Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.
We’re nearing the end of February, and SonicWall is still receiving positive press. Cyber Security Intelligence looked to SonicWall for data on higher education. CRN discussed SonicWall’s plans for 2023 and some of the features of the NSa 5700. Utah Pulse discusses our data on healthcare and education.
In industry news, Dark Reading reported on a U.S. military email server being exposed and Google bug bounty programs setting records. Hacker News has the scoop on the spam and phishing attacks at NPM. Bleeping Computer covered Activision’s phishing attack as well as a multi-year breach at GoDaddy.
Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.
Utah Pulse, SonicWall News: SonicWall reports a 328% YoY increase in healthcare ransomware attacks in 2022, and healthcare and education are expected to be among the most targeted sectors in 2023. The expanding IoT footprint in these sectors is predicted to make them more vulnerable to digital attacks, increasing the risk to critical infrastructure.
CRN, SonicWall News: Key offerings from SonicWall in the realm of next-generation firewalls include the SonicWall NSa 5700, which utilizes a scalable hardware architecture designed to fit in a single rack-mountable unit. The high port density of the NSa 5700 includes multiple 10-Gigabit Ethernet and 1-Gigabit Ethernet fiber and copper interfaces.
CRN, SonicWall News: One of the biggest opportunities we will be tackling with our partners is providing a broader set of unified and cost-effective solutions that fully secure the evolving network perimeter. For many of our partners and customers, 2023 will represent a period of cautious and informed investment in IT and security – customers will demand more bang for their security buck.
Cyber Security Intelligence, SonicWall News: According to research carried out by threat analysts at SonicWall there was a 51% increase in ransomware attacks within the education sector in 2022. They predicted the education sector to be among the most targeted by cyber criminals in 2023. This is certainly proving to be true so far.
SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of SonicWall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.
SiliconRepublic, SonicWall News: In recent AI predictions for 2023, experts such as Immanuel Chavoya of SonicWall said new software will give threat actors the ability to quickly exploit vulnerabilities and reduce the technical expertise required “down to a five-year-old level.”
SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of Sonicwall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.
ITPro, SonicWall News: In 2020 – the third year of it being considered a major strain – security firm SonicWall revealed it was behind a third of ransomware attacks worldwide for the year.
GQ Brasil, SonicWall News: Arley Brogiato, director for Latin America and the Caribbean of the multinational security company SonicWall, does not exclude the possibility of these attacks reaching Brazilian companies, but says he is surprised by the alerts and the dissemination of the news, which on the morning of last Monday (6) competed with football game calendars and the price of cooking gas in Manaus the most sought after Google Trends.
SonicWall Blog, SonicWall News: SonicWall Chief Revenue Officer (CRO) Jason Carter and Vice President Americas Channel Sales Matt Brennan have been named to CRN’s 2023 Channel Chiefs list. Every year, CRN honors the IT channel executives who drive the channel success and evangelize the importance of channel partnerships within the IT industry.
Challenges For Startups in The IoT Sector
TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.
Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.
Activision Breached Following Phishing Attack
Gaming giant Activision revealed that they were the victim of a data breach in December 2022 exposing employee and game info. According to Bleeping Computer, hackers gained access to their systems by using a phishing SMS that successfully tricked an employee. No source data or player info was exposed in the leak. A research group called VX-Underground claims that sensitive employee information as well the companies release schedule up to November 2023 was stolen in the attack. Insider Gaming reported that the compromised employee was in the human resources department which netted the attackers access to large amounts of sensitive employee data.
Google Bug Bounties Break Records
Last year, Google awarded more than $12 million to ethical hackers and researchers for bug bounties while addressing over 2,900 vulnerabilities in its products. According to Dark Reading, that total eclipses the previous years dollar amount of $8.5 million. Bug bounties in the Android ecosystem alone netted white hats $4.8 million. Google released their annual Vulnerability Reward Program (VRP) report, and it showed multiple segments of their VRP set records in 2022.
U.S. Military Emails Exposed Due to Password Mishap
A cloud-based email server for the Department of Defense spent two weeks without password protection leaving it wide open to the public. A security researcher spotted the server and noticed sensitive information in the emails. According to Dark Reading, the email server appeared to be configured improperly. It’s not known if anyone aside from the security researcher found the exposed data during the two-week period it was unprotected. There was no classified data leaked from the server.
NPM Repository Attacked with Spam and Phishing Links
GoDaddy Reveals They Suffered Multi-year Breach
Popular web hosting company GoDaddy has been the victim of a multi-year breach that has resulted in their source code being stolen. GoDaddy says currently unknown attackers placed malware on their servers after infiltrating them. The attack was discovered in December 2022 when some GoDaddy users reported that their domains were now being redirected to random websites. While it was only discovered in December, GoDaddy revealed that the attackers had access to their networks for multiple years. According to Bleeping Computer, the breaches that GoDaddy experienced in November 2021 and March 2020 are related to this multi-year breach. GoDaddy has enlisted the help of external cybersecurity experts and law enforcement to investigate the cause of the incident.
Celebrating 2023 With Expanded “3 & Free” – Matt Brennan
The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman
Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah
SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald
A New Era of Partnering to Win – Robert (Bob) VanKirk
Multiply Your Security with Multifactor Authentication – Amber Wolff