Cybersecurity News & Trends

This week, Gab got breached, Ryuk got stronger, and AOL users got phished.

SonicWall in the News

2021 Cyber Security Global Excellence Awards Winners — Globee Business Awards

  • SonicWall swept the Globee Business Awards, bringing home the Grand Trophy, along with nine other gold, silver and bronze honors.

Ransomware Has Changed In A Very Dramatic Way In The Past Two Years: SonicWall CEO — ET Tech

  • Bill Conner discusses the rise of nation states as primary threat actors and how that changes the conversation around country of origin marketing of cybersecurity products.

SonicWall CEO Bill Conner on His Journey in the Digital and Cybersecurity Space — YourStory

  • Bill Conner details his three-decade journey in the tech and enterprise sector and his role in helping governments, municipalities and others with the security of the COVID-19 vaccine distribution process.

Industry News

Gab’s CTO Introduced a Critical Vulnerability to the Site — Wired

  • A review of the open-source code shows an account under the executive’s name made a mistake that could lead to the kind of breach reported this weekend.

Why Global Power Grids Are Still So Vulnerable to Cyber Attacks — Bloomberg

  • More than five years after massive cyberattacks left a quarter of a million Ukrainians without electricity, the world’s power grids have become even more vulnerable to hackers.

Wray hints at federal response to SolarWinds hack — The Hill

FBI Director Christopher Wray hinted at the planned federal response to what has become known as the SolarWinds attack, stressing that confronting foreign attacks in cyberspace would be a “long, hard slog.”

China’s new cyber tactic: targeting critical infrastructure — SC Magazine

  • A newly discovered threat group breached India’s power infrastructure, marking the first time a Chinese government-linked cyber actor has emerged as a significant threat against another nation’s critical infrastructure.

Bitcoin at ‘tipping point,’ Citi says as price surges — Reuters

  • Bitcoin rose nearly 7%, with Citi saying the most popular cryptocurrency was at a “tipping point” and could become the preferred currency for international trade.

Government watchdog finds federal cybersecurity has ‘regressed’ in recent years — The Hill

  • Federal cybersecurity has “regressed” since 2019 due to factors including the lack of centralized cyber leadership at the White House, the Government Accountability Office (GAO) said in a report released Tuesday.

Far-Right Platform Gab Has Been Hacked—Including Private Data — Wired

  • The transparency group DDoSecrets says it will make the 70 GB of passwords, private posts and more available to researchers, journalists and social scientists.

Google: Bad bots are on the attack, and your defence plan is probably wrong — ZDNet

  • Bot attacks are on the rise as businesses move online due to the pandemic.

Beware: AOL phishing email states your account will be closed — Bleeping Computer

  • An AOL mail phishing campaign is underway to steal users’ login name and password by warning recipients that their account is about to be closed.

Ryuk ransomware now self-spreads to other Windows LAN devices — Bleeping Computer

  • A new Ryuk ransomware variant with worm-like capabilities allowing it to spread to other devices on victims’ local networks has been discovered.

SolarWinds Hack Pits Microsoft Against Dell, IBM Over How Companies Store Data — The New York Times

  • Microsoft argues the cloud offers more protection; rivals point to firms’ need to hold and access their information on-premises.

Bitcoin set for worst week since March as riskier assets sold off — Reuters

  • Bitcoin was headed on Friday for its worst week since March as a rout in global bond markets sent yields flying and sparked a sell-off in riskier assets.

In Case You Missed It

Cybersecurity News & Trends

This week, SonicWall was recognized as one of the coolest network security companies of 2021. Less cool: a huge spate of cyberattacks targeting the NSA, hospitals, universities, airlines, IT companies and even Apple’s new M1 silicon.

SonicWall in the News

The 20 Coolest Network Security Companies of 2021: The Security 100 — CRN

  • SonicWall was included on CRN’s list of the 20 Coolest Network Security Companies.

The Top 6 Enterprise VPNs To Use in 2021 — TechRepublic

  • SonicWall’s Global VPN Client is cited as one of the top VPNs for enterprises.

Experts Blast SMBs’ “Head In The Sand” Approach To Cyber Security — IT PRO

  • From failing to patch exposed VPNs to meeting ransom demands, businesses are playing a role in fueling the threat landscape.

Industry News

Hackers Tied to Russia’s GRU Targeted the US Grid for Years, Researchers Warn — Wired

  • A Sandworm-adjacent group has successfully breached U.S. critical infrastructure a handful of times, according to new findings from the security firm Dragos.

