Inside the Capital One Data Breach: What Went Wrong

In one of the biggest data breaches publicly disclosed, Capital One revealed that a hacker gained access to personal information from 106 million credit card applicants and customers in the United States and Canada.

Capital One’s breach disclosure comes after Equifax recently agreed to pay up to $700 million to federal and state agencies to settle litigation around a 2017 data breach that affected 147 million people.

“While I am grateful that the perpetrator has been caught, I am deeply sorry for what has happened,” said Richard D. Fairbank, Chairman and CEO in a public statement. “I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right.”

According to Capital One, beyond the credit card application data, the individual also obtained portions of credit card customer data, including:

  • Customer status data (e.g., credit scores, credit limits, balances, payment history, contact information)
  • Fragments of transaction data from a total of 23 days during 2016, 2017 and 2018

No bank account numbers or Social Security numbers were compromised, other than:

  • About 140,000 Social Security numbers of credit card customers
  • About 80,000 linked bank account numbers of our secured credit card customers

The intrusion allegedly occurred through a “misconfigured web application firewall that enabled access to the data.” Capital One immediately fixed the configuration vulnerability that the individual exploited and promptly began working with federal law enforcement.

“Based on our analysis to date, we believe it is unlikely that the information was used for fraud or disseminated by this individual,” said a statement from Capital One.

Capital One expects to spend between $100 million and $150 million on customer notifications, credit monitoring, technology costs and legal support associated with the breach in 2019 alone, according to CRN.

How can you prevent such a breach using SonicWall WAF?

The SonicWall web application firewall supports OWASP Top 10 and PCI DSS compliance, providing protection against malicious injection and cross-site scripting attacks, credit card and Social Security number theft, cookie tampering and cross-site request forgery.

SonicWall WAF offers Information Disclosure Protection, a data loss prevention technique that ensures that sensitive information, such as credit card numbers and Social Security numbers, are not leaked. SonicWall WAF also provides strong authentication mechanisms (i.e., two-factor or multifactor authentication) and facilitates seamless configuration/deployment through admin friendly management API.

To ensure your SonicWall is properly configured, please refer to the our in-depth administration guide and the SonicWall WAF settings resource.

Black Hat USA 2019: SonicWall Heads to Vegas

Black Hat USA 2019 is almost here. And it wouldn’t be a cybersecurity event without the SonicWall crew in attendance.

Can you believe this “little” show is now in its 22nd year? Started in 1997, the Black Hat Briefings grew from a one-show enterprise in Las Vegas to a global event. Today, Black Hat Briefings and Trainings bring together the world’s top cybersecurity researchers, vendors, experts and trainers for annual events in the U.S., Europe and Asia.

This year, SonicWall will be live at Booth 1310. Join SonicWall’s Brook Chelmo, Srudi Dineshan, Rob Krug, Ed Gradek, Ken Dang and Bobby Cornwell to discuss the latest in cybersecurity, advanced threats, wireless security and more. The group will have a live demo every 30 minutes.

Their sessions will also dive into specific use cases around firewall management, shadow IT, endpoint protection, customized threat intelligence and cloud-based Wi-Fi management.

SonicWall at Black Hat USA 2019

Booth 1310

Aug. 7-8 | Mandalay Bay Convention Center

Where to register for Black Hat USA 2019

Once you’re at the Mandalay Bay Convention Center for Black Hat USA 2019, event registration will be located on Level 1 of the Bayside Foyer.

The best giveaways: socks, retro headphones and more

The SonicWall crew will be in the booth August 7-8 to help you reserve your spot for each of the sessions. They’ll also be ready to reward your participation with some of the best swag in Vegas, including the limited ‘SOC in Box’ giveaway and JLab Audio Rewind wireless retro headphones.

Black Hat resources

Before you head to Las Vegas, be sure to explore and review available resources to help plan for your trip. This is especially true for first-time attendees. The event has a lot going on and you don’t want to waste a full day just getting your bearings.

Wind River VxWorks and URGENT/11: Patch Now

Notice: SonicWall physical firewall appliances running certain versions of SonicOS utilize third-party TCP/IP code for remote management that contain vulnerabilities named URGENT/11. At this time, there is no indication that the discovered vulnerabilities are being exploited in the wild, however:

SonicWall STRONGLY advises to apply the SonicOS patch immediately. Patches are available for all recent SonicOS versions. Detailed instructions are provided in the Security Advisory.

