Cybersecurity News & Trends – 07-17-20


This week, between breaches at Twitter, compromise at Citrix and cyberattacks against COVID-19 vaccine manufacturers, the case for a U.S. national cyber director got even stronger.

SonicWall Spotlight

Russian Cyber Espionage Group is Trying to Steal U.S. COVID-19 Vaccine Research — Newsweek International

  • SonicWall CEO and GCHQ advisor Bill Conner said, “Russia happens to be the first country placed in the spotlight, but it was only a matter of time before a nation state resorted to cybercrime to influence or control global healthcare during a time of great need. … [Cyber] criminals tend to follow the money trail, thus putting a massive bounty on anything vaccine-related.”

Cybersecurity News

Honeywell Sees Rise in USB-Borne Malware That Can Cause Major ICS Disruption — Security Week

  • Honeywell says it has seen a significant increase over the past year in USB-borne malware that can cause disruption to industrial control systems.

Malware adds online sandbox detection to evade analysis — Bleeping Computer

  • Malware developers are now using Any.Run malware analysis service in an attempt to prevent their malware from being easily analyzed by researchers.

This botnet has surged back into action spreading a new ransomware campaign via phishing emails — ZDNet

  • There’s been a big jump in Phorpiex botnet activity – but it’s a trojan malware attack that was the most common malware campaign in June.

New AgeLocker Ransomware uses Googler’s utility to encrypt files — Bleeping Computer

  • A new and targeted ransomware named AgeLocker utilizes the ‘Age’ encryption tool created by a Google employee to encrypt victims’ files.

The case for a National Cyber Director — Cyberscoop

  • Although the effects of COVID-19 will last for years, it’s already clear that shifting more activity online has increased our society’s digital dependence even faster than expected.

‘DdoS-For-Hire’ Is Fueling a New Wave of Attacks — Wired

  • Turf wars are heating up over routers that fuel distributed DDoS attacks.

New Mirai Variant Surfaces with Exploits for 9 Vulnerabilities Products — Dark Reading

  • Impacted products include routers, IP cameras, DVRs, and smart TVs.

TrickBot malware mistakenly warns victims that they are infected — Bleeping Computer

  • The notorious TrickBot malware accidentally included a test module that’s warning victims that they are infected and should contact their administrator.

Russian Hackers Blamed for Attacks on Vaccine-Related Targets — The Wall Street Journal

  • U.S. and U.K. government officials said a prominent state-backed Russian hacking group is responsible for ongoing cyberattacks against organizations involved in the development of coronavirus vaccines and other healthcare-related work.

A Brazen Online Attack Targets V.I.P. Twitter Users in a Bitcoin Scam — The New York Times

  • In a major show of force, hackers breached some of the site’s most prominent accounts, a Who’s Who of Americans in politics, entertainment and tech.

Citrix: No breach, hacker stole business info from third party — Bleeping Computer

  • Citrix has published an official statement to deny claims that the company’s network was breached by a malicious actor who says that he was also able to steal customer information.

In Case You Missed It

Amber Wolff
Senior Digital Copywriter | SonicWall
Amber Wolff is the Senior Digital Copywriter for SonicWall. Prior to joining the SonicWall team, Amber was a cybersecurity blogger and content creator, covering a wide variety of products and topics surrounding enterprise security. She spent the earlier part of her career in advertising, where she wrote and edited for a number of national clients.