to continually update their code and have attacks in flight fail, they often resort to creating fileless malware as a highly effective alternative.

What is fileless malware?

Fileless malware has been around for some time, but has dramatically increased in popularity the last few years. These malware leverage on-system tools such as PowerShell, macros (like in Microsoft Word and Excel), Windows Management Instrumentation or other on-system scripting functionality to propagate, execute and perform whatever tasks it was developed to perform.

The problem for the business

One of the reasons fileless malware is so powerful is that security products cannot just block the systems or software that these are utilizing. For example, if a security admin blocked PowerShell, many IT maintenance tasks would be terminated. This makes it impossible for signature-based security solutions to detect or prevent it because the low footprint and the absence of files to scan.

How can SonicWall stop fileless malware?

The key is not to look at the file but, instead, look at how it behaves when it runs on the endpoint. This is effective because although there is a large and increasing number of malware variants, they operate in very similar ways. This is similar to how we educate our children to avoid people based on behavior instead of showing them a list of mug shots every time they leave home.

SonicWall Capture Client, powered by SentinelOne, is a next-generation antivirus endpoint protection platform that uses multiple engines, including static and behavioral AI, to stop malware before, during and even after execution. It also offers the ability to roll back an endpoint to a state before the malware got on to or activated on the system.

In the face of fileless malware, the full behavioral monitoring approach is amazing at detecting and preventing this type of attack because it is agnostic to the attack vector.

How does it work?

SonicWall actively monitors all activities on the agent side at the kernel level to differentiate between malicious and benign activities. Once Capture Client detects malicious activity, it can effectively mitigate an attack and, if needed, roll back any damage, allowing the user to work on a clean device.

Conclusion

Ultimately, adversaries will always take the shortest path to compromise endpoints to ensure the highest return with the least amount of effort. Fileless malware is quickly becoming one of the most popular ways to do so. It is not enough to just block essential operations like PowerShell.

You need anti-virus software that fully monitors the behavior of a system to prevent attacks utilizing exploits, macro documents, exploit kits, PowerShell, PowerSploit and zero-days vulnerabilities locally and without dependence to network connectivity.

To learn more, download the in-depth data sheet, “SonicWall Capture Client powered by SentinelOne.”

Webinar: Stop Fileless Malware with SonicWall Capture Client

Join SonicWall and SentinelOne cyber security experts to learn how to stay safe from advanced cyber threats like fileless malware.

WATCH NOW

Cyber Security News & Trends

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Ransomware Tops Malicious Attack Charts  BBC

  • SonicWall President and CEO Bill Conner talks about the growing concern of ransomware attacks as numbers indicate a growing number of attacks on the UK’s SMBs.

EXCLUSIVE: Britain Facing Cyber War as Online Attacks Soar by 300%  Daily Express

  • In an exclusive interview with The Daily Express’ John Ingham, SonicWall President and CEO Bill Conner discusses the 300 percent increase in UK cyber attacks, compared to a 151 percent increase worldwide.

Cyber Security News

Imagine You’re Having a CT Scan and Malware Alters the Radiation Levels  The Register

  • As memories of last May’s WannaCry cyber attack fade, the healthcare sector and Britain’s NHS are still deep in learning.

Privacy Imported: US Weighs EU-Style Regulations to Protect Your Data    CNET

  • Congressional hearings with Facebook’s Mark Zuckerberg get lawmakers talking about regulations for internet companies’ collection and use of consumer data.

Company Insiders Behind 1 in 4 Data Breaches – Study    The Register

  • From The Register’s report on the annual Verizon Threat Report.

Researchers Unearth New Malware Designed to Make ATMs Spew Out Cash  Gizmodo

  • Researchers have recently discovered a new kind of “jackpotting” malware — the sole purpose of which is forcing ATMs to spit out huge volumes of cash.