COVID pandemic causes spike in cyberattacks against hospitals, medical companies — ZDNet

  • IBM says attack rates have doubled against medical entities since the pandemic began.

After Russian Cyberattack, Looking for Answers and Debating Retaliation — The New York Times

  • Key senators and corporate executives warned that the “scope and scale” of the SolarWinds attack were unclear, and that the attack might still be ongoing.

LazyScripter hackers target airlines with remote access trojans — Bleeping Computer

  • Security researchers believe they uncovered activity belonging to a previously unidentified actor fitting the description of an advanced persistent threat (APT).

10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express — Dark Reading

  • The two campaigns aimed to steal victims’ business email account credentials by posing as the shipping companies.

NASA and the FAA were also breached by the SolarWinds hackers — Bleeping Computer

  • NASA and the U.S. Federal Aviation Administration (FAA) have reportedly also been compromised by the nation-state hackers behind the SolarWinds supply-chain attack.

Ransomware: Sharp rise in attacks against universities as learning goes online — ZDNet

  • Higher education is struggling with ransomware attacks, with gangs seeing an easy target in institutions busy making the switch to remote operations.

Finnish IT Giant Hit with Ransomware Cyberattack — Threat Post

  • A major Finnish IT provider has been hit with ransomware, forcing the company to turn off some services and infrastructure while it takes recovery measures.

Chinese spyware code was copied from America’s NSA: researchers — The Wall Street Journal

  • Chinese spies used code first developed by the U.S. National Security Agency to support their hacking operations — another example of how malicious software developed by governments can boomerang against their creators.

Malware monsters target Apple’s M1 silicon with ‘Silver Sparrow’ — The Register

  • U.S. security consultancy Red Canary says it’s found macOS malware written specifically for the shiny new M1 silicon that Apple created to power its post-Intel Macs.

Global Accellion data breaches linked to Clop ransomware gang — Bleeping Computer

  • Financially motivated hacker groups combined multiple zero-day vulnerabilities and a new web shell to breach up to 100 companies using Accellion’s legacy File Transfer Appliance.

In Case You Missed It

Cybersecurity News & Trends

This week was a good one for the rule of law, as a number of cybercriminals involved in ransomware, phishing and cryptocurrency theft were brought to justice.

SonicWall in the News

2021 Channel Chiefs: Robert (Bob) VanKirk — CRN

  • Robert (Bob) VanKirk has been named one of CRN’s Channel Chiefs for 2021.

2021 Channel Chiefs: HoJin Kim — CRN

  • HoJin Kim has been named one of CRN’s Channel Chiefs for 2021.

2021 Channel Chiefs: David Bankemper — CRN

  • David Bankemper has been named one of CRN’s Channel Chiefs for 2021.

Industry News

North Korea Turning to Cryptocurrency Schemes in Global Heists, U.S. Says — The Wall Street Journal

  • The U.S. Justice Department has charged North Koreans hackers in wide-ranging scheme that includes attempts to steal $1.3 billion for Pyongyang.

Nigerian man sentenced 10 years for $11 million phishing scam — Cyberscoop

  • The sentence comes as the cost of email scams continues to rise, plaguing U.S. businesses.

Cred-stealing trojan harvests logins from Chromium browsers, Outlook and more, warns Cisco Talos — The Register

  • A credential-stealing trojan is capable of lifting your login details from the Chrome browser, Microsoft’s Outlook and instant messengers.

NIST hints at upgrades to its system for scoring a phish’s deceptiveness — SC Magazine

  • Officials from the National Institute of Standards and Technology (NIST) this week teased future improvements to its “Phish Scale,” which helps companies determine whether phishing emails are hard or easy for their employees to detect.

Egregor Arrests a Blow, but Ransomware Will Likely Bounce Back — Dark Reading

  • Similar to previous ransomware takedowns, this disruption to the ransomware-as-a-service model will likely be short-lived, security experts say.

SolarWinds attack hit 100 companies and took months of planning, says White House — ZDNet

  • The White House warns the SolarWinds attack was more than espionage, because the private sector targets could lead to follow-up attacks.

Senate Intel leader demands answers on Florida water treatment center breach — The Hill

  • Sen. Mark Warner (D-Va.) has demanded answers regarding the investigation into the recent attempt to breach and poison the water supply in a Florida city.

Rising healthcare breaches driven by hacking and unsecured servers — Bleeping Computer

  • 2020 was a bad year for healthcare organizations in the U.S., which had to deal with record-high cybersecurity incidents on the backdrop of the COVID-19 pandemic.