SonicWall provides the patched versions of SonicOS at no charge, including for customers not currently covered by an active support contract. SonicWall also recommends updating to the latest SonicOS release (, which provides firewall capabilities to help protect other devices vulnerable to URGENT/11.

Wind River VxWorks and URGENT/11 vulnerabilities

Security researchers at Armis have discovered and responsibly disclosed 11 vulnerabilities in the TCP/IP stack of Wind River’s VxWorks real-time operating system, which is utilized by millions of devices around the world, as well as in space, on Mars and in certain versions of SonicOS. The Wind River VxWorks TCP/IP stack, named IPNET, contains vulnerabilities that have been given the name “URGENT/11.”  The one material vulnerability type that impacted SonicOS is addressed by the patch releases.

Unmanageable & un-patchable: The Wild West of IoT

Wind River VxWorks is a real-time operating system that is widely used in IoT and embedded applications, such as networking, telecom, automotive, medical, industrial, consumer electronics, aerospace and beyond.

While firewalls are charged with protecting perimeters of organizations, they are actively managed and monitored devices, frequently from a central location. For every firewall, there is a human who wakes up each morning with a question, “Is my firewall working? Is it up to date?” Within days of an update becoming available, these humans schedule a maintenance window and close the security gap.

However, for the overwhelming majority of other devices connected or exposed to the internet, there is no such human, and the number of these IoT devices is larger than that of firewalls by several orders of magnitude. It is this multitude of connected devices that are not actively managed or patched that poses an iceberg-like risk to the internet.

Vulnerabilities are eventually discovered for even the best software, and the security of the internet and the online ecosystem relies on the ability to roll out and deploy the fixes.

In the mid-year update to the 2019 SonicWall Cyber Threat Report, SonicWall Capture Labs threat researchers have already logged 13.5 million IoT attacks, which outpaces the first two quarters of 2018 by 54.6%.

This reality is taking hold in the minds not only of security practitioners, but also of government regulators, as the hundreds of millions of IoT devices are found to be vulnerable and remain unpatched.

This is one of the risky underbellies of the internet, led by the explosion of IoT devices, including consumer-grade devices that are frequently deployed at the edge of the internet and then forgotten for a decade. IoT’s broad reach should reverberate through several industries as a wakeup call.

‘Never stop patching’

The weaponization of published vulnerabilities against old software serves as an important reminder that customers should never procrastinate software updates, which are one of the most important steps you can take to secure your infrastructure against today’s rapidly-evolving threat landscape.

Do not ignore them or put them off. Patch now. And never stop patching.

Cyber Security News & Trends

This week, SonicWall releases a mid-year update to the 2019 SonicWall Cyber Threat Report, hackers breach the FSB, and Johannesburg hit by ransomware.

SonicWall Spotlight

SonicWall 2019 Mid-Year Threat Report Shows Worldwide Malware Decrease of 20%, Rise in Ransomware-as-a-Service, IOT Attacks and Cryptojacking – SonicWall Press Release

  • SonicWall refreshes its data from the first months of 2019 for the Cyber Threat Report Mid-Year Update. The Cyber Threat Report provides insights into the cybersecurity industry’s top threats and trends, major finds include:
    • Ransomware volume up 15% globally year to date
    • Encrypted threats spike 76%
    • IoT malware attacks up 55%
    • Malware attacks across non-standard ports dips to 13%
    • With bitcoin value spiking, cryptojacking volume up 9%

SonicWall CEO on McAfee IPO Rumours and Symantec’s Possible Sale – CRN ChannelWeb

  • Channel Web interviews SonicWall CEO Bill Conner discussing business and government reactions to changes to the cybersecurity industry where the threat landscape which is “is getting very, very real.”

UK Ransomware Attacks Soar 195% – Malware Cocktails Proliferate – CBROnline

Cybersecurity News

NSA Launches Cybersecurity Directorate – NextGov

  • The National Security Agency has announced the launch of a new division aimed at defending the country’s national security infrastructure from digital attacks. The Cybersecurity Directorate will bring the agency’s foreign intelligence and cyber operations together under the same roof.

