SonicWall's weekly Cybersecurity News and Trends.

Cybersecurity News & Trends – 05-19-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.


Today is National Pizza Party Day – we hope you’re prepared. SonicWall has been having a party in the media this week with SC Magazine naming a SonicWall firewall to its finalists for “Best SME Security Solution.” Gearrice cited data from the 2023 Cyber Threat Report, Enterprise Networking Planet named the TZ400 in a top 10 list and ITPro quoted SonicWall Senior Manager of Product Security Immanuel Chavoya on the Capita breach.

In industry news, Bleeping Computer discussed fears about Google’s new domains. CyberScoop had the details on Congress entrusting CISA with new responsibilities. TechCrunch had the lowdown on the indictment of a major Russian ransomware player. Dark Reading had information on a new threat group targeting Microsoft Azure virtual machines.

Remember to keep your passwords close and your eyes peeled – cybersecurity is everyone’s responsibility.

SonicWall News

Capita tells pension provider to ‘assume’ 500,000 customers’ data stolen

ITPro, SonicWall News: Immanuel Chavoya, senior manager of product security at SonicWall told ITPro that the latest update highlights the potential long-term impact that this breach could have on Capita partner organizations.

The outsourcing giant provides services for both public and private sector clients, including the UK Ministry of Defence. “Cyber attacks such as the one on Capita require a bit of long-tail analysis to capture a clear understanding of impact, but what is known is that the ripple effect of a cyber attack like the one on Capita can be far-reaching, extending beyond the organization itself to shake customer trust, disrupt essential services, and reverberate throughout communities.”

10 Best Firewalls for Small & Medium Business Networks in 2023

Enterprise Networking Planet, SonicWall News: The SonicWall TZ400 is a mid-range, enterprise-grade security firewall designed to protect small to midsize businesses. It supports up to 150,000 maximum connections, 6,000 new connections per second, and 7×1-Gbe. The TZ400 features 1.3 Gbps firewall inspection throughput, 1.2 Gbps application inspection throughput, 900 Mbps IPS throughput, 900 Mbps VPN throughput, and 600 Mbps threat prevention throughput.

Connecting a home can be a headache: some smart devices still don’t integrate and are a prime target for cybercriminals

Gearrice, SonicWall News: In the case of the connected house, precisely cyberattacks on smart home devices increased 87% globally last year according to data from SonicWall, which places the Smart Home as the segment with the highest growth within the set of malware.

2023 SC Awards Finalists: Best SME Security Solution

SC Magazine, SonicWall News: SonicWall’s next-generation firewall, the SonicWall TZ, which offers converged network security, multi-gigabit interfaces, TLS 1.3, and 5G readiness while providing high-speed threat prevention. This firewall has superior technology, next-gen hardware and SonicOS 7.0 support, enhanced features, and groundbreaking performance.

Cyber awareness training leaves companies exposed to attacks

Channel Life, SonicWall News: In fact, in the first half of 2022, SonicWall detected 270,228 never-before-seen malware variants. That’s an average of 1,500 new variants per day. However, new personalized training that combines machine learning and behavioral science can teach people to see the patterns or architecture commonly part of a threat.

7 Channel People Making Waves this Week

Channel Futures, SonicWall News: “For me, SonicWall is a 30-year industry legend in cybersecurity, one of the hottest topics right now obviously for many MSPs and MSSPs, and customers and partners around the world,” she said. “And SonicWall is sort of this amazing kind of comeback story because they had their acquisition and now they’re private again. And this is not the SonicWall of yesteryear. They have new leadership. They’re reimagining how they go to market (GTM)…”

CRN Women of the Channel

CRN, SonicWall News: SonicWall is delighted to share that CRN has honored four SonicWall team members on its 2023 Women of the Channel List. SonicWall’s new Vice President of North American Channels Michelle Ragusa-McBain, Regional Channel Sales Director Elizabeth Reynolds, Senior Manager Inside Sales Carlien de Vries and Senior Product Marketing Manager Sarah Choi were recognized for their incredible accomplishments in the IT channel.

Key Cybersecurity Threats to Watch For

Risk Management, SonicWall News: Cybercriminals monetize their activities via ransomware, and the tactic, which blocks access to systems or data until a ransom is paid, is being used against companies of all sizes. In 2022, there were nearly 500 million ransomware attacks worldwide, according to SonicWall.

The Most Pressing Security Needs of the SMB and Midmarket

GovInfoSecurity, SonicWall News: Bob VanKirk, president and CEO, SonicWall, highlighted the need for SMBs to have access to the right set of tools and resources to defend their companies and protect their brands. In order to ensure cybersecurity, VanKirk said, organizations must have all the threat data at their fingertips, whether it be a firewall, endpoint or remote access, and have analytics across all those areas.

SonicWall Names North American Channel Chief

ChannelPro, SonicWall News: SonicWall has named Michelle Ragusa-McBain its new channel chief for North America. The hiring is one of several measures, along with the forthcoming introduction of a revamped partner program, aimed at expanding the company’s MSP channel, according to Jason Carter, SonicWall’s CRO.