Bitcoin hits new record of $50,000 — BBC

  • The cryptocurrency, which was created by an unknown inventor, has risen about 72% this year.

270 addresses are responsible for 55% of all cryptocurrency money laundering — ZDNet

  • Most cryptocurrency money laundering is concentrated in a few online services, opening the door for law-enforcement actions.

Microsoft asks government to stay out of its cyber attack response in Australia — ZDNet

  • Government intervention would result in a “Fog of War,” further complicating any attempt to mitigate cyberattack response, the company said.

France’s cyber-agency says Centreon IT management software sabotaged by Russian Sandworm — The Register

  • Web hosts were infiltrated for up to three years in an attack that somewhat resembles the SolarWinds breach.

100+ Financial Services Firms Targeted in Ransom DDoS Attacks in 2020 — Dark Reading

  • Consumer banks, exchanges, payment firms and card-issuing companies around the globe were among those hit.

Microsoft: SolarWinds attack took more than 1,000 engineers to create — ZDNet

  • Microsoft reckons that the huge attack on security vendors and more took the combined power of at least 1,000 engineers to create.

In Case You Missed It

Cybersecurity News & Trends

This week, the U.S. cyber czar gets new powers, a video game giant gets breached, and Robinhood gets sued.

SonicWall in the News

Defending Against SolarWinds Attacks: What Can Be Done? — TechTarget: SearchSecurity

  • Dmitriy’s zero-trust commentary was included in this article on how zero-trust and behavioral monitoring can be useful against nation-state attacks like the SolarWinds attack.

Cybersecurity Sales: Do You Have What It Takes to Succeed — Help Net Security

  • An interview with Terry Geer-King on his career growth was shared on Help Net Security.

Industry News

CISA Warns Organizations About Attacks on Cloud Services — Security Week

  • In light of successful cyberattacks targeting organizations’ cloud services, the U.S. Cybersecurity and Infrastructure Security Agency has published a series of recommendations on how businesses can improve their cloud security.

Scam-as-a-Service operation made more than $6.5 million in 2020 — ZDNet

  • The “Classiscam” operation is made up of around 40 groups operating in the U.S. and across several European countries.

Iranian cyberspies behind major Christmas SMS spear-phishing campaign — ZDNet

  • Iranian hackers managed to successfully hide URLs to phishing sites behind legitimate links.

Hackers’ Attack on Email Security Company Raises New Red Flags — The New York Times

  • A breach at email security provider Mimecast underscores that Russia-linked hackers appear to have targeted victims along multiple avenues of attack.

Data Breach at ‘Resident Evil’ Gaming Company Widens — Threat Post

  • Capcom, the game developer behind Resident Evil, Street Fighter and Dark Stalkers, now says its recent attack compromised the personal data of up to 400,000 gamers.

Hacker sells Aurora Cannabis files stolen in Christmas cyberattack — Bleeping Computer

  • A hacker is selling data stolen from cannabis giant Aurora Cannabis after breaching their systems on Christmas.

State Department sets up new bureau for cybersecurity and emerging technologies — The Hill

  • The new Bureau of Cyberspace Security and Emerging Technologies (CSET) will help lead diplomatic efforts in cyberspace, including working to prevent cyber conflicts with potentially adversarial nations.

Ryuk gang estimated to have made more than $150 million from ransomware attacks — ZDNet

  • Most of the Ryuk gang’s “earnings” are being cashed out through accounts at crypto-exchanges Binance and Huobi.

Sealed U.S. Court Records Exposed in SolarWinds Breach — Krebs on Security

  • The ongoing SolarWinds breach may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo.

Cyber czar to draw on new powers from defense bill — The Hill

  • New authorities from the recently enacted defense bill are expected to help the U.S. government in its response to the SolarWinds hack believed to be perpetrated by Russia.

Robinhood Hacking Victim Sues Trading Platform Over Security — Bloomberg

  • Siddharth Mehta said in a complaint provided by his lawyer that his account was looted of “tens of thousands of dollars” in July.

In Case You Missed It

Cybersecurity News & Trends

This week, the massive SolarWinds breach made headlines around the world, but that doesn’t mean other hackers took a holiday.

SonicWall in the News

Zero Trust Against Nation-State Attacks: Expert Explains Why it is Vital — Information Security Buzz

  • The fallout of the SolarWinds breach continues to reverberate across the industry, and the conversation is shifting to how to mitigate and defend against the next attack on this scale. Dmitriy Ayrapetov weighs in.

Reasons To Believe — Or Not Believe — in IoT — IoT Agenda

  • Data from SonicWall’s Threat Report on the increase in IoT attacks was included in an article on the benefits and challenges of IoT.

AI and ML: Is it a boon or bane for cyber security?” — VAR India

  • SonicWall VP of Regional Sales Debasish Mukherjee, talks about BYOD and the number of malicious attacks and cyber frauds across the globe due to the pandemic.

Industry News

North Korean hackers launch RokRat Trojan in campaigns against the South — ZDNet

  • A VBA self-decoding technique is being used to hide the malware on impacted systems.

Widely Used Software Company May Be Entry Point for Huge U.S. Hacking — The New York Times

  • Russian hackers may have piggybacked on a tool developed by JetBrains, which is based in the Czech Republic, to gain access to federal government and private sector systems in the United States.

Babuk Locker is the first new enterprise ransomware of 2021 — Bleeping Computer

  • It’s a new year, and with it comes a new ransomware. This one is called Babuk Locker, and it targets corporate victims in human-operated attacks.

Cyberattacks on Healthcare Spike 45% Since November — Threat Post

  • The relentless rise in COVID-19 cases is battering already-frayed healthcare systems — and ransomware criminals are taking the opportunity to strike.

Top admiral: SolarWinds computer hack didn’t harm U.S.-based nukes — The Washington Times

  • America’s nuclear arsenal wasn’t compromised by a recent cyberattack targeting computer networks used by government agencies and private companies, the Navy admiral at the helm of the U.S. Strategic Command said.

Severe SolarWinds Hacking: 250 Organizations Affected? — Bank Info Security

  • Investigators are finding that the campaign appears to have compromised more than the 50 organizations originally suspected—and a Russian-linked hacking group may be responsible.

This malware uses a crafty new technique to establish the location of victims — Tech Radar 

  • A newly discovered form of malware grabs and queries the MAC address of the wireless router, enabling it to geo-locate its victim’s machine more accurately.

Cross-platform ElectroRAT malware drains cryptocurrency wallets — Bleeping Computer

  • Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users.

Major Gaming Companies Hit with Ransomware Linked to APT27 — Threat Post 

  • A recent slew of related ransomware attacks on top videogame companies has been associated with the notorious Chinese-linked APT27 threat group, suggesting that the advanced persistent threat (APT) is swapping up its historically espionage centralized tactics to adopt ransomware, a new report says.

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud — Cybersecurity Trends

  • Insider threats are redefined in 2021, the work-from-home trend will continue define the threat landscape and mobile endpoints become the attack vector of choice, according 2021 forecasts.

Be warned: COVID-19 vaccine scams are now appearing online, over text, and by email — ZDNet

  • With millions of us waiting for our place in the vaccine queue, criminals are already trying to cash in.

In Case You Missed It

Cybersecurity News & Trends

This week, the massive SolarWinds breach made headlines around the world, but that doesn’t mean other hackers took a holiday.

SonicWall in the News

The 25 Hottest Edge Security Companies: 2020 Edge Computing 100 — CRN

  • SonicWall was recognized in CRN’s 2020 Edge Computing 100 list for its new SD-Branch and Cloud Edge Secure Access solutions.

Cyberattack ‘Leaves UK Infrastructure Exposed for Month’ — Newsweek

  • SonicWall President and CEO Bill Conner, who in recent years has advised the U.K. and U.S. governments on how best they can protect critical national assets from cybercrime, said the hackers appeared to be motivated by geopolitical control.

Cases of Cyber Ransomware Rising During COVID Pandemic — MSN

SonicWall Capture Labs Threat Research Team Warns of Egregor Ransomware Attacks — SME Channels

  • SonicWall Capture Labs Threat Research team warns that Egregor Ransomware attacks — which steal system information and banking and online account credentials, as well as deploy keyloggers and remote backdoors — will likely intensify.

SolarWinds Supply Chain Attack Led to FireEye, US Government Breaches — SDxCentral

  • Bill’s commentary on the U.S. Treasury hack was featured in an SDxCentral article about recent data breaches.

SonicWall Seeks The Bliss of The Predictable — ChannelPro Network

  • ChannelPro Network shared a feature on SonicWall’s SecureFirst Partner Program for its ChannelBeat column.

Industry News

SolarWinds Breach Potentially Gave Hackers ‘God Access’: Ex-White House Official — Newsweek

  • The SolarWinds breach potentially gave hackers “God access” or a “God door” to computer systems using the companies OrionIT software, a former White House official has warned.

