This week marks one of the biggest launches in SonicWall history, bringing with it a comprehensive set of new solutions designed to increase security, simplify management and meet the challenges of today’s cybersecurity reality.

SonicWall Spotlight

SonicWall’s Biggest Launch To-Date Delivers Future-Proof Security, Remotely — CRN TV

• CRN’s video discusses SonicWall CEO Bill Conner’s leadership and showcases the importance of SonicWall to the channel and the industry overall.

SonicWall Leads SMB Market To Resolve Stretched Security Budgets And Risks For Newly Extended Remote Workforces — Source Security

• SonicWall is introducing new zero-touch enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console.

SonicWall Refreshes High End Both Enterprise and SMB Firewalls — ChannelBuzz

• ChannelBuzz highlights the new versions of SonicWall’s firewalls and includes commentary from Bill Conner on the importance of the launch.

SonicWall Sounds Off On Next-Gen Security Line Up  — SDxCentral

• SDxCentral explains how SonicWall’s Gen 7 offerings expand the company’s enterprise capabilities and strengthen its current portfolio of products.

SonicWall Ships High-Speed Firewalls for SMB and Branch Office Environments — The ChannelPro Network

• In a feature on SonicWall’s Gen 7 launch, the ChannelPro Network discusses SonicWall’s new firewall appliances.

Cybersecurity News

Israel Says It Thwarted Cyber Attack Targeting Defense Industry — Bloomberg

• Israel has announced it foiled a cyberattack targeting its defense industry by a shadowy group that the U.S. has linked to North Korea. .

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal — Threat Post

• The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware.

Trump Moves on China Apps May Create New Internet ‘Firewall’ — Security Week

• A Trump administration ban on apps such as TikTok and WeChat risks fragmenting an already fragile global internet and creating an American version of China’s “Great Firewall.

Avaddon ransomware launches data leak site to extort victims — Bleeping Computer

• The Avaddon ransomware operators’ site will be used to publish the stolen data of victims who do not pay a ransom demand.

Hacked government, college sites push malware via fake hacking tools — Bleeping Computer

• A large scale hacking campaign appears to offer articles on hacking social network accounts, but instead delivers malware and scams.

UN reports sharp increase in cybercrime during pandemic — The Washington Times

• A 350% increase in phishing websites was reported in Q1 2020, many targeting hospitals and health care systems responding to the COVID-19 pandemic

Magecart group uses homoglyph attacks to fool you into visiting malicious websites — ZDNet

• A new campaign is utilizing the Inter kit and favicons to hide skimming activities.

Maryland officials warn gun dealers about phishing scams — The Washington Times

• Authorities in Maryland have issued an advisory about an apparent email phishing scam targeting firearms dealers in the state.

In Case You Missed It

• Bring the Power of RTDMI Analysis On-Premises with CSa 1000 — Dmitriy Ayrapetov
• SonicWall NSM: Centralized Firewall Management that Scales for Any Environment — Ken Dang
• New SonicWall NSsp 15700 Firewall: Security for Modern Enterprises — Mallik Vatti
• New SonicWall TZ570 and TZ670: Security for Modern SMBs and Branches — Sathya Thammanur
• New SonicWall SonicOSX 7.0 and SonicOS 7.0 Operating Systems Offer Visibility and Simplicity — Srudi Dineshan
• New SonicWall Solutions Deliver Security, Simplicity and Value — Bill Conner
• What’s the Malware Capital of the US? — Amber Wolff

This week, the U.S. government brought up cybersecurity legislation, while the U.S. judicial system handed down cybercriminal incarceration.

SonicWall Spotlight

Hackers used ransomware to take over parts of UC San Francisco’s network and extorted $1.14million in exchange for returning access to their files — Daily Mail

• UC San Francisco hasn’t said what files were affected nor how the ransomware entered the system, but the FBI has opened an investigation into the incident.

Sonicwall Lands In Ireland, Expands Channel Partner Strategy — SonicWall Press Release

• SonicWall today announced that it has appointed Tristan Bateup as country manager for Ireland.

UCSF pays $1 million ransom to recover medical school data from hackers — The Mercury News

• The UCSF School of Medicine was the third targeted by cyberattacks in the past two months, but a spokesperson said the attack did not affect patient care or ongoing COVID-19 research.

Cybersecurity News

Russian Criminal Group Finds New Target: Americans Working at Home — The New York Times

• A hacking group calling itself Evil Corp., indicted in December, has shown up in corporate networks with sophisticated ransomware. American officials worry election infrastructure could be next.

How COVID-19 changed Cyber Command’s ‘Cyber Flag’ exercise — Cyberscoop

• This year, U.S. Cyber Command convened with allied countries for what appeared to be a straightforward simulation of an attack against a European airbase — but then a global pandemic changed all the rules.