SonicWall Hires Cisco Vet Michelle Ragusa-McBain as North America Channel Chief

CRN, SonicWall News: SonicWall has hired Cisco Systems veteran Michelle Ragusa-McBain to oversee its large North America channel, as the cybersecurity vendor looks to “reimagine” its business with the help of partners, she said in an interview with CRN.

Cisco Vet Joins SonicWall Channel Team as North America Leader

ChannelFutures, SonicWall News: Ragusa-McBain’s goal is to enable partners to grow and profit with the “boundless shift to cybersecurity.” SonicWall announced her appointment at this week’s Channel Partners Conference & Expo, co-located with MSP Summit.

Industry News

Google’s New ZIP and MOV Domains Could be Dangerous

Google recently introduced a line of new top-level domains (TLD) that are available for purchase that include domains ending in “.zip” and “.mov”, which are also common file types. Cybersecurity and IT experts are warning that widespread use of domains ending in those letters could lead to easy ways for threat actors to spread malicious files. A threat actor could conceivably own a domain that shares a name with a commonly downloaded file online. A potential victim may mistakenly go to the website when intending to download the real file, which could lead to the victim installing malicious software or being otherwise taken advantage of. According to Bleeping Computer, this type of threat is already being utilized in the wild with a fake website ending in “.zip” attempting to steal Microsoft credentials. Only time will tell how these TLDs will affect the cybersecurity world.

CISA’s Responsibilities Expand Under Newly Passed Bills

Congress passed a series of new bills this week that will give the Cybersecurity and Infrastructure Security Agency (CISA) some new responsibilities. According to CyberScoop, the bills would have CISA maintaining a commercial public satellite clearinghouse system and creating a list of recommendations for the space industry as well as piloting a civilian cyber reserve program to be activated in a cyber emergency. Another committee advanced a bill that would have CISA work directly with the open-source software community to design a framework for better assessing the general risks for federal agencies. A separate bill would allow CISA to train non-cybersecurity employees at the Department of Homeland Security to move into cybersecurity roles. CISA’s expanded responsibilities should help address some of the pain points in cybersecurity across the US and in government in particular.

Major Russian Ransomware Culprit Indicted by US

Authorities in the United States have officially indicted a Russian national who they believe was a major player in the development and deployment of the Babuk, Hive and LockBit ransomware variants. The alleged cybercriminal, whose real name is Mikhail Matveev, was purportedly a member of the Babuk ransomware gang since 2020. In 2021, he claimed responsibility for an attack on Washington D.C.’s police department. Online, Matveev goes by “Wazawaka” and “Boriselcin.” TechCrunch stated that the gang also claimed an attack on law enforcement in New Jersey as well as against a healthcare organization in 2020. Matveev has been involved in countless attacks across the globe including one such instance where he demanded that the Costa Rican government be overthrown. There is currently a $10 million reward for information that leads to Matveev’s arrest. If he’s convicted, he could be locked away for up to 20 years.

Hacker Group Targeting Microsoft Azure Virtual Machines

A hacker group tracked by Mandiant Intelligence as UNC3844 has begun hacking Microsoft Azure virtual machines. The group had already made a splash by targeting Azure cloud environments specifically, but the move to virtual machines has helped them evade detections. The group typically uses compromised credentials or smishing to get access before utilizing SIM swapping to gain full access. Researchers at Mandiant stated that they had observed the threat actors using Azure extensions to plot and steal within the cloud environment. The group eventually installed legitimate remote tools to maintain a presence within the environment. This makes it especially difficult to detect because they’re using legitimate tools and applications. Organizations need to work to prevent targeted smishing campaigns to deter these types of attacks from happening. Mandiant recommended that businesses restrict access to remote admin channels and disable SMS as a multi-factor authentication option.

SonicWall Blog

Is Red/Blue Teaming Right for Your Network? – Stephan Kaiser

NSv Series and Microsoft Azure’s Government Cloud: Strengthening Cloud Security – Tiju Cherian

Four SonicWall Employees Featured on CRN’s 2023 Women of the Channel List – Bret Fitzgerald

NSv Series and AWS GovCloud: Facilitating Government’s Move to the Cloud – Tiju Cherian

The RSA Report: Boots on the Ground – Amber Wolff

The RSA Report – New Tactics, New Technologies – Amber Wolff

The RSA Report, Day 1: Protecting Objective Truth in Cybersecurity – Amber Wolff

The RSA Report: The Road to RSA – Amber Wolff

RSA 2023: What “Stronger Together” Means With SonicWall – Amber Wolff

Cybersecurity: Preventing Disaster from Being Online – Ray Wyman Jr

SonicWall Earns 5-Star Rating in 2023 Partner Program Guide for the Seventh Straight Year – Bret Fitzgerald

Global Threat Data, Worldwide Coverage: The 2023 SonicWall Cyber Threat Report – Amber Wolff

Jordan Riddles
Junior Copywriter | SonicWall
Jordan Riddles is a Junior Copywriter for SonicWall. He has a background in content creation and editing, and he lives in Tulsa, Oklahoma. Jordan is a graduate of Northeastern State University in Tahlequah, Oklahoma, with a focus in English and creative writing. In his spare time, he loves reading, cooking and disc golfing.