FireEye, Microsoft create kill switch for SolarWinds backdoor — Bleeping Computer

  • Microsoft, FireEye and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself.

Little-Known SolarWinds Gets Scrutiny Over Hack, Stock Sales — Security Week

  • The revelation that elite cyber spies spent months exploiting SolarWinds’ software to peer into computer networks has put many of its high-profile customers on high alert — and it’s raising questions about whether company insiders knew of its security vulnerabilities as its biggest investors sold off stock.

Russia’s Hacking Frenzy Is a Reckoning — Wired

  • Despite years of warning, the U.S. still has no good answer for the sort of “supply chain” attack that has left Washington stunned.

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

  • A key malicious domain name used to control computer systems compromised via the months-long breach at SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself.

Schiff calls for ‘urgent’ work to defend nation in the wake of massive cyberattack — The Hill

  • House Intelligence Committee Chairman Adam Schiff, D-Calif., on Wednesday called on Congress to undertake “urgent work” to defend critical networks in the wake of a massive cyber espionage attack on the U.S. government.

FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay — ZDNet

  • FBI says the ransomware group has been calling victims and threatening to send individuals to their homes if they don’t pay the ransom.

“Evil mobile emulator farms” used to steal millions from US and EU banks — Ars Technica

  • Researchers from IBM Trusteer say they’ve uncovered a massive fraud operation that used a network of mobile device emulators to drain millions of dollars from online bank accounts in just days.

EU unveils revamp of cybersecurity rules days after hack — The Washington Times

  • The EU unveiled plans to revamp its dated cybersecurity rules, just days after data on a new coronavirus vaccine was unlawfully accessed in a hack attack on the European Medicines Agency.

45 million medical scans from hospitals all over the world left exposed online for anyone to view – some servers were laced with malware — The Register

  • CybelAngel, which sells a digital risk protection platform, reported not only was the sensitive personal information unsecured, but cybercriminals had also accessed those servers and poisoned them with apparent malware.

Microsoft: New malware can infect over 30K Windows PCs a day — Bleeping Computer

  • Microsoft has warned of an ongoing campaign pushing Adrozek, a new browser hijacking and credential-stealing malware which, at its peak, was able to take over more than 30,000 devices every day.

Massive Subway UK phishing attack is pushing TrickBot malware — Bleeping Computer

  • A massive phishing campaign pretending to be a Subway order confirmation has been spotted distributing the notorious TrickBot malware.

This new ransomware is growing in strength and could become a major threat warn researchers — ZDNet

  • The group behind MountLocker ransomware are “clearly just warming up,” researchers say.

In Case You Missed It

Cybersecurity News & Trends

This week, cybersecurity news moved to the federal level as nation-state hacking and international cybersecurity cooperation made headlines.

SonicWall in the News

SonicWall Wins Six Prestigious Awards In The 15th Annual Network Product Guide’s 2020 IT World Awards — SonicWall Press Release

  • SonicWall has swept six industry awards at the 15th Annual Network Product Guide’s 2020 IT World Awards, including the coveted Grand Trophy distinction for having exhibited overall excellence in diverse categories.

An Outside View of Cybersecurity ‘Inside the Beltway’ — Federal News Network

  • Federal News Network shared a podcast interview with SonicWall President and CEO Bill Conner on the persistent threats impacting the federal space and how ransomware and IoT will impact federal IT systems moving forward.

FDA Approval Is Not The Only Vaccine Challenge — Industry Week

  • Bill Conner explains how cybercriminals could impact the vaccine supply chain if a successful attack is to occur, and what organizations need to do to defend themselves.

Healthcare in Crisis: Diagnosing Cybersecurity Shortcomings in Unprecedented Times — Threatpost

  • The pandemic’s unprecedented impact on healthcare lay bare the gaping holes in the healthcare industry’s cybersecurity defenses — and security experts say the fallout will impact the healthcare industry well into 2021.

Industry News

Russian hackers hide Zebrocy malware in virtual disk images — Bleeping Computer

  • Russian-speaking hackers behind Zebrocy malware have changed their technique and are now packing the threats in virtual hard drives (VHD) to avoid detection.

Ransomware gangs are getting faster at encrypting networks. That will make them harder to stop — ZDNet

  • The window for finding attackers on your network before ransomware is deployed is getting much smaller.

Russia’s FireEye Hack Is a Statement—but Not a Catastrophe — Wired

  • The cybersecurity firm has acknowledged that it has itself been the victim of a breach — and that the attackers made off with some of its offensive tools.

Norwegian police implicate Fancy Bear in parliament hack, describe ‘brute forcing’ of email accounts — Cyberscoop

  • In their accusation of Russian involvement in an August cyberattack on Norwegian parliament, authorities have implicated the same notorious group accused of interfering in the 2016 U.S. election.

Critical Flaws in Millions of IoT Devices May Never Get Fixed — Wired

  • Amnesia:33 is the latest in a long line of vulnerabilities that affect countless embedded devices.

Credit card stealing malware bundles backdoor for easy reinstall — Bleeping Computer

  • An almost-impossible-to-remove malware, programmed to automatically activate on Black Friday, was deployed on multiple Magento-powered online stores.

The EU is making overtures about cybersecurity collaboration under Biden — Cyberscoop

  • European Union members convened in an effort to take stock of the U.S. presidential election and plan how to best jumpstart cooperation with the incoming Biden administration on matters including cybersecurity.

U.S. National Security Agency warns of Russian hacking against VMware products — Reuters

  • A new cybersecurity alert from the U.S. National Security Agency warns that Russian “state-sponsored” hackers are actively exploiting a software vulnerability in multiple products made by cloud computing company VMware Inc.

Iranian Hackers Access Unprotected ICS at Israeli Water Facility — Security Week

  • A group of Iranian hackers recently posted a video showing how they managed to access an industrial control system at a water facility in Israel.

Man Pleads Guilty to Role in Malware Protection Scam — Security Week

  • A man has pleaded guilty to his role in a computer protection services scam that cheated victims out of nearly $1 million by misleading them into believing that malware had been detected on their computers.

U.S. and Australia to develop shared cyberattack training platform — Bleeping Computer

  • The U.S. and Australia have signed a first-ever bilateral agreement that allows the U.S. Cyber Command and Australia’s Information Warfare Division to jointly develop and share a virtual cyber training platform.

Android apps with millions of downloads are vulnerable to serious attacks — Ars Technica

  • Android apps with hundreds of millions of downloads are vulnerable to attacks that allow malicious apps to steal contacts, login credentials, private messages and other sensitive information.

Home Offices Face Bigger Cyber Threat, Biden Top Economist Warns — Bloomberg

  • Brian Deese, chosen by Biden to lead the National Economic Council, said in an interview broadcast Wednesday, “The risk of operating from home offices in terms of cyberattacks is exponentially greater.”

In Case You Missed It

Cybersecurity News & Trends

This week, Trickbot is gaining strength, Bitcoin is gaining value, and cybercriminals are gaining ground against vaccine manufacturers.

SonicWall in the News

New Partnerships Boost OT/IoT Security Across Digital Environments — Security Boulevard

  • SonicWall’s Q3 Threat Report data is cited in this article about Nozomi Networks partnership with Honeywell and Yokogawa Europe.

Top Tips to Stay Safe During Black Friday & Cyber Monday — Security Toolbox

  • Check out five tips to maintain security hygiene when shopping online during the upcoming holiday season.

Industry News

Manchester United attack illuminates the cyberthreats facing an overlooked sports sector — Cyberscoop

  • The headline-making attack is a stark reminder that major sports franchises have targets on their backs, even if regulators and the press don’t apply the same amount of scrutiny to data protection strategies in athletics as in other sectors.

 Federal agencies warn that hackers are targeting US think tanks — The Hill

  • The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that major hacking groups are targeting U.S. think tanks.

 Companies Urged to Adjust Hiring Requirements for Cyber Jobs — The Wall Street Journal

  • Companies need millions more cybersecurity professionals to fill roles around the world, but researchers say the problem may be outlandish job requirements, rather than a lack of workers.

FINRA Warns Brokerage Firms of Phishing Campaign — Security Week

  • Cybercriminals are using a recently registered lookalike domain in a phishing campaign targeting U.S. organizations, the Financial Industry Regulatory Authority warns.

Cyberespionage APT group hides behind cryptomining campaigns — Bleeping Computer

  • An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts.

Bitcoin Hits New Record, This Time With Less Talk of a Bubble — The New York Times

  • The crazy cousin of traditional currencies, which fell below $4,000 in March, has now passed $19,783 — and more investors are now buying it for the long term.

Government watchdog urges policymakers to boost cybersecurity for 5G networks — The Hill

  • The agency detailed “capabilities and challenges” involved in the buildout of 5G networks and made a number of recommendations aimed at scaling up cybersecurity, spectrum availability and consumer data privacy.