Russian cybercriminal gets 9 years for online fraud website — The Washington Times

• A Russian computer hacker who facilitated $20 million in credit card fraud and ran a sophisticated clearinghouse for international cybercriminals was sentenced Friday to nine years in prison.

Lawmakers introduce legislation to establish national cybersecurity director — The Hill

• A bipartisan group of lawmakers has introduced legislation in the House that would establish a national cybersecurity director to lead government efforts on cybersecurity.

DDoS botnet coder gets 13 months in prison — ZDNet

• Kenneth Schuchman, known as Nexus Zeta, created multiple DDoS botnets, including Satori, Okiru, Masuta, and Fbot/Tsunami.

An embattled group of leakers picks up the WikiLeaks mantle — Ars Technica

• DDoSecrets was banned from Twitter after releasing what they claim is the largest-ever cache of hacked U.S. police data, a leak some say positions the group as the heir apparent of WikiLeaks’ early, idealistic mission.

Senators move to boost state and local cybersecurity as part of annual defense bill — The Hill

• A group of Senate Democrats on Monday introduced as part of the annual National Defense Authorization Act (NDAA) a measure that would strengthen cybersecurity protections for states vulnerable to malicious cyberattacks.

U.S. FCC issues final orders declaring Huawei, ZTE national security threats — Reuters

• The FCC has formally designated China’s Huawei Technologies Co and ZTE Corp as posing threats to national security, barring U.S. firms from tapping an $8.3 billion government fund to purchase equipment from the companies.

Schools Already Struggled With Cybersecurity. Then Came Covid-19 — Wired

• A lack of dedicated funding and resources made it hard to keep data secure — and that was before classes moved almost entirely online.

Things that happen every four years: Olympic Games, presidential elections, and now new Mac ransomware — The Register

• Known as EvilQuest, the brand-new strain of Mac ransomware was spotted spreading via Russian piracy and torrent sites.

DDoS Attacks Jump 542% from Q4 2019 to Q1 2020 — Dark Reading

• The shift to remote work and heavy reliance on online services has driven an increase in attacks intended to overwhelm ISPs.

Tax software used by Chinese bank clients installs GoldenSpy backdoor — SC Magazine

• A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a backdoor granting attackers system-level privileges, researchers warn.

In Case You Missed It

• ‘3 & Free’ Promotion: The Easiest Way to Upgrade Your SonicWall Firewall for Free — Robert (Bob) VanKirk
• SonicWall EMEA 2020 Virtual Partner Events — Terry Greer-King
• COVID-19 Ushers in a New Era of Cybersecurity for Higher Ed — Bill Conner
• A Brief History of COVID-19 Related Attacks, Pt. 1 — Dmitriy Ayrapetov
• SonicWall’s Online Community Connects Cybersecurity Professionals — Micah Vorst

This week, cybersecurity news was thrust into the fray, with clashes between scammers and vigilante hackers, between conspiracy theorists and cell-phone towers, and between REvil and a number of high-profile celebrities.

SonicWall Spotlight

DeskFlix: SonicWall channel director on COVID-19 cybersecurity challenges — CRN UK

• Mike Awford discusses the ways SonicWall has supported partners through the migration to remote working.

EasyJet Hack: Passenger Data Could be Sold on Dark Web After Major Cyber Attack, Experts Warn — The Independent

• Based on similar attacks in the past, SonicWall’s VP EMEA Terry Greer-King discusses what could happen to customers’ data once it hits the Dark Web.

SonicWall Capture Labs Threat Research Teams Uncovers New Variant of Raccoon Stealer — CXO Today

• SonicWall has reported a new variant of Raccoon stealer malware, version 1.5, which has been used in a malicious COVID-19 campaign.

Cybersecurity News

ShinyHunters Is a Hacking Group on a Data Breach Spree — Wired

• In May, ShinyHunters began selling 200 million stolen records from over a dozen companies … and they claim this is just Stage 1.

Beware of phishing emails urging for a LogMeIn security update — Help-Net Security

• The email appears to be legitimate correspondence from LogMeIn, including company logo, spoofed sender identity and a link that appears legitimate.

Vigilante hackers target scammers with ransomware, DDoS attacks — Bleeping Computer

• A hacker has been taking justice into their own hands by targeting “scam” companies with ransomware and denial of service attacks.

Tech Chiefs Press Cloud Suppliers for Consistency on Security Data — The Wall Street Journal

• Each cloud company offers its own process on cybersecurity and governance, creating added work for customers.