Hackers Breach FSB Contractor, Expose Tor Deanonymization Project and More – ZDNet

  • A contractor for the FSB, Russia’s national intelligence service, has been hacked with over 7.5 terabytes of data taken. Information exposed includes data on secret developments like a Tor deanonymization project and the ability to disconnect the Russian internet from the rest of the world.

Two Charged With Terrorism Over Bulgaria’s Biggest Data Breach: Lawyer – Reuters

  • Police raided the offices of cybersecurity firm Tad Group following last month’s cyberattack and data breach in which personal data for nearly every adult Bulgarian was stolen. Two workers have been charged with terrorism, both deny wrongdoing.

Louisiana Governor Declares State Emergency After Local Ransomware Outbreak– ZDNet

  • Following a series of cyberattacks on school districts Louisiana Governor John Bel Edwards declared a cybersecurity state of emergency. This is only the second time a state has declared a state of emergency over cybersecurity, the first being Colorado in February 2018.

Facebook to Pay $100 Million SEC Fine Over Cambridge Data Use – Bloomberg

  • Facebook has agreed to pay $100 million in a U.S. Securities and Exchange Commission settlement over the Cambridge Analytica scandal. In the settlement Facebook refuse to admit or deny any wrongdoing.

Ransomware hits Johannesburg electricity supply – BBC

  • Johannesburg’s City Power has been the latest high-profile victim of a ransomware attack with more than a quarter of a million people affected. The City of Johannesburg says no customer data has been compromised.

And finally:

UK, EU Police Pilot Scheme to Give Wayward Teen Hackers White Hats – ZDNet

  • A new UK and EU scheme called “Hack_Right” is currently being trialled. The scheme is aimed at staging interventions for teenagers who are involved in hacking, encouraging them to change their behavior rather than punishing them with jail time or fines.

In Case You Missed It

Mid-Year Update: 2019 SonicWall Cyber Threat Report

It’s almost cliché at this point, but the cyber arms race — and respective cybersecurity controls and technology — moves at an alarming pace.

For this reason, SonicWall Capture Labs threat researchers never stop investigating, analyzing and exploring new threat trends, tactics, strategies and attacks. They publish most of their findings — the data they can share publicly, anyway — in the annual SonicWall Cyber Threat Report.

But to ensure the industry and public are able to stay abreast of the quickly shifting threat landscape, the team offers a complementary mid-year update to the 2019 SonicWall Cyber Threat Report. Download the exclusive report to explore the stories, behaviors and trends that are shaping 2019 — as they are happening.

Malware volume dips in first half

In 2018, global malware volume hit a record-breaking 10.52 billion attacks, the most ever recorded by SonicWall Capture Labs threat researchers.

Fortunately, during the first six months of 2019, that trend slowed — at least somewhat. SonicWall recorded 4.8 billion* malware attacks, a 20% drop compared to the same time period last year.

Ransomware rising

Did you think ransomware was an outdated tactic? The latest 2019 data proves otherwise. Despite overall declines in malware volume, ransomware continues to pay dividends for cybercriminals.

All told, global ransomware volume reached 110.9 million for the first half of 2019, a 15% year-to-date increase. The exclusive mid-year update outlines which countries followed this trend and which were victimized by an increase in ransomware attacks.

Attacks against non-standard ports still a concern

As defined in the full 2019 SonicWall Cyber Threat Report, a ‘non-standard’ port means a service running on a port other than its default assignment, usually as defined by the IANA port numbers registry.

For the first half of 2019, 13% of all malware attacks came via non-standard ports, a slight dip due to below-normal activity in January (8%) and February (11%).

Encrypted threats intensify

In 2018, SonicWall logged more than 2.8 million encrypted threats, which was already a 27% jump over the previous year. Through the first six months of 2019, SonicWall has registered a 76% year-to-date increase.

Machine learning, multi-engine sandboxes evolving to ‘must-have’ security

So far in 2019, the multi-engine SonicWall Capture Advanced Threat Protection (ATP) cloud sandbox has exposed 194,171 new malware variants — a pace of 1,078 new variant discoveries each day of the year.

IoT malware volume doubled YTD

The speed and ferocity in which IoT devices are being compromised to deliver malware payloads is alarming. In the first half of 2019, SonicWall Capture Labs threat researchers have already recorded 13.5 million IoT attacks, which outpaces the first two quarters of last year.