Supreme Court considers scope of federal anti-hacking law in biggest cyber case to date — Cyberscoop

  • This case is the biggest to come before the nation’s highest court involving the Computer Fraud and Abuse Act (CFAA), written in the 1980s and centering on when an individual “exceeds authorized access” to a computer.

It’s hard to keep a big botnet down: TrickBot sputters back toward full health — Cyberscoop

  • Mounting evidence suggests that TrickBot, the vast botnet that both U.S. Cyber Command and a Microsoft-led coalition sought to disable around the 2020 elections, is on the mend and evolving.

Coronavirus: Hackers targeted Covid vaccine supply ‘cold chain’ — BBC

  • The international vaccine supply chain has reportedly been targeted by cyber-espionage.

The Internet’s Most Notorious Botnet Has an Alarming New Trick — Wired

  • The hackers behind TrickBot have begun probing victim PCs for vulnerable firmware, which would let them persist on devices undetected.

North Korean Hackers Are Said to Have Targeted Companies Working on Covid-19 Vaccines — The Wall Street Journal

  • At least six pharmaceutical companies in the U.S., the U.K. and South Korea were targeted as the regime seeks sensitive information it could sell or weaponize.

In Case You Missed It

Cybersecurity News & Trends

This week hackers targeted hardware and software, with attacks on WordPress sites, printers, CPUs and the popular game “Among Us” making headlines.

SonicWall in the News

SonicWall Stresses Zero Trust, Zero Touch in 2020 — ChannelPro Network

  • A look at SonicWall’s business strategy in 2020, particularly SonicWall’s Cloud Edge solution, its Boundless 2020 virtual event, and commentary from Bill Conner and Dmitriy Ayrapetov.

Best Firewalls For Small Businesses — Business Pundit

  • Business Pundit has recognized SonicWall’s TZ firewall as the “Best Overall Firewall.”

SonicWall Refreshes Low Ends of TZ and NSa Firewall Portfolios and Unveils Zero Trust SonicWall Cloud Edge Secure Access — ChannelBuzz

  • SonicWall adds Cloud Edge Secure Access solution and new TZ and NSa firewalls to its lineup.

Firewalls And ZTNA Solution Protect Working Environments — LANline

  • LANline offers a closer look at SonicWall’s new NSFirewalls and ZTNA solution news.

SonicWall Expands Cybersecurity with New TCO Firewalls — APN News

  • SonicWall announced the expansion of its Capture Cloud Platform with the addition of the high-performance NSa 2700 firewall, three new cost-effective TZ firewall options and SASE offering debut.

Industry News

The 10 Coolest Cybersecurity Startups Of 2020 — CRN

  • Perimeter 81, who teamed up with SonicWall to create the Cloud Edge Secure Access solution, made CRN’s list of Coolest Cybersecurity Startups of 2020.

Cybersecurity Industry in Detroit Is Growing and Mentors Are Starting With Young People — Detroit Free Press

  • In an article on how Detroit’s cybersecurity industry is growing, Bill Conner offers cybersecurity tips for remote work.

Egregor ransomware bombards victims’ printers with ransom notes — Threatpost

  • The Egregor ransomware uses a novel approach to get a victim’s attention after an attack: it shoots ransom notes from all available printers.

Bitcoin hits nearly three-year peak, homes in on record — Reuters

  • Bitcoin has soared to its highest level since December 2017 as the asset’s perceived quality as a hedge against inflation lured institutional and retail demand.

Trump fires CISA chief Chris Krebs, who guarded the 2020 election from interference and domestic misinformation — Cyberscoop

  • President Donald Trump on Tuesday said he had fired Chris Krebs, a widely respected Department of Homeland Security official who helped protect the 2020 election from hacking and disinformation, the latest in a series of purges.

Forget Imposters. Among Us Is a Playground for Hackers — Wired

  • James Sebree, a researcher for security firm Tenable, on Tuesday published a blog post laying out a slew of relatively simple, hackable vulnerabilities in Among Us.

Hackers are actively probing millions of WordPress sites — Bleeping Computer

  • Unknown threat actors are scanning for WordPress websites with Epsilon Framework themes installed on over 150,000 sites and vulnerable to Function Injection attacks that could lead to full site takeovers.

Ransomware Operator Promotes Distributed Storage for Stolen Data — Dark Reading

  • The criminals behind the DarkSide ransomware-as-a-service operation say the system will be harder to take down.