Cell-tower attacks by idiots who claim 5G spreads COVID-19 reportedly hit US — Ars Technica

• Wireless telecom providers are being warned to boost security as 5G conspiracy theorists ramp up attacks on cell towers and telecommunications workers.

Microsoft warns of ‘massive’ phishing attack pushing legit RAT — Bleeping Computer

• Microsoft is warning of an ongoing COVID-19 themed phishing campaign that spreads via malicious Excel attachments.

Supercomputers hacked across Europe to mine cryptocurrency — ZDNet

• Multiple supercomputers across Europe have been shut down to investigate cryptocurrency mining malware infections.

Microsoft opens up coronavirus threat data to the public — Cyberscoop

• Microsoft has announced plans to make threat intelligence it collected on COVID-19-related hacking campaigns public.

NetWalker adjusts ransomware operation to only target enterprise — Bleeping Computer

• NetWalker ransomware group is moving away from phishing for malware distribution and has adopted a network-intrusion model focusing on huge businesses only.

REvil Ransomware found buyer for Trump data, now targeting Madonna — Bleeping Computer

• After breaching a prominent law firm, the REvil ransomware group is holding the personal information of high-profile celebrities for ransom.

In Case You Missed It

• Why Securing Remote Work is Crucial To Ensuring Business Continuity — Agasthiamani Sankaran
• Securing Telecommuters with Expanded Endpoint Visibility and Control — Suroop Chandran
• ‘Boundless Cybersecurity’ Protects Organizations Mobilizing for the New Business Normal — Geoff Blaine
• The New Front in Hospitals’ Battle Against COVID-19: Ransomware — Amber Wolff
• SonicWall Unveils Partner Program Designed for MSSPs — Lindsey Lockheart

This week, SonicWall brings Boundless Cybersecurity to the remote workforce; Emotet, Ryuk and Trickbot deliver a 1-2-3 punch; and hackers use Apple for phishing bait.

SonicWall Spotlight

SonicWall Introduces Boundless Cyber Security Platform – Information Age

• Boundless Cybersecurity aims to address a growing cybersecurity business gap and the complexity of securing remote workers compared to those working at company headquarters.

SonicWall: More Than 21,500 SecureFirst Partners Worldwide – MSSP Alert

• SonicWall adds 1,100 SecureFirst partner in February and unveils a Boundless Cybersecurity model to protect mobile and remote workers against cyberthreats.

How to protect yourself against online COVID-19 scammers – Security Watch Info

• As the COVID-19 pandemic continues to dominate the news cycle, cybercriminals are capitalizing on fear, stress and people’s desire for answers to gain access to personal information.

Cybersecurity News

North Korea hacking threatens U.S., other countries, international financial system: U.S. State Department – Reuters

• The FBI joined the U.S. Departments of State, Treasury and Homeland Security in issuing an advisory about North Korean cyberthreats, warning the financial sector is particularly at risk.

Czechs Warn Hackers Are Preparing Cyber Attacks on Hospitals – Bloomberg

• According to the Czech National Cyber and Information Security Agency, a campaign of cyberattacks on the country’s hospitals is expected in the coming days, Bloomberg reports.

The Pentagon Hasn’t Fixed Basic Cybersecurity Blind Spots – Wired

• Five years ago, the Department of Defense set dozens of security hygiene goals. A new report finds that it has abandoned or lost track of most of them.

FBI warns of ongoing COVID-19 scams targeting govt, health care – Bleeping Computer

• The U.S. Federal Bureau of Investigation has warned government agencies and health care organizations of ongoing BEC schemes exploiting the COVID-19 pandemic, as well as an overall increase in cryptocurrency and health care fraud scam activity targeting consumers.

The secret behind “unkillable” Android backdoor called xHelper has been revealed – Ars Technica

• The widely circulating Android backdoor—notorious for its ability to survive even factory resets—has finally been bested.

Emotet, Ryuk, TrickBot: ‘Loader-Ransomware-Banker Trifecta’ – Bank Info Security

• The “loader-ransomware-banker” trifecta—Emotet, Ryuk and Trickbot—is stronger than the sum of its parts, causing millions of dollars in damages over the past few years.

Someone is passing around Valorant beta keys that are actually malware – Cyberscoop

• Gamers hoping to access a closed beta for the video game Valorant are receiving keylogger software instead, as hackers attempt to capitalize on the hype surrounding the upcoming Riot Games release.

Apple Is Top Pick for Brand Phishing Attempts – Dark Reading

• Have you received a suspicious-looking email purporting to be from Apple? You aren’t alone—10% of all brand phishing attempts in the first quarter of 2020 used the Apple brand in an attempt to deceive recipients.

In Case You Missed It

• ‘Boundless Cybