This week, phishing dominated the headlines, as threat actors targeted Office 365 users and senior executives.
- This podcast on contact tracing technology includes commentary from Bill Conner, who discusses different types of security policies and why security and privacy are of paramount importance.
- Ireland Country Manager Tristan Bateup said SonicWall’s channel team in Ireland has been restructured to bring more roles into the country. “We’ve now got people in place in country from a sales and marketing, sales and engineering and obviously a country lead perspective.”
- More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials.
- New report puts a microscope on Evilnum, including its tools, techniques and potential ties to other cyberattackers.
- The Conti ransomware also abuses the Windows Restart Manager component to unlock apps and free up their data for encryption.
Persuasive Office 365 phishing uses fake Zoom suspension alerts — Bleeping Computer
- A new phishing campaign targets Microsoft Office 365 corporate users with notices that their Zoom accounts have been suspended, with the end goal of stealing Office 365 logins.
- Rob Joyce, former head of the NSA’s Tailored Access Operations elite hacking team, warns it’s time for admins to get busy to ensure protection from several exploitable issues, including unauthenticated access and RCE.
- Microsoft Corp. customers were targeted in a massive phishing campaign that has sought to defraud users in 62 countries since December, with recent emails attempting to exploit the pandemic.
- After hacking banks and cryptocurrency exchanges, orchestrating ATM cash-outs, and deploying ransomware, North Korean hackers have now set their sights on online stores.
Cerberus Banking Trojan Unleashed on Google Play — Threat Post
- The Cerberus malware can steal banking credentials, bypass security measures and access text messages.
- A group dubbed “Cosmic Lynx” uses surprisingly sophisticated methods — and targets big game.
- Threat actors have already started exploiting the F5 BIG-IP mega-bug, attempting to steal administrator passwords from the hacked devices
New Mac ransomware is even more sinister than it appears – Ars Technica
- ThiefQuest or EvilQuest can grab passwords and credit card numbers.
In Case You Missed It
- ‘3 & Free’ Promotion: The Easiest Way to Upgrade Your SonicWall Firewall for Free — Robert (Bob) VanKirk
- SonicWall EMEA 2020 Virtual Partner Events — Terry Greer-King
- COVID-19 Ushers in a New Era of Cybersecurity for Higher Ed — Bill Conner
- A Brief History of COVID-19 Related Attacks, Pt. 1 — Dmitriy Ayrapetov
- SonicWall’s Online Community Connects Cybersecurity Professionals — Micah Vorst