Hackers can use just-fixed Intel bugs to install malicious firmware on PCs — Ars Technica

  • Vulnerabilities allowed hackers with physical access to override a protection Intel built into modern CPUs that prevents unauthorized firmware from running during the boot process. Known as Boot Guard, the measure is designed to anchor a chain of trust directly into the silicon to ensure that all firmware that loads is digitally signed by the computer manufacturer.

In Case You Missed It

Cybersecurity News & Trends

This week, SonicWall expanded its Capture Cloud Platform with four new firewalls and a new Zero-Trust security solution.

SonicWall in the News

SonicWall Expands Boundless Cybersecurity With New High-Performance, Low-TCO Firewalls; Company Debuts Cloud-Native Ztna Solution to Secure Work-From-Anywhere Environments — Company Press Release

  • SonicWall today announced the expansion of its Capture Cloud Platform with the addition of the high-performance NSa 2700 firewall, three new TZ firewall options, and SonicWall Cloud Edge Secure Access, which delivers easy-to-deploy, easy-to-use zero-trust security.

SonicWall Capture Advanced Threat Protection Collects ICSA Labs Certification — Company Press Release

  • For the third consecutive quarter, cloud-based Capture Advanced Threat Protection (ATP) sandbox service has been vigorously tested in the detection of today’s most evasive threats and awarded the coveted ICSA Labs Advanced Threat Defense certification.

The 2020 Tech Innovators Awards — CRN

  • SonicWall was recognized as the winner of the networking category for its TZ570 and TZ670 series (slide 22) and was a finalist in the security network category for its Network Security Services Platform 15700 (slide 37).

Cybersecurity Industry in Detroit Is Growing and Mentors Are Starting With Young People — Detroit Free Press

  • In an article on how Detroit’s cybersecurity industry is growing, Bill Conner offers cybersecurity tips for more secure remote work.

Four New SonicWall Firewalls Announced — Storage Review

  • Storage Review covers SonicWall’s latest launch, focusing on Cloud Edge Secure Access and four all-new firewalls.

SonicWall Research: Ransomware, IoT Malware Attacks On The Rise — MSSP Alert

  • In a feature article on SonicWall’s Q3 Threat Data, MSSP Alert spotlights the surge in ransomware and IoT malware.

Industry News

Campari Site Suffers Ransomware Hangover — ThreatPost

  • Italian spirits brand Campari has restored its company website following a recent ransomware attack.

Ragnar Locker Ransomware Gang Takes Out Facebook Ads in Key New Tactic — Threat Post

  • Following the Nov. 3 ransomware attack against Campari, Ragnar Locker group took out public Facebook ads threatening to release stolen data.

Pressure grows to reinstall White House cyber czar — The Hill

  • Pressure to reinstate a cyber czar within the White House is growing, with bipartisan allies lining up on Capitol Hill to push such a proposal.

Zoom settles charges with FTC over deceptive security practices — Cyberscoop

  • The FTC has reached a deal with Zoom to settle allegations that the communications technology company misrepresented its security and privacy protections.

How to Avoid Paying Ransomware Ransoms — Data Center Knowledge

  • As private experts and government officials advise against indulging the bad guys, here are some tips for following that advice.

Treasury Asks if External Cyber Acts Qualify for Terrorism Risk Insurance Program — Nextgov

  • A request for comment reflects recommendations made by the Cyberspace Solarium Commission.

Major ransomware strain jumps from Windows to Linux — SC Magazine

  • A recently discovered file-encrypting Trojan, built as an executable and linkable format (ELF), encrypts data on machines controlled by Linux-based operating systems.

Hospital network hit by cyber attack restoring services — The Washington Times

  • Computer experts at the University of Vermont Medical Center are working to restore systems disabled in a cyberattack that has affected the hospital’s ability to provide some cancer treatments.

Vietnamese hacking group OceanLotus uses imitation news sites to spread malware — Cyberscoop

  • Suspected Vietnamese government-linked hackers are behind a series of fake news websites and Facebook pages meant to target victims with malicious software.

Microsoft Exchange Attack Exposes New xHunt Backdoors — Threat Post

  • An attack on the Microsoft Exchange server of an organization in Kuwait revealed two never-before-seen PowerShell backdoors.

U.S. seizes over $1 billion in bitcoin tied to ‘Silk Road’ — Reuters

  • The U.S. Justice Department announced it had seized over $1 billion worth of bitcoin associated with the underground online marketplace Silk Road.

Ransomware Attacks Surge 40% Globally In Q3: Report — Express Computer

  • While overall malware volume declined for the third consecutive quarter, ransomware attacks globally surged 40% to reach 199.7 million hits in the third quarter of this year.

In Case You Missed It