Bitcoin run keeping cryptojacking in play

Late 2018 data showed cryptojacking on the decline. But with the surging values of both bitcoin and Monero, cryptojacking rebounded in 2019. Cryptojacking volume hit 52.7 million for the first six months of the year.

How do cybercurrency prices influence cryptojacking volume? The exclusive mid-year update looks deeper into the numbers.

Cyber Security News & Trends

This week, SonicWall CEO Bill Conner is included on a coolest CEO list and we have a special look at what people are saying about the growth of AI in the cybersecurity arena.

SonicWall Spotlight

The 11 Coolest Endpoint Security CEOs of 2019 – Solutions Review

  • SonicWall CEO Bill Conner is named one of Solutions Review’s top 11 coolest Endpoint Security CEOs, recognizing CEOs who bring “their own unique blend of experience and expertise to their endpoint security companies.”

SonicWall on Youtube

  • Did you know that SonicWall has an official channel on YouTube? We update it with all sorts of content, such as technical support videos, SonicWall product news, unboxing videos and more. You can follow us for updates here.

Sonicwall’s Roadshow Guides Customers and Channel Partners Address Network Security Issues – SME Channels (India)

  • SonicWall’s Debasish Mukherjee is quoted talking at the SonicWall roadshow at Mumbai And Delhi.

Cybersecurity News

Why AI is the Future of Cybersecurity – Forbes

  • Forbes digs into the figures available in a new report titled “Reinventing Cybersecurity with Artificial Intelligence” to see who is, and who is not, using AI in cybersecurity research. They conclude that with 69% of enterprises polled believing AI will be necessary to counter cyberattacks AI is going to be the future, one way or another.

AI Has a Bias Problem and That Can Be a Big Challenge in Cybersecurity – CNBC

  • If AI is the future of cybersecurity, then what can be done about its inherent bias problems? CNBC investigates how bias is found in the program, the data and the people who design the AI systems.

Researchers Easily Trick Cylance’s AI-Based Antivirus Into Thinking Malware Is ‘Goodware’ – Motherboard

  • Researchers in Australia say they have found a way of subverting Cylance’s AI-based antivirus into thinking malware, including the high-profile ransomware like Wannacry, is “goodware.” The relatively simple method involves taking strings from a non-malicious file and appending them to a malicious one, tricking the system into thinking the malicious file is benign.

Debunking the Myths of AI Cybersecurity – ITProPortal

  • ITProPortal look at four AI cybersecurity myths and explain why they are either incorrect or overblown.

What Kind of Cybersecurity Threats Does 5G Pose? – Silicon Republic

  • Huawei are currently global leaders in 5G infrastructure but with concerns in the USA, now spreading to the UK, over whether or not the company is sufficiently independent from the government of China, could threats in 5G infrastructure be like finding a needle in a haystack?

Cyberattacks Inflict Deep Harm at Technology-Rich Schools – New York Times

  • Schools are becoming ever-more attractive targets for cybercriminals as a school will hold a wealth of personal information on its students and provides critical public services. The Washington Times investigates the increase in cyberattacks on schools and how the FBI can only do so much when an attack is successful.

And finally:

FBI Shares Master Decryption Keys for Prolific GandCrab Ransomware – Washington Times

  • The jig appears to finally be up for the Gandcrab ransomware group after master decryption keys were made public by the FBI. The group appears to have known this was coming and had ended its criminal “affiliate program” after claiming that the program had generated over $2 billion in ransom payments.

In Case You Missed It

Cyber Security News & Trends

This week, Baltimore ransomware woes continue, the story of how the WannaCry cyberattack was stopped, and Magecart groups change tactics.

SonicWall Spotlight

Sonicwall’s Roadshow Helps Customers and Channel Partners Address the Critical Issue of Network Security – CRN

  • SonicWall’s Debasish Mukherjee is on the move with the SonicWall Roadshow across Mumbai and Delhi in India. He talks SonicWall expansion in India and Next-Gen AV – Capture Client with CRN.

Cybersecurity News

Border Officials Not Told of Massive Surveillance Breach Until Three Weeks After Subcontractor Was First Alerted – Washington Post

  • S. Customs and Border Protection was not informed that a hacker had stolen a huge cache of sensitive border-surveillance documents from a subcontractor until nearly three weeks after the cyberattack was first discovered. A huge trove of data, including travelers’ images and license plates, was taken in the attack and has since appeared on the dark web.

