Cybersecurity News & Trends – 12-11-20

This week, cybersecurity news moved to the federal level as nation-state hacking and international cybersecurity cooperation made headlines.

SonicWall in the News

SonicWall Wins Six Prestigious Awards In The 15th Annual Network Product Guide’s 2020 IT World Awards — SonicWall Press Release

• SonicWall has swept six industry awards at the 15^th Annual Network Product Guide’s 2020 IT World Awards, including the coveted Grand Trophy distinction for having exhibited overall excellence in diverse categories.

An Outside View of Cybersecurity ‘Inside the Beltway’ — Federal News Network

• Federal News Network shared a podcast interview with SonicWall President and CEO Bill Conner on the persistent threats impacting the federal space and how ransomware and IoT will impact federal IT systems moving forward.

FDA Approval Is Not The Only Vaccine Challenge — Industry Week

• Bill Conner explains how cybercriminals could impact the vaccine supply chain if a successful attack is to occur, and what organizations need to do to defend themselves.

Healthcare in Crisis: Diagnosing Cybersecurity Shortcomings in Unprecedented Times — Threatpost

• The pandemic’s unprecedented impact on healthcare lay bare the gaping holes in the healthcare industry’s cybersecurity defenses — and security experts say the fallout will impact the healthcare industry well into 2021.

Industry News

Russian hackers hide Zebrocy malware in virtual disk images — Bleeping Computer

• Russian-speaking hackers behind Zebrocy malware have changed their technique and are now packing the threats in virtual hard drives (VHD) to avoid detection.

Ransomware gangs are getting faster at encrypting networks. That will make them harder to stop — ZDNet

• The window for finding attackers on your network before ransomware is deployed is getting much smaller.

Russia’s FireEye Hack Is a Statement—but Not a Catastrophe — Wired

• The cybersecurity firm has acknowledged that it has itself been the victim of a breach — and that the attackers made off with some of its offensive tools.

Norwegian police implicate Fancy Bear in parliament hack, describe ‘brute forcing’ of email accounts — Cyberscoop

• In their accusation of Russian involvement in an August cyberattack on Norwegian parliament, authorities have implicated the same notorious group accused of interfering in the 2016 U.S. election.

Critical Flaws in Millions of IoT Devices May Never Get Fixed — Wired

• Amnesia:33 is the latest in a long line of vulnerabilities that affect countless embedded devices.

Credit card stealing malware bundles backdoor for easy reinstall — Bleeping Computer

• An almost-impossible-to-remove malware, programmed to automatically activate on Black Friday, was deployed on multiple Magento-powered online stores.

The EU is making overtures about cybersecurity collaboration under Biden — Cyberscoop

• European Union members convened in an effort to take stock of the U.S. presidential election and plan how to best jumpstart cooperation with the incoming Biden administration on matters including cybersecurity.

U.S. National Security Agency warns of Russian hacking against VMware products — Reuters

• A new cybersecurity alert from the U.S. National Security Agency warns that Russian “state-sponsored” hackers are actively exploiting a software vulnerability in multiple products made by cloud computing company VMware Inc.

Iranian Hackers Access Unprotected ICS at Israeli Water Facility — Security Week

• A group of Iranian hackers recently posted a video showing how they managed to access an industrial control system at a water facility in Israel.

Man Pleads Guilty to Role in Malware Protection Scam — Security Week

• A man has pleaded guilty to his role in a computer protection services scam that cheated victims out of nearly $1 million by misleading them into believing that malware had been detected on their computers.

U.S. and Australia to develop shared cyberattack training platform — Bleeping Computer

• The U.S. and Australia have signed a first-ever bilateral agreement that allows the U.S. Cyber Command and Australia’s Information Warfare Division to jointly develop and share a virtual cyber training platform.

Android apps with millions of downloads are vulnerable to serious attacks — Ars Technica

• Android apps with hundreds of millions of downloads are vulnerable to attacks that allow malicious apps to steal contacts, login credentials, private messages and other sensitive information.

Home Offices Face Bigger Cyber Threat, Biden Top Economist Warns — Bloomberg

• Brian Deese, chosen by Biden to lead the National Economic Council, said in an interview broadcast Wednesday, “The risk of operating from home offices in terms of cyberattacks is exponentially greater.”

In Case You Missed It

• SonicWall Sweeps Six Industry Awards, Including Grand Trophy, at Network Product Guide 2020 IT World Awards — Brook Chelmo
• SonicWall Celebrates 20 Years of Delivering World-Class Cybersecurity Solutions in Mexico — Eustolio Villalobos
• SMA100 Series Cloud Management and Reporting 1.0 Delivers Simplicity and Visibility — Agasthiamani Sankaran
• Defending Against Tomorrow’s APTs — Brook Chelmo
• Cybersecurity Alphabet Soup: SDP, ZTNA and SASE — Jayant Thakre

Amber Wolff

Senior Digital Copywriter | SonicWall

Amber Wolff is the Senior Digital Copywriter for SonicWall. Prior to joining the SonicWall team, Amber was a cybersecurity blogger and content creator, covering a wide variety of products and topics surrounding enterprise security. She spent the earlier part of her career in advertising, where she wrote and edited for a number of national clients.