Cybersecurity News & Trends – 03-26-21

This week — with higher education institutions and electricity companies on high alert, and with the Microsoft Exchange server crisis raging on — it’s no wonder 82% say cyberterrorism is America’s top potential threat.

SonicWall in the News

IoT malware attacks saw a huge rise last year — Techradar

• As the number of consumer-oriented IoT devices grows, data from SonicWall’s 2021 Cyber Threat Report suggests, IoT malware has been on the rise.

Phishing Email Warning Shows Cybercriminals Seizing on Tax Filing Delay, Vaccine Rollout Gallery — Channel Futures

• Dmitriy Ayrapetov explains how bad actors are targeting vaccine distribution and takes a closer look at the threats caused by the remote workforce.

ICYMI: Our Channel News Roundup For the Week of March 15 — ChannelPro Network

• SonicWall’s 2021 Cyber Threat Report was included in ChannelPro Network’s weekly news roundup.

India Saw Largest Spike In Malware Attacks In 2020: Report — ET CISO

• This article features the findings from SonicWall’s 2021 Cyber Threat Report.
  * The article was syndicated on ET Government, ET Telecom, ET CIO and Telecom Live

A Pandemic Of Email Scams — Financial Times

• SonicWall recently reported a 62% increase in ransomware attacks last year and a 74% increase in malware variants.

New SonicWall 2020 Research Shows Cyber Arms Race At Tipping Point — CIO Review India

• This article spotlights SonicWall’s 2021 Cyber Threat Report.

Industry News

Lawmakers reintroduce legislation to secure internet-connected devices — The Hill

• The Cyber Shield Act would create a voluntary cybersecurity certification program for IoT devices.

Ransomware operators are piling on already hacked Exchange servers — Ars Technica

• The fallout from the Microsoft Exchange server crisis isn’t abating just yet.

Purple Fox Malware Targets Windows Machines With New Worm Capabilities — Threat Post

• A new infection vector from the established malware puts internet-facing Windows systems at risk from SMB password brute-forcing.

Thousands of Exchange servers breached prior to patching, CISA boss says — Cyberscoop

• A U.S. government cybersecurity official has warned organizations not to have a false sense of security when it comes to vulnerabilities in Microsoft Exchange Server software, noting that “thousands” of computer servers with updated software had already been breached.

Covid-19: Vaccines and vaccine passports being sold on darknet — BBC

• Researchers say they have seen a “sharp increase” in vaccine-related darknet adverts, while the BBC has been unable to determine whether the vaccines being sold there are real.

UK colleges and unis urged to prepare for ransomware before it’s too late — The Register

• There’s been an uptick in attacks since schools reopened, warns National Cyber Security Centre

Electricity Distribution Systems at Increasing Risk of Cyberattacks, GAO Warns — Security Week

• A newly published report form the U.S. Government Accountability Office describes the risks of cyberattacks on the electricity grid’s distribution systems, along with the scale of the potential impact of such attacks.

8 in 10 say cyberterrorism is top potential threat: Gallup — The Hill

• According to the survey, 82% of respondents said cyberterrorism is a critical threat to the U.S.

TikTok Doesn’t Pose Overt U.S. National Security Threat, Researchers Say — The New York Times

• A new study by university cybersecurity researchers found that the computer code underlying the TikTok app doesn’t pose an overt national security threat to the U.S.

Acer reportedly targeted with $50 million ransomware attack — ZDNet

• The REvil ransomware gang has published various Acer documents, such as financial spreadsheets, bank balances and bank communications.

FBI warns of BEC attacks increasingly targeting US govt orgs — Bleeping Computer

• The Federal Bureau of Investigation is warning U.S. private sector companies about an increase in business email compromise (BEC) attacks targeting state, local, tribal, and territorial (SLTT) government entities.

Microsoft Defender Antivirus now automatically mitigates Exchange Server vulnerabilities — ZDNet

• Mitigation fixes will be applied automatically in a renewed effort by Microsoft to contain security incidents caused by the bugs.

SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests — ZDNet

• Existing victim networks are used as a novel form of sandbox, as cybercriminals exploit them to test out payloads.

In Case You Missed It

• Accelerated SonicWall Portfolio Expansion Delivers Enterprise-Grade Protection, Lower TCO — Atul Dhablania
• Capture Client 3.6: Big Sur, But Safer — Brook Chelmo
• New SonicWall NSa 3700: The Latest Next-Generation Firewall for Medium Enterprises — Ajay Uggirala
• Announcing Wireless Network Manager for Unified Wired and Wireless Management — Srudi Dineshan
• NSM On-Prem vs. NSM SaaS: Which Is Best for You? — Suriti Singh
• CSa 1.2: Advanced, Closed-Network Threat Protection — Brook Chelmo
• Hafnium Uses Zero-Day Vulnerabilities Against Microsoft Exchange: What to Do Next — SonicWall Staff

Amber Wolff

Senior Digital Copywriter | SonicWall

Amber Wolff is the Senior Digital Copywriter for SonicWall. Prior to joining the SonicWall team, Amber was a cybersecurity blogger and content creator, covering a wide variety of products and topics surrounding enterprise security. She spent the earlier part of her career in advertising, where she wrote and edited for a number of national clients.