The Sinkhole That Saved the Internet – TechCrunch

  • In 2017, as the WannaCry ransomware attack was spreading across the internet, two security researchers were all that stood in its way after they found a kill-switch hidden in the code. Two years later, TechCrunch speaks to the researchers and breaks down the moment by moment saga as it happened.

Baltimore Ransomware Infection Keeping City Employees From Accessing Older Emails: Report – Washington Times

  • Nearly two months after Baltimore was first caught by the Ransomware attack that crippled the cities operations, employees are still incapable of accessing emails older than 90 days.

Here’s How Hackers Are Making Your Tesla, GM and Chrysler Less Vulnerable to Attack – USA Today

  • Since the newest model cars contain a series of connected computers, cyber vulnerabilities are an increasing concern in the automotive industry. To combat this, many car companies have launched bug bounty programs and attend all day hacking events like Pwn2Own with top prizes for hackers who can breach their cybersecurity or find unknown bugs.

U.S. Coast Guard Issues Cybersecurity Warnings for Commercial Vessels – SecurityWeek

  • The U.S. Coast Guard issued a cybersecurity warning for commercial vessels following successful cyberattacks and an increase in phishing attempts in 2019. It says that “It is imperative that the maritime community adapt to changing technologies and the changing threat landscape by recognizing the need for and implementing basic cyber hygiene measures.”

Marriott to Contest $124 Million Fine Imposed by UK Data Protection Regulator – SecurityWeek

  • Both Marriott and British Airways will be subject to fines of over a hundred million dollars in the UK under GDPR regulation, both stemming from data breaches in 2018. Marriott International says it will fight the fine.

Anaesthetic Devices ‘Vulnerable to Hackers’ – BBC

  • Security researchers at CyberMDX have found a vulnerability in a brand of widely used anesthetic machines. The Aespire and Aestiva 7100 and 7900 can be hacked and controlled from afar if left accessible on a hospital computer network. The makers of the machine have responded saying that there is “no direct patient risk.”

France Says Ransomware Attacks on Big Companies Are on the Rise – Bloomberg

  • The head of the office charged with fighting cyber threats in France says that large companies are increasingly the target of cyberattacks and ransomware demands but often don’t want to report the attacks for fear of hurting their public image.

And finally:

New Magecart Attacks Leverage Misconfigured S3 Buckets to Infect Over 17K Sites – ZDNet

  • Magecart, the troublemaking credit card skimming gangs behind a number of high-profile breaches like British Airways, has successfully infected over 17,000 domains since April. The shotgun approach being taken leading to such a huge number of infections is a change in tactics to previous methods of highly targeted attacks. This is likely down to both the ease at which the skimming software can be implemented, and poor website security hygiene on the domains’ side.

In Case You Missed It

5 Best Practices for Fast, Secure Wi-Fi on K-12 Campuses

When I was a high school student, bringing a smartphone into classrooms was not permitted. If you were caught with any electronic device, it would be confiscated. Pronto.

In this new digital era, schools are embracing this transformation everywhere. Classrooms are changing, with Wi-Fi being the primary form of internet access. Students, faculty and guests also use more than one device at a time, including laptops, tablets, wearables and smartphones. As the number of devices grow, it becomes critical to plan your K-12 networks effectively and future-proof it to be able to implement newer and safer technology.

If you’re expanding, upgrading or building a secure wireless network for K-12 campus or districts, review these five helpful best practices.

Plan for density

Secure Wi-Fi networks are often planned based on coverage. If the wireless signal simply covers a classroom it does not signify that it can actually handle the device density in that room. With students and faculty using multiple devices, the number of devices connected to a particular wireless access point increases. Ensure that you are prepared for max traffic density in your classroom — and across the entire campus.

How? As a first approach, ensure you have sufficient coverage and layer this with density. Use a site survey tool like the SonicWall WiFi Planner to make this process easier to visualize. Next, estimate where you find max device density, peak traffic and plan your Wi-Fi deployment around this.

Go cloud

More applications and functions are moving to the cloud (or are likely already there). For K-12 schools untethering Wi-Fi from their wireless controller or firewalls, the cloud offers powerful infrastructure and applications to simplify management and security.