In Case You Missed It

Upcoming Events & Webinars

April 16-20
RSA Conference
San Francisco
Moscone Center
Booth 4115, North Hall

April 25
Webinar
11 a.m. PDT
Stop Fileless Malware with SonicWall Capture Client
> Register Now

Is Your Firewall Ready for the IoT Era? The 3 Tough Questions to Ask

/0 Comments/in /by

My wife was out of the country recently, so I took the opportunity to nudge our house a little further into the 21st century by installing a Nest thermostat. It won’t solve my family’s disagreements about the temperature, but it’s a cool gadget that makes me feel like I’m modernizing a house that was built well into the last century.

The thermostat is just one of many smart devices on the market that connects to the internet and your local network — whether that’s at home, the office or your business. In this case, it’s connecting via Wi-Fi to my home firewall, so I know it’s secure.

But is that the case for all the Internet of Things (IoT) devices out there? The number of connected “things” that need to be secured continues to grow — cars, TVs, watches, wearables, refrigerators, security cameras. And these are just a few examples.

By the end of 2018, statistics research company Statista expects the installed base of IoT devices to exceed 23 billion, increasing to almost 31 billion in 2020. That’s a whole lot things that can connect to your organization’s network, and it doesn’t include all the PCs, laptops and phones we use daily. Some connect to a firewall or router through an Ethernet cable, while others connect over wireless. Whether they’re tethered or not, more connected devices means more risk.

To help secure the flow of traffic across networks, organizations have increasingly been turning to the use of Transport Layer Security and Secure Sockets Layer (TLS/SSL) encryption.

In fact, SonicWall recently noted in its 2018 Cyber Threat Report that almost 70 percent of connections are now encrypted. Like sales of IoT devices, the number of HTTP sessions continues to climb. While this is generally a good thing, cyber criminals are also using encryption to hide their attacks.

How to secure IoT devices connecting to my network

So, what steps can you take to make sure all your devices can connect securely to your organization’s network? Here are three questions you should address:

  1. Can my firewall decrypt and scan encrypted traffic for threats?
    As I mentioned earlier, the use of encryption is growing both for good and malicious purposes. More and more, we’re seeing cyber criminals hiding their malware and ransomware attacks in encrypted sessions, so you need to make sure your firewall can apply deep packet inspection (DPI) to HTTPS connections, such as DPI-SSL.
  2. Can my firewall support deep packet inspection across all my connected devices?
    Someone told me the other day that very soon each person will have an average of 13 connected devices. That’s a lot of potential devices connecting to your network. Now think of all the encrypted web sessions each device might have. You need to make sure your firewall can support all of them while securing each from advanced cyber attacks. Having only a high number of stateful packet inspection connections doesn’t cut it any more. Today, it’s about supporting more deep packet inspection connections.
  3. Can my firewall enable secure high-speed wireless?
    OK, this one sounds simple. Everyone says they provide high-speed wireless. But are you sure? The latest wireless standard is 802.11ac Wave 2, which promises multi-gigabit Wi-Fi to support bandwidth-intensive apps. Access points with a physical connection to the firewall should have a port capable of supporting these faster speeds. So should the firewall. Using a 1-GbE port creates a bottleneck on the firewall, while 5-GbE and 10-GbE ports are overkill. Having a 2.5-GbE port makes for a good fit.

SonicWall NSa next-generation firewalls

If you’re not sure you can answer “Yes” to these three questions about your current firewall it may be time to revisit your security strategy. One solution you should look at is the SonicWall NSa series.

We’ve recently introduced several new models for mid-sized networks and distributed enterprises with remote and branch sites. The new NSa 3650, NSa 4650 and NSa 5650 join the NSa 2650, which SonicWall released last September. All four models deliver the automated real-time breach detection and prevention today’s organizations need.

NSa Series

SonicWall NSa next-generation firewalls now include NSa 3650, 4650 and 5650 offerings.

