Cybersecurity News & Trends – 09-10-21
Global news outlets and bloggers continue to reference the Mid-Year Update to the 2021 SonicWall Cyber Threat Report and celebrate our 30th anniversary. Meanwhile, in industry news, the perfect ransomware victim, the biggest DDoS attack in history, phishing attacks are more numerous than we thought, the “FudCo” empire expands, hackers use our brains against us, and REvil has reappeared.
SonicWall in the News
What makes the perfect ransomware victim? — FinTech Global (U.K.)
- Report about Kela, a cybersecurity company in the U.K. that studied profiles of victims of significant ransomware attacks. The report named the Mid-Year Update to the 2021 SonicWall Cyber Threat Report as it noted how the number of ransomware attacks in 2021 outperformed the entire year of 2020.
The Rise in Ransomware: HAUSER Insurance Wants You to Know the Risks — American Reporter
- This report asks, “Are we actually seeing an increase in ransomware attacks, or are they just becoming more high-profile? According to experts, the answer is both. The Mid-Year Update to the 2021 SonicWall Cyber Threat Report shows that ransomware attacks rose by 62% worldwide and 158% in North America alone between 2019 and 2020.
Tips for SMEs: What to do in the event of a ransomware attack — ITUser (Spain)
- According to Excem, small and medium-sized companies are particularly vulnerable to ransomware attacks as they do not have sufficient human, technological and financial resources to protect themselves.
The Rise of Ransomware and How the Education Sector Can Protect Itself — FENews (U.K.)
- Cybercrime has grown tremendously in recent years, and the education sector is no exception. The report uses the Mid-Year Update to the 2021 SonicWall Cyber Threat Report on how severe the threat is for education.
SonicWall turns 30 — Computing Es (Spain)
- The cybersecurity veteran reflects on the vision, people, technology, customers, and partners that have shaped the company over three decades. In addition, the report mentions SonicWall’s celebrated legacy of product innovation, channel-based DNA, and cybersecurity innovations.
SonicWall celebrates three decades of innovation as a 100% channel company — ITReseller (Spain)
- The report quotes Bill Conner, president and SEO of SonicWall: SonicWall has demonstrated over three decades that its mission is to ensure the long-term success of its customers, partners and employees.
SonicWall, three decades of cybersecurity innovation — Newsbook
- SonicWall just celebrated 30 years in the cybersecurity market. Three decades dedicated to security innovation to tackle digital criminals.
Cybersecurity pioneer celebrates three decades of innovation — CyberSecurity
- Cybersecurity veteran reflects on the vision, people, technology, customers and partners that have shaped the company over three decades.
Stellar Cyber: Partners with SonicWall for Advanced Prevention, Response — MarketScreener (U.S.)
- Partnership delivers seamless integration between advanced prevention technology from SonicWall and AI-powered detection and automated response technology from Stellar Cyber.
SonicWall has been an attractive partner for the channel for 30 years — Infopoint Security (DACH)
- The article reports on the development of the SonicWall Partner Programme, the SonicWall University, and the SonicWall MSSP Programme.
Industry News
Russia’s Yandex says it repelled biggest DDoS attack in history — Reuters
- Russian tech giant Yandex reported “the largest known distributed denial-of-service (DDoS) attack in the history of the Internet.” The attack began in August and peaked on Sept 5, with more than 22 million requests per second sent to the company’s servers.
South African Justice Department Is Hit by Ransomware Attack — Bloomberg
- South Africa’s Justice Department said its systems were attacked by a ransomware campaign earlier this week. All of the department’s information systems were encrypted and unavailable.
Russian cybercrime continues as government-backed attacks on companies dwindle, CrowdStrike says — Cyberscoop
- The Russian approach to hacking shifted considerably over the past year, with state-sponsored attacks on commercial organizations dropping off even as the local cybercrime scene dominated the field, CrowdStrike said in a report Wednesday.
Ukrainian extradited to U.S. for allegedly selling computer credentials: DOJ — The Hill
- The Department of Justice (DOJ) announced Wednesday that a Ukrainian hacker was extradited to the U.S. for allegedly selling computer passwords on the dark web. If convicted, Ivanov-Tolpintsev faces up to 17 years in federal prison.
U.S. Gov Seeks Public Feedback on Draft Federal Zero Trust Strategy — Security Week
- THIS WEEK, the U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) announced they are seeking public feedback on draft zero-trust strategic and technical documentation.