By going this route, K-12 districts and schools have the flexibility to manage wireless security solutions from the cloud, scale limitlessly and also drive down TCO.

How? Transition to a cloud-managed wireless solution. The SonicWall wireless solution can be managed by the WiFi Cloud Manager, which is a scalable, centralized Wi-Fi network management system, simplifying wireless access, control and troubleshooting capabilities across networks of any size or region.

Accessible through SonicWall Capture Security Center (CSC), WiFi Cloud Manager unifies multiple tenants, locations and zones while simultaneously supporting tens of thousands of SonicWave wireless access points.

Single-pane-of-glass management

Managing multiple management dashboards is challenging as there is a high risk of things falling through the cracks. To avoid this and to streamline the process it is essential to have a single-pane-of-glass management system with real-time analytics to capture threats and abnormalities in your network. This type of management saves you time and helps you become proactive rather than reactive.

How? Empower yourself with the right management solution to govern your entire network security ecosystem from a single dashboard. Capture Security Center is a scalable cloud-based security management system that’s a built-in, ready-to-use component of your SonicWall product or service.

Capture Security Center features single sign-on (SSO) and single-pane-of-glass management. It integrates the functionality of the Capture Cloud Platform to deliver robust security management, analytics and real-time threat intelligence for your entire portfolio of network, email, mobile and cloud security resources.

Enable content filtering

Wi-Fi is an easy gateway for malicious attacks. It must be protected with the right encryption and security mechanisms. Create granular policies to ensure that students are protected against malicious and non-reputable websites.

How? Ensure that you enable content filtering on your network. SonicWall provides a Content Filtering Service (CFS) that compares requested sites against a massive database in the cloud containing millions of rated URLs, IP addresses and domains. It provides administrators with the tools to create and apply policies that allow or deny access to sites based on individual or group identity, or by time of day, for over 50 pre-defined categories.

Future-proof with the latest technology

Ensure that you deploy the latest wireless technology in your schools. Future-proofing secure Wi-Fi is the best way to ensure that you get your money’s worth in the long term while providing the best user experience.

How? This does not mean you have to rip and replace your entire existing network. It could be a gradual approach, wherein you upgrade only critical units based on your needs. Build your network on the latest certified wireless standard: 802.11ac wave 2. Future-proof with wireless access points that are 802.11ac Wave 2-capable.

Adhering to these best practices will make your WiFi network efficient and secure — all while saving you time and money.

Cyber Security News & Trends

This week, SonicWall data continues to drive innovation in the cybersecurity space, the biggest cybersecurity crises of 2019 so far, and FireEye reconsiders its choice of keynote speaker for this year’s Cyber Defense Summit following online backlash.

SonicWall Spotlight

Three-Tiered Security for the Internet of Things

  • Galvanized by data from the 2019 annual SonicWall Cyber Threat Report, which shows a rapid increase in Internet of Things (IoT) attacks, cybersecurity researchers are doubling down on efforts to improve security in IoT by tackling vulnerabilities in microcontroller units (MCUs). Avnet and Microsoft have partnered in one such effort, designing the infrastructure of hardware along with its software and cloud-ecosystem to deliver Azure Sphere.

SonicWall TZ300P Review: A Multi-Site Marvel – IT Pro

  • IT Pro reviews the SonicWall TZ300P, a versatile and affordable firewall, built with SMBs and remote offices in mind. The commendatory review concludes that the TZ300P delivers a “wealth of security measures at a great price.”

Cybersecurity News

The Biggest Cybersecurity Crises of 2019 So Far – Wired

  • From the Perceptics breach to LockerGoga to supply chain attacks on Microsoft and Asus, Wired provides an overview of the biggest cyberattacks reported in the first half of the year.

Hillary Clinton Withdraws From Cybersecurity Conference Speaking Gig, Citing ‘Unforeseen Circumstance’ – The Epoch Times

  • Following online backlash to a controversial keynote speaker announcement for this year’s FireEye Cyber Defense Summit, FireEye has announced in an email this week that Hillary Clinton will no longer be participating in this year’s conference as the keynote speaker citing “unforeseen circumstance.”