Here are a few of the key features the NSa series offers:

  • Cloud-based, on-box threat protection – Staying ahead of sophisticated attacks requires a more modern approach that heavily leverages security intelligence in the cloud. NSa series next-generation firewalls integrate two advanced security technologies — our patent-pending Real-Time Deep Memory InspectionTM and patented Reassembly-Free Deep Packet Inspection‚ which deliver cloud-based, on-box threat protection.
  • High connection count – The NSa series enables a very high number of deep packet inspection (DPI) and deep packet inspection of TLS/SSL-encrypted (DPI-SSL) connections.
  • High port density – The NSa series provides high port density, ranging from 20 physical ports on the NSa 2650 up to 28 on the NSa This high port density enables more devices to connect directly to the firewall without the need for a switch.
  • 5-GbE ports – NSa series firewalls include multiple 2.5-GbE interfaces, an industry first for firewalls. The 2.5-GbE interfaces enable faster wired throughput speeds while also supporting the requirements for 802.11ac Wave 2 wireless access points including the SonicWall SonicWave series of 802.11ac Wave 2 indoor and outdoor access points.
  • 10-GbE ports – NSa series firewalls (except NSa 2650) also include multiple 10-GbE interfaces to support faster data rates for the delivery of bandwidth-intensive applications over longer distances.
  • Onboard storage – Each NSa series firewall includes a pre-populated storage module ranging from 16 GB on the NSa 2650 up to 64 GB on the NSa The storage enables support for various features including logging, reporting, last signature update, backup and restore and more.

Even if you answered “Yes” to some or all of the questions, it’s still a good idea to see if you’re getting the most from your firewall. Learn more about the SonicWall NSa series, and how you can get high-speed wired and wireless security across all your connections, encrypted and unencrypted.

Protect Web Applications Running Private, Public or Hybrid Cloud Environments

/0 Comments/in /by

With the number of attempted web attacks ranging up to millions over the course a year, you need to ensure web application security. You need a solution that protects both your public and internal web properties.

Why you need a web application firewall

Today’s businesses strive to provide the highest possible service experience and engagement through different types of interactive web applications and user-friendly mobile applications. Over half of the world population uses the internet. Ninety three percent of them now go online, and perhaps stay online longer, using their mobile devices as opposed to their computers.

With the addition of the Internet-of-Things (IoT), we have now added tens of billions of devices already connected, communicating and exchanging data through web and mobile applications today — from TVs, digital wearables, cars, gaming consoles and vending units, to all sorts of smart appliances. This makes web applications more critical now than ever before. You need keep them all online and safe.

What makes a good web application firewall?

An ideal   solution requires a comprehensive foundation for application security, data leak prevention, performance and management. With most web servers vulnerable to a wide spectrum of web-based exploits, you need a dynamic web application firewall to provide continuous real-time protection for web properties, whether they are hosted on-premises or in the public cloud. A best-practices WAF solution requires feature-rich web security tools and services to keep web properties safe, undisrupted and in peak performance every single day.

SonicWall Web Application Firewall

Our award-winning solutions give you a defense-in-depth strategy to protect your web applications running in private, public or hybrid cloud environments. It offers you a complete, out-of-box compliance solution for application-centric security that is easy to manage and deploy.

The SonicWall WAF series arms you with advanced web security tools and services to protect your data and web properties against modern, web-based threats. It applies deep packet inspection of Layer 7 web traffic against a regularly updated database of known signatures, denies access upon detecting web application threats and redirects users to an explanatory error page.

In addition, the SonicWall WAF baselines regular web application usage and behavior, and identifies anomalies that may be indicative of attempts to compromise the application, steal data and/or cause a denial of service (DoS).

