Today is National Pizza Party Day – we hope you’re prepared. SonicWall has been having a party in the media this week with SC Magazine naming a SonicWall firewall to its finalists for “Best SME Security Solution.” Gearrice cited data from the 2023 Cyber Threat Report, Enterprise Networking Planet named the TZ400 in a top 10 list and ITPro quoted SonicWall Senior Manager of Product Security Immanuel Chavoya on the Capita breach.
In industry news, Bleeping Computer discussed fears about Google’s new domains. CyberScoop had the details on Congress entrusting CISA with new responsibilities. TechCrunch had the lowdown on the indictment of a major Russian ransomware player. Dark Reading had information on a new threat group targeting Microsoft Azure virtual machines.
Remember to keep your passwords close and your eyes peeled – cybersecurity is everyone’s responsibility.
ITPro, SonicWall News: Immanuel Chavoya, senior manager of product security at SonicWall told ITPro that the latest update highlights the potential long-term impact that this breach could have on Capita partner organizations.
The outsourcing giant provides services for both public and private sector clients, including the UK Ministry of Defence. “Cyber attacks such as the one on Capita require a bit of long-tail analysis to capture a clear understanding of impact, but what is known is that the ripple effect of a cyber attack like the one on Capita can be far-reaching, extending beyond the organization itself to shake customer trust, disrupt essential services, and reverberate throughout communities.”
Enterprise Networking Planet, SonicWall News: The SonicWall TZ400 is a mid-range, enterprise-grade security firewall designed to protect small to midsize businesses. It supports up to 150,000 maximum connections, 6,000 new connections per second, and 7×1-Gbe. The TZ400 features 1.3 Gbps firewall inspection throughput, 1.2 Gbps application inspection throughput, 900 Mbps IPS throughput, 900 Mbps VPN throughput, and 600 Mbps threat prevention throughput.
Connecting a home can be a headache: some smart devices still don’t integrate and are a prime target for cybercriminals
Gearrice, SonicWall News: In the case of the connected house, precisely cyberattacks on smart home devices increased 87% globally last year according to data from SonicWall, which places the Smart Home as the segment with the highest growth within the set of malware.
SC Magazine, SonicWall News: SonicWall’s next-generation firewall, the SonicWall TZ, which offers converged network security, multi-gigabit interfaces, TLS 1.3, and 5G readiness while providing high-speed threat prevention. This firewall has superior technology, next-gen hardware and SonicOS 7.0 support, enhanced features, and groundbreaking performance.
Channel Life, SonicWall News: In fact, in the first half of 2022, SonicWall detected 270,228 never-before-seen malware variants. That’s an average of 1,500 new variants per day. However, new personalized training that combines machine learning and behavioral science can teach people to see the patterns or architecture commonly part of a threat.
Channel Futures, SonicWall News: “For me, SonicWall is a 30-year industry legend in cybersecurity, one of the hottest topics right now obviously for many MSPs and MSSPs, and customers and partners around the world,” she said. “And SonicWall is sort of this amazing kind of comeback story because they had their acquisition and now they’re private again. And this is not the SonicWall of yesteryear. They have new leadership. They’re reimagining how they go to market (GTM)…”
CRN, SonicWall News: SonicWall is delighted to share that CRN has honored four SonicWall team members on its 2023 Women of the Channel List. SonicWall’s new Vice President of North American Channels Michelle Ragusa-McBain, Regional Channel Sales Director Elizabeth Reynolds, Senior Manager Inside Sales Carlien de Vries and Senior Product Marketing Manager Sarah Choi were recognized for their incredible accomplishments in the IT channel.
Risk Management, SonicWall News: Cybercriminals monetize their activities via ransomware, and the tactic, which blocks access to systems or data until a ransom is paid, is being used against companies of all sizes. In 2022, there were nearly 500 million ransomware attacks worldwide, according to SonicWall.
GovInfoSecurity, SonicWall News: Bob VanKirk, president and CEO, SonicWall, highlighted the need for SMBs to have access to the right set of tools and resources to defend their companies and protect their brands. In order to ensure cybersecurity, VanKirk said, organizations must have all the threat data at their fingertips, whether it be a firewall, endpoint or remote access, and have analytics across all those areas.
