Cybersecurity News & Trends – 03-12-21

This week saw breaches on more than two dozen U.K. schools and universities, thousands of security cameras, Microsoft Exchange servers, and even hacking forums themselves.

SonicWall in the News

Ryuk Ransomware Is Now More Dangerous Than Ever. Here’s Why — Toolbox

• Ryuk, which has set organizations back by $150 million over the past three years, has acquired new capabilities that allow it to propagate across connected networks and systems, including those that are inactive or powered off.

Microsoft Cloud App Security Aims To Expand Your Defenses — TechTarget

• Data center security tools have little control over the plethora of SaaS apps used in the enterprise. A Microsoft offering attempts to bridge that gap to ward off threats.

Industry News

UPDATE: Hackers Breach Thousands of Security Cameras, Exposing Tesla, Jails, Hospitals — Bloomberg

• A group of hackers say they breached a massive trove of security camera data collected by Silicon Valley startup Verkada, Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.

Researchers Show First Side-Channel Attack Against Apple M1 Chips — Security Week

• Researchers have demonstrated that attackers could launch browser-based side-channel attacks that do not require JavaScript, and they’ve tested the method on a wide range of platforms, including devices that use Apple’s new M1 chip.

It’s Open Season for Microsoft Exchange Server Hacks — Wired

• A patch for the Exchange vulnerabilities China exploited has been released. Now criminal groups are going to reverse engineer it — if they haven’t already.

Dark Web Markets for Stolen Data See Banner Sales — Threat Post

• Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs.

EU Sets 2030 Goals to Secure Tech Sovereignty From U.S., Asia — Bloomberg

• The European Union outlined its digital goals for the next decade, including plans to develop and manufacture the world’s most advanced semiconductors by 2030 in an effort to reduce reliance on foreign companies.

A Basic Timeline of the Exchange Mass-Hack — Krebs on Security

• Brian Krebs breaks down the Microsoft Exchange attack timeline.

GandCrab ransomware affiliate arrested for phishing attacks — Bleeping Computer

• A suspected GandCrab ransomware operator was arrested in South Korea for using phishing emails to infect victims.

University of the Highlands and Islands shuts down campuses as it deals with ‘ongoing cyber incident’ — The Register

• In a message to students and staff, the institution, which spans 13 locations across the northernmost part of the UK, warned that “most services” – including its Brightspace virtual learning environment – were affected.

A new type of supply-chain attack with serious consequences is flourishing — Ars Technica

• New dependency confusion attacks take aim at Microsoft, Amazon, Slack, Lyft and Zillow.

Watchdog Warns of Weak Cybersecurity in DOD Weapons Contracts — Bloomberg

• A government watchdog warned that the U.S. military has failed to adequately include cybersecurity provisions in contracts for acquiring weapons systems. … “Some contracts we reviewed had no cybersecurity requirements when they were awarded, with vague requirements added later.”

Cyberattack shuts down online learning at 15 UK schools — ZDNet

• The cyberattack also took email, phone and website communication offline.

Three Top Russian Cybercrime Forums Hacked — Krebs on Security

• Over the past few weeks, three of the longest running and most venerated Russian-language forums, which serve thousands of experienced cybercriminals, have been hacked. In two of the intrusions, the attackers made off with the forums’ user databases, including email and Internet addresses and hashed passwords.

Ongoing phishing attacks target US brokers with fake FINRA audits — Bleeping Computer

• The U.S. Financial Industry Regulatory Authority (FINRA) has issued a regulatory notice warning U.S. brokerage firms and brokers of an ongoing phishing campaign using fake compliance audit alerts to harvest information.

Business Apps Spoofed in 45% of Impersonation Attacks — Dark Reading

• Business-related applications like those from Microsoft, Zoom and DocuSign are most often impersonated in brand phishing attacks.

Three New Malware Strains Linked to SolarWinds Hackers — Security Week

• The malware, named GoldMax, GoldFinder and Sibot, has been used to maintain persistence and for other “very specific” actions.

In Case You Missed It

• SonicWall NSa 2700 vs. Fortinet FortiGate 100F — Kayvon Sadeghi
• SonicWall Portfolio Racks Up 10 Industry-recognized Awards — Lindsey Lockhart
• 10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall — Srudi Dineshan
• Three SonicWall Executives Named to Annual CRN 2021 Channel Chiefs List — Lindsey Lockhart
• SonicWall Sweeps Six Industry Awards, Including Grand Trophy, at Network Product Guide 2020 IT World Awards — Brook Chelmo

Amber Wolff

Senior Digital Copywriter | SonicWall

Amber Wolff is the Senior Digital Copywriter for SonicWall. Prior to joining the SonicWall team, Amber was a cybersecurity blogger and content creator, covering a wide variety of products and topics surrounding enterprise security. She spent the earlier part of her career in advertising, where she wrote and edited for a number of national clients.