SonicWall WAF employs a combination of signature-based and application profiling deep-packet inspection, and high-performance, real-time intrusion scanning engine, to dynamically defend against evolving threats, as outlined by the Open Web Application Security Project (OWASP), as well as more advanced web application threats like denial-of-service (DoS) attacks and context-aware exploits.  Moreover, it learns, interrogates and baselines regular web application usage behaviors and identifies anomalies that may indicate attempts to compromise the application, steal data and/or cause a denial of service.

The WAF series gives you economy-of-scale benefits of virtualization. You can deploy it as a virtual appliance in private clouds based on VMWare or Microsoft Hyper-V; or in AWS or Microsoft Azure public cloud environments. This gives you all the security advantages of a physical WAF with the operational and economic benefits of virtualization, including system scalability and agility, speed of system provisioning, simple management and cost reduction.

Acceleration features include load balancing, content caching, compression and connection multiplexing to improve performance of protected websites, and significantly reduce transactional costs. A robust dashboard gives you an easy-to-use, web-based management interface featuring status page overview of all monitoring and blocking activities, such as signature database status information and threats detected and prevented since boot-up.

The is available in four models that represent their inspection capacities and can be deployed on a broad range of public cloud, private cloud and virtualized deployment use cases.

To learn more about protecting web applications, explore our latest solution brief, “Best Practices for Web Application Firewall.”

New Virtual Firewalls: SonicWall NSv Provides Robust Security for Public, Private or Hybrid Cloud Environments

/0 Comments/in /by

To keep pace with innovations and modernize data center operations and services, businesses are embracing today’s application-centric, virtualized world. Virtualization and cloud can cut costs and increase efficiency and operational agility.

Four common pitfalls of modern virtual environments

However, advantages in savings and efficiency must be weighed against applying constrained budgets to prevent potential damages due to growing threats and common pitfalls. Vulnerabilities within virtual environments are well-documented. New ones are discovered regularly that yield serious security implications and challenges. Common IT challenges in securing virtualized environments include:

  1. Monitoring and securing traffic between virtual machines
  2. Managing policy change across virtual environments
  3. Tracking and controlling the sprawl of virtual machines
  4. Protecting virtualized assets in public cloud environments

What you need in a next-generation virtual firewall

To best capitalize on virtualization trends, you should operationalize the complete virtualization of computing, networking, storage and security in a systematic way. Implement a new approach for selecting an appropriate and effective next-generation virtual firewall solution. You should explore new virtual security solutions that go beyond legacy approaches and technologies. Plus, solution components must be tightly integrated to deliver application services safely, efficiently and in a scalable manner.

A next-generation virtual firewall must offer all the security advantages of your physical firewall, along with the operational and economic benefits of virtualization. These include system scalability and agility, speed of system provisioning, simple management and cost reduction.

Introducing the SonicWall NSv virtual firewall series

The new SonicWall NSv virtual firewall series offers you all the security advantages of a physical firewall with the operational and economic benefits of virtualization. With full-featured security tools and services including Reassembly-Free Deep Packet Inspection (RFDPI), security controls and networking services equivalent to what a SonicWall physical firewall provides, NSv effectively shields all critical components of your private and public cloud environments.

NSv is easily deployed and provisioned in a multi-tenant virtual environment, typically between virtual networks (VN). This allows it to capture communications and data exchanges between virtual machines (VM) for automated breach prevention, while establishing stringent access control measures for data confidentiality and VMs safety and integrity.

The NSv Series also includes infrastructure support for high availability and scaling to fulfill any Software-Defined Data Center (SDDC) scalability and availability requirements. NSv virtual firewalls help ensure:

  • System resiliency
  • Operational uptime
  • Service delivery and availability
  • Conformance to regulatory requirements

Security threats, such as cross-virtual-machine or side-channel attacks and common network-based intrusions and application and protocol vulnerabilities, are neutralized successfully through SonicWall’s comprehensive suite of security inspection services.

All VM traffic is subjected to multiple threat analysis engines, including intrusion prevention, gateway anti-virus and anti-spyware, cloud anti-virus, botnet filtering, application control and Capture Advanced Threat Protection multi-engine sandboxing.