ChannelPro, SonicWall News: SonicWall has named Michelle Ragusa-McBain its new channel chief for North America. The hiring is one of several measures, along with the forthcoming introduction of a revamped partner program, aimed at expanding the company’s MSP channel, according to Jason Carter, SonicWall’s CRO.
CRN, SonicWall News: SonicWall has hired Cisco Systems veteran Michelle Ragusa-McBain to oversee its large North America channel, as the cybersecurity vendor looks to “reimagine” its business with the help of partners, she said in an interview with CRN.
ChannelFutures, SonicWall News: Ragusa-McBain’s goal is to enable partners to grow and profit with the “boundless shift to cybersecurity.” SonicWall announced her appointment at this week’s Channel Partners Conference & Expo, co-located with MSP Summit.
Google’s New ZIP and MOV Domains Could be Dangerous
Google recently introduced a line of new top-level domains (TLD) that are available for purchase that include domains ending in “.zip” and “.mov”, which are also common file types. Cybersecurity and IT experts are warning that widespread use of domains ending in those letters could lead to easy ways for threat actors to spread malicious files. A threat actor could conceivably own a domain that shares a name with a commonly downloaded file online. A potential victim may mistakenly go to the website when intending to download the real file, which could lead to the victim installing malicious software or being otherwise taken advantage of. According to Bleeping Computer, this type of threat is already being utilized in the wild with a fake website ending in “.zip” attempting to steal Microsoft credentials. Only time will tell how these TLDs will affect the cybersecurity world.
CISA’s Responsibilities Expand Under Newly Passed Bills
Congress passed a series of new bills this week that will give the Cybersecurity and Infrastructure Security Agency (CISA) some new responsibilities. According to CyberScoop, the bills would have CISA maintaining a commercial public satellite clearinghouse system and creating a list of recommendations for the space industry as well as piloting a civilian cyber reserve program to be activated in a cyber emergency. Another committee advanced a bill that would have CISA work directly with the open-source software community to design a framework for better assessing the general risks for federal agencies. A separate bill would allow CISA to train non-cybersecurity employees at the Department of Homeland Security to move into cybersecurity roles. CISA’s expanded responsibilities should help address some of the pain points in cybersecurity across the US and in government in particular.
Major Russian Ransomware Culprit Indicted by US
Authorities in the United States have officially indicted a Russian national who they believe was a major player in the development and deployment of the Babuk, Hive and LockBit ransomware variants. The alleged cybercriminal, whose real name is Mikhail Matveev, was purportedly a member of the Babuk ransomware gang since 2020. In 2021, he claimed responsibility for an attack on Washington D.C.’s police department. Online, Matveev goes by “Wazawaka” and “Boriselcin.” TechCrunch stated that the gang also claimed an attack on law enforcement in New Jersey as well as against a healthcare organization in 2020. Matveev has been involved in countless attacks across the globe including one such instance where he demanded that the Costa Rican government be overthrown. There is currently a $10 million reward for information that leads to Matveev’s arrest. If he’s convicted, he could be locked away for up to 20 years.
Hacker Group Targeting Microsoft Azure Virtual Machines
A hacker group tracked by Mandiant Intelligence as UNC3844 has begun hacking Microsoft Azure virtual machines. The group had already made a splash by targeting Azure cloud environments specifically, but the move to virtual machines has helped them evade detections. The group typically uses compromised credentials or smishing to get access before utilizing SIM swapping to gain full access. Researchers at Mandiant stated that they had observed the threat actors using Azure extensions to plot and steal within the cloud environment. The group eventually installed legitimate remote tools to maintain a presence within the environment. This makes it especially difficult to detect because they’re using legitimate tools and applications. Organizations need to work to prevent targeted smishing campaigns to deter these types of attacks from happening. Mandiant recommended that businesses restrict access to remote admin channels and disable SMS as a multi-factor authentication option.
Is Red/Blue Teaming Right for Your Network? – Stephan Kaiser
The RSA Report: Boots on the Ground – Amber Wolff
The RSA Report – New Tactics, New Technologies – Amber Wolff
The RSA Report: The Road to RSA – Amber Wolff
RSA 2023: What “Stronger Together” Means With SonicWall – Amber Wolff
Cybersecurity: Preventing Disaster from Being Online – Ray Wyman Jr