Hackers in Md. Breach Accessed Names, Social Security Numbers of up to 78,000 People – The Washington Post

  • A labor department breach in Maryland has resulted in the exposure of names and Social Security numbers belonging to as many as 78,000 people who received unemployment in 2012 or who sought a general equivalency diploma in recent years.

Confirmed: 2 Billion Records Exposed In Massive Smart Home Device Breach – Forbes

  • Researchers from vpnMentor have uncovered a database housing more than 2 billion logs containing everything from user passwords to account reset codes and even a “smart” camera recorded conversation. The database, belonging to Chinese company Orvibo, was not password protected.

US Border Agency Cuts Ties with Breached Surveillance Contractor – The Verge

  • US Customs and Border Protection has suspended all federal contracts with Perceptics, a surveillance contractor suspected of suffering a data breach first reported in May.

And finally:

WannaLocker Ransomware Found Combined with RAT and Banking Trojan – SC Magazine

  • Researchers are warning that a new version of WannaLocker – essentially a mobile derivative of WannaCry ransomware – has been enhanced with spyware, remote access trojan and banking trojan capabilities.

In Case You Missed It

Switch to SonicWall: 8 Reasons to Trade In Your Old Firewall

Choosing a cybersecurity provider you trust is no easy task. So many factors need to be considered, prioritized and balanced.

  • You need to stop cyberattacks, but want to ensure you’re with the right company.
  • You need a firewall, but want more than a hardware vendor.
  • You need a sandbox, but want to know it works without affecting performance or business operations.
  • You need to manage your ecosystem, but want to do it from a single view that’s accessible anywhere.
  • You need an end-to-end platform, but want to know it’s more than marketing buzz.
  • You need an enterprise-grade solution, but you want something that’s affordable with today’s tight budgets.

If you’re ready for a change, I ask that you consider SonicWall, a cybersecurity veteran with nearly three decades of experience stopping cyberattacks and defending organizations in the cyber arms race.

Explore the many real-world reasons customers of Cisco, Juniper, Sophos, and WatchGuard are switching to SonicWall for good. And not looking back.

SonicWall helps protect you everywhere. Automatically.

Cybersecurity layered across your organization.

SonicWall protects you from the perimeter to the endpoint. Our integrated Capture Cloud Platform scales automated real-time breach detection and prevention across email, wireless, wired, cloud and mobile networks.

Top-ranked firewalls with budget-saving TCO.

NSS Labs gave SonicWall a ‘Recommended’ rating and placement in the upper-right quadrant of the 2018 Security Value Map™ for next-generation firewalls. Security effectiveness and overall value helped SonicWall achieve the rating for the fifth time.

Multi-engine malware mitigation.

Through anti-evasion and ‘block until verdict’ capabilities, the multi-engine Capture Advanced Threat Protection (ATP) cloud sandbox ensures even the most advanced malware and cyberattacks are mitigated. Limited, single-engine approaches don’t deliver the same efficacy and scale of attack prevention.

Security against ‘never-before-seen’ attacks and processor threats.

Included in the Capture ATP sandbox service, SonicWall Real-Time Deep Memory Inspection (RTDMITM) identifies and mitigates memory-based attacks, including Meltdown, Spectre, Foreshadow, PortSmash and Spoiler exploits, malicious PDFs and Microsoft Office files.

Management and analytics via a ‘single pane of glass.’

SonicWall Capture Security Center offers the ultimate in visibility, agility and capacity to centrally govern the entire SonicWall security ecosystem with greater clarity, precision and speed — all from a single console.

Deep SSL and TLS inspection.

SonicWall DPI-SSL scans SSL/TLS traffic to properly decrypt, inspect, detect and mitigate hidden cyberattacks. Many vendors either can’t inspect encrypted traffic or force you to block all traffic to prevent attacks over HTTPs.

True ransomware protection.

SonicWall detects and prevents ransomware attacks — like Cerber, BadRabbit, Nemucod, WannaCry, Petya and NotPetya — before they can breach your network and encrypt your data.

Endpoint protection with automated rollback.

SonicWall Capture Client, powered by SentinelOne, is modern, next-generation endpoint protection for today’s hybrid environments. SentinelOne is the top-ranked endpoint protection technology in the NSS Labs Advanced Endpoint Protection (AEP) Security Value Map and received the coveted ‘Recommended’ rating.