The NSv Series is available in multiple virtual flavors carefully packaged for broad range of virtualized and cloud deployment use cases. Delivering multi-gigabit threat prevention and encrypted traffic inspection performance, the NSv Series can adapt to capacity-level increases and ensure VN safety and application workloads and data assets are available as well as secure.

Segmentation security

With NSv segment-based security capabilities, NSv can apply an integrated set of dynamic, enforceable barriers to advanced threats. By applying security policies to the inside of the VN, segmentation can be configured to organize network resources into different segments, and allow or restrict traffic between those segments. This way, access to critical internal resources can be strictly controlled.

NSv can then automatically enforce segmentation restrictions based upon dynamic criteria, such as user identity credentials, geo-IP location and the security stature of mobile endpoints.

For extended security, NSv is also capable of integrating multi-gigabit network switching into its security segment policy and enforcement. It directs segment policy to traffic at switching points throughout the network, and globally manages segment security enforcement from a single pane of glass.

Since segments are only as effective as the security that can be enforced between them, NSv applies intrusion prevention service (IPS) to scan incoming and outgoing traffic on the VLAN segment to enhance security for internal network traffic. For each segment, it enforces a full range of security services on multiple interfaces based on enforceable policy.

Governs centrally

NSv deployments are centrally managed using both on premise with SonicWall GMS, and with SonicWall Capture Security Center, an open, scalable cloud security management, monitoring, reporting and analytics software that is delivered as a cost-effective service offering.

The SonicWall Capture Security Center gives the ultimate in visibility, agility and capacity to govern the entire SonicWall virtual and physical firewall ecosystem with greater clarity, precision, and speed — all from a single-pane-of-glass.

For more information, visit our NSv web page, and watch the video below.

RSA Conference 2018: Songs for the Way

/0 Comments/in /by

RSA Conference 2018 is fast approaching and we are pulling out all the stops to prepare. Our SonicWall team is looking forward to joining the attendees, thought leaders and keynotes in San Francisco for five days of sharing new approaches to cyber security, discussing the latest technology, and interacting with top security leaders and pioneers. Ready to take advantage of all the opportunities available at RSA, including the hands-on sessions, keynotes, and informal gatherings to tap into a smart, forward-thinking global community? We have just the way to get started.

Cyber security is always priority No. 1. But, with our automated, real-time breach detection and prevention platform watching over us, we do sometimes find unconventional ways to have fun — like creating a Spotify playlist.

Here’s a collection of tunes to get you in the zone and ready to experience all RSA Conference 2018 has to offer.

Mood: We selected a playlist that’s eclectic, unexpected and quirky, with thematic influence from technology, security, new media and California vibes. Each track is curated to get your gears turning and ready for full immersion at #RSAC.

Standout favorites:

“Technologic” – Daft Punk

No RSA Conference playlist would be complete without an appearance by French duo Daft Punk. This track’s heavy dance beat with electronically transposed voice chants is an iconic dance anthem that brings upbeat high energy to our picks.

“Somebody’s Watching Me” – Rockwell

This classic 1980’s chart-topper is another favorite of the SonicWall team. The world of firewalls and network security is wrought with constant online threats, and nobody knows how to identify and stop these threats better than SonicWall. Somebody is always watching you. There is no privacy. And it’s not a dream.

“Pocket Calculator” – Kraftwerk

Kraftwerk’s entire Computer World album could have made this list, but we decided to keep only the best tracks for our list. The album deals with the themes of the rise of computers within society, but the song’s addictively cheerful beat and looping vocals has the SonicWall team particularly enchanted.

“Robots” – Flight of the Conchords

The charming quirk of Flight of the Conchords is often overlooked and underrated. This eccentric track from the Kiwi folk duo is not only one of the favorite references in our office, it also presents some comical commentary on the world of new technology. We especially love the binary code breakdown in the middle of the track.