SideWalk Backdoor Linked to China-linked Spy Group’ Grayfly’ — Threat Post
- Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the U.S. and Mexico and target Exchange and MySQL servers. The attack revealed a “novel backdoor technique” that security experts dubbed “SideWalk.”
Microsoft: Attackers Exploiting Windows Zero-Day Flaw — Krebs on Security
- Microsoft warned that attackers are exploiting a previously unknown vulnerability in Windows 10 and several Windows Server versions. The attack seizes control over P.C.s when users open a malicious document or visit a booby-trapped website.
Phishing attacks: One in three suspect emails reported by employees really are malicious — ZDNet
- Up to a third of emails that were flagged as suspicious by employees were actually a threat, according to a new report released by F-Secure, an I.T. security company based in Finland. The analysis involved more than 200,000 emails during the first half of 2021.
Ransomware gang threatens to leak data if victim contacts FBI, police — Bleeping Computer
- The Ragnar ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities. Ragnar previously hit prominent companies with ransomware attacks, demanding millions of dollars in ransom payment.
CISA Issues Guidelines on Choosing a Managed Service Provider — Security Week
- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued new guidelines for government and private organizations to consider when looking to outsource services to a Managed Service Provider (MSP).
- If you were a student, employee or contractor of The Dallas Independent School District between 2010 and the present, your personal data was likely downloaded by an “unauthorized third party.”
Tech Industry Seeks Bigger Role in Defense. Not Everyone Is on Board — The Wall Street Journal
- Tech-industry leaders are pushing the Pentagon to adopt commercially developed technologies on a grand scale to counter the rise of China. This initiative could transform the military and the multibillion-dollar defense-contracting business.
“FudCo” Spam Empire Tied to Pakistani Software Firm — Krebs on Security
- In May 2015, KrebsOnSecurity briefly profiled “The Manipulators,” the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting hosting and deploying malicious email. Six years later, a review of the social media postings from this group shows they are prospering. Brian Krebs reports.
Howard University shuts down network after ransomware attack — Cyberscoop
- In Washington, the private Howard University disclosed that it suffered a ransomware attack late last week and is currently working to restore affected systems.
New Zealand banks, post office hit by outages in apparent cyberattack — Reuters
- Websites of several financial institutions in New Zealand and its national postal service were briefly down on Wednesday, with officials saying they were battling a cyberattack.
How Hackers Use Our Brains Against Us — The Wall Street Journal
- Cybercriminals take advantage of the unconscious processes that we all use to make decision-making more efficient. Blame it on our “lizard brains.”
Notorious Russian Ransomware Group ‘REvil’ Has Reappeared — Bloomberg
- After vanishing this summer, the infamous criminal ransomware group behind the JBS SA cyberattack has returned to the dark web.
Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role — Bloomberg
- Tech company installed a flawed NSA algorithm that became a perfect example of the danger of government backdoors.’
Guntrader breach perp: I don’t think it’s a crime to dump 111k people’s details online in Google Earth format — The Register
- A “pseudonymous person” reformatted Guntrader hack data as a Google Earth-compatible CSV and said they are prepared to go to prison, denying their actions are a criminal offense.
In Case You Missed It
- IoT Devices: If You Connect It, Protect It – Amber Wolff
- The Halfway Point: How Cybercrime Has Impacted Government in 2021 – Amber Wolff
- Elevating SonicWall to the Cloud – Jayant Thakre
- How Cybercrime Impacted Education in 2021 – Amber Wolff
- From Sonic Systems to SonicWall: 30 Years of Cybersecurity Evolution – Amber Wolff
- The Top 12 Cybersecurity Books – Recommendations from SonicWall Leadership and Employees – Ray Wyman
- SonicWall Earns Another Perfect Score from ICSA Labs for Q2 — Amber Wolff
- SonicWall President and CEO Bill Conner Recognized on CRN’s 2021 Top 100 Executives List — Lindsey Lockhart
- Latest Cyber Threat Intelligence Shows Ransomware Skyrocketing – Amber Wolff
- SonicWall Fortifies Cloud Edge Secure Access with Device Compliance Check and Network Traffic Control – Sony Kogin
- New SonicWall NSsp 13700 Firewall: Security for Large Enterprises – Ajay Uggirala
- SonicWall Announces Capture Labs Portal – Brook Chelmo