Are you now in the proper frame of mind? Visit our RSA preview to get a glimpse of what you can expect from SonicWall at the event. We’ll see you at the Moscone Center.

SonicWall Capture Cloud Platform Ushers in New Era of Threat Intelligence, Connectivity and Automation

/0 Comments/in , , /by

SonicWall’s mission is to help organizations protect themselves from the growing number of cyber attacks in the fast-moving threat landscape.

There are many schools of thought on how this is best accomplished. And much of this depends on the wares of a particular vendor. But I’ve made it a priority that SonicWall helps defend networks and data in a manner that is automated, layered, intelligent, easy to use and cost-effective.

Today marks a monumental milestone in that focused effort.

This morning we proudly introduced the SonicWall Capture Cloud Platform, which tightly integrates security, management, analytics and real-time threat intelligence across our full portfolio of network, email, mobile and cloud security products. This launch includes:

  • New SonicWall Network Security Virtual (NSv) Firewalls
  • New SonicWall Web Application Firewall (WAF)
  • New SonicWall Capture Client Endpoint Protection
  • Updated SonicWall Network Security Appliance (NSa) Firewalls
  • Updated SonicOS 6.5.1

The significance of the unified and connected Capture Cloud Platform is highlighted by the escalating threat landscape. In the first quarter of 2018 alone, the average SonicWall customer faced 7,739 malware attacks, a year-over-year increase of 151 percent; 335 of these attacks were hidden using SSL/TLS encryption.

The SonicWall Capture Cloud Platform also identified more than 49,800 new attack variants in the first quarter, with the new SonicWall Real-Time Deep Memory InspectionTM (RTDMI) identifying 3,500 never-before-seen variants.Capture Cloud PlatformThe numbers are alarming. The threats continue to grow. And it’s the reason I promise that SonicWall teams around the world are dedicated to ensure our customers are protected from today’s most malicious cyber threats — both known and unknown.

Here’s a helpful rundown of the new products we are proud to announce today under the SonicWall Capture Cloud Platform:

New NSv Virtual Firewalls

SonicWall Network Security virtual (NSv) firewalls protect all critical components of private and public cloud environments. SonicWall NSv virtual firewalls deliver the security advantages of a physical firewall with the operational and economic benefits of virtualization, including system scalability and agility, speed of system provisioning, simple management and cost reduction.

> Go to NSv Virtual Firewalls

New Web Application Firewalls

The new SonicWall Web Application Firewall (WAF) delivers defense-in-depth capabilities to protect web applications running in private, public or hybrid cloud environments.

The SonicWall WAF behavior-based detection engine learns, interrogates and baselines regular web application usage behaviors and identifies anomalies that may be indicative of attempts to compromise the application, steal data and/or cause a denial-of-service.

> Go to SonicWall WAFs

New SonicWall Capture Client

The new SonicWall Capture Client extends an organization’s ability to defend endpoint devices that connect and interact with its networks, applications and data.

Capture Client is a unified client platform that delivers multiple endpoint protection capabilities, including next-generation malware protection and support for visibility into encrypted traffic. It leverages layered protection technologies, comprehensive reporting and enforcement for endpoint protection, and also offers critical ‘rollback’ capabilities via SentinelOne integration.

> Go to Capture Client

New SonicWall NSa Firewalls

The new SonicWall NSa 3650, 4650 and 5650 next-generation firewalls continue the evolution of SonicWall’s vision for a deeper level of network security without a performance penalty.

Built on a multi-core hardware architecture featuring 10-GbE and 2.5-GbE interfaces, the NSa series scales to meet the performance demands of mid-sized networks, branch offices and distributed enterprises.

> Go to NSa Firewalls

Each day this week we’ll do an in-depth review of the above and how each can be leveraged to better protection your organization, networks, data and customers.

RTDMI Expanded to Protect Organizations from Malicious PDFs, Office Files

Complementing the major Capture Cloud Platform announcement, we also announced new Real-Time Deep Memory InspectionTM capabilities that protect businesses and users from memory-based attacks and zero-day malware, including malicious PDFs and Microsoft Office documents.

Since January 1, 2018, RTDMITM has identified more than 3,500 never-before-seen attack variants. First announced in February 2018, RTDMI technology is used by the SonicWall Capture Cloud Platform to identify and mitigate even the most insidious cyber threats, including memory-based attacks.

RTDMI is already operational for SonicWall customers with active subscriptions to SonicWall Capture ATP sandbox service and SonicWall Email Security solutions.

> Read the Press Release

ee Real-Time Threat Intelligence

Did you know you can improve your security posture by knowing what attacks are most likely to target your organization? Visit the SonicWall Security Center to see the latest attack trends, types and volume across the world.

VISIT THE SECURITY CENTER

SonicWall Named 85th Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA)

/0 Comments/in /by

SonicWall has recently been named the 85th Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) by the MITRE Corporation, an international not-for-profit security institute.

What does this mean for SonicWall and the cyber security world at large? SonicWall has a new way to contribute to cyber security education and defense. The purpose of the CVE program is to provide a method and consortium for identifying vulnerabilities in a standardized manner.

SonicWall now has the authority to identify unique vulnerabilities within its products by issuing CVE IDs, publicly disclose vulnerabilities that have been newly identified, assign an ID, release vulnerability information without pre-publishing, and notify customers of other product vulnerabilities within the CNA’s program.

“This program takes us one step closer to reaching the transparency security administrators need in order to make swift and educated decisions when it comes to threat protection,” said SonicWall Chief Operating Officer Atul Dhablania in an official announcement. “SonicWall looks forward to working with MITRE in a collaborative effort to expand the arsenal of information needed to properly equip those who are being targeted or looking to strengthen their security posture.”

On a larger scale, the program is effective because an entire network of certified organizations works together, with the backing of numerous researchers and support personnel, to identify and stay ahead of emerging threats.

CVE Numbering Authorities (CNAs) are organizations that operate under the auspices of the CVE program to assign new CVE IDs to emerging vulnerabilities that affect devices and products within their scope.

The program is voluntary but the benefits are substantial, among them the opportunity to disclose a vulnerability with an already assigned CVE ID, the ability to control disclosure of vulnerability info without pre-publishing, and the notification of vulnerabilities for products within a CNAs scope by researchers who request a CVE ID from the CNA.

Becoming a part of the CVE program is a chance to not only connect to a vast network of organizations working to identify cyber threats, but also to contribute to the effort as a whole.

Cyber Security News & Trends

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

Special Section: 2018 SonicWall Cyber Threat Report

‘Malware-cocktail’ cyber attacks double in one year, shocking report warns — London Evening Standard

The News: The popular UK news publication highlights the shifting behavior of malware authors examined in the 2018 SonicWall Cyber Threat Report.

Quotable: SonicWall CEO Bill Conner described the attacks as a “cyber arms race affecting every government, business, organization and individual.”

Malware Attacks Up, Ransomware Attacks Down in 2017, SonicWall Reports — eWeek

The News: eWeek offers a slideshow that visually explores findings of this year’s SonicWall Cyber Threat Report.

Quotable: “There were a lot of mixed signals in the cyber security attack landscape in 2017 …”

Ransomware decreasing in quantity but increasing in potency — SecurityBrief

The News: SecurityBrief reporter Ashton Young outlines the increase in ransomware variants.

Quotable: “The risks to business, privacy and related data grow by the day — so much so that cybersecurity is outranking some of the more traditional business risks and concerns,” says SonicWall CEO Bill Conner.

Cyber Security News

A New Mira-style Botnet is Targeting the Financial Sector  ZDNet

  • Three financial sector institutions have become the latest victims of distributed denial-of-service (DDoS) attacks in recent months in what looks like an attack by the IoTroop botnet known to target financial firms.

Cyberattack Shows Vulnerability of Gas Pipeline Network The New York Times

  • Last week’s attack on four of the nation’s natural-gas pipeline operators that temporarily shut down computer communications with customers shines a light on the potential vulnerability of the nation’s energy system.

Iranian Hackers Breach Singapore Universities to Access Research Data — ZDNET

  • Believed to be part of last month’s attacks against global education institutions, the hackers breached 52 accounts across four Singapore universities, including NTU and NUS, to gain access to research articles.

Equifax Taps Mark Begor as CEO Following Cyber Attack That Exposed Data for 148M Consumers — USA Today

  • New Equifax CEO named. Mark Begor to lead the credit reporting giant’s bid to recover from a cyber breach that exposed the personal data of 148 million consumers.

20 suspect hackers arrested over online banking fraud ZDNet

  • On March 28, a series of arrests took place across Europe. In total, the raids resulted in the arrest of nine individuals from Romania and 11 in Italy, all of which are remanded in custody.

In Case You Missed It

Upcoming Events & Webinars

April 25
Webinar
11 A.M. PDT
Stop Fileless Malware with SonicWall Capture Client
Register Now

April 16-20
RSA Conference
San Francisco
Moscone Center
Booth 4115, North Hall

SonicWall at RSA Conference 2018

/0 Comments/in /by

The annual trek to the wind-swept hills of San Francisco is a long-standing tradition for many cyber security vendors and the packs of security pros who descend on the bay en masse. Yes, it’s already time for RSA Conference 2018.

SonicWall at RSA
April 16-19Booth 4115, North Hall
Moscone Center
San Francisco

Not a group to break convention, SonicWall will once again be present at the Moscone Center, April 16-19, to actively discuss today’s cyber security challenges and how cyber attacks impact businesses and organizations of all  sizes.

We encourage you to visit us at Booth 4115 in the North Expo Hall to explore the latest in security trends, threat intelligence and powerful cyber security solutions that help protect organizations in a fast-moving cyber arms race.

The booth will also feature the new SonicWall Security Center. We’ll show cyber attacks as they happen and illustrate the importance of real-time cyber threat intelligence and how it should empower the modern cyber security strategy.

Featured Presentation — Tuesday, April 17

This year’s conference will be highlighted by a presentation from John Gordineer, SonicWall’s Direct of Product Marketing. His cornerstone session, “The 2018 Threat Landscape: What We Learned in 2017 and What You Need to Know,” will go inside SonicWall Capture Labs telemetry data from millions of sensors around the globe to provide insight into the advances being made by both security professionals and cyber criminals.

Be sure to stop into the presentation on Tuesday, April 17, at 3 p.m. PDT, in the North Hall Briefing Center.

Fake bitcoin?

What would RSA Conference be without some sort of spectacle on the expo floor? Each day at Booth 4115 we’ll have exclusive demos (more on those later), giveaways and even a magician. Yes, a magician. And he’s magnificent.

As is custom, we’ll also have SonicWall swag like power banks, webcam covers, pens, notebooks and even fake bitcoin. They do exist.

Expo Hours

Moscone Center, North Expo Hall | Booth 4115

Monday, April 165 p.m. – 7 p.m.
Tuesday, April 1710 a.m. – 6 p.m.
Wednesday, April 1810 a.m. – 6 p.m.
Thursday, April 1910 a.m. – 3 p.m.

All Times PDT

Need help finding us? Just head to the North Hall and look for our awe-inspiring orange and black creatures. You can’t miss ‘em.

Helpful resources

Attend RSA Conference 2018 for Free

Want to experience the sights and sounds of RSA Conference 2018 but are short on cash? Use guest promo code X8SSONIC for free admission to the expo — compliments of SonicWall.

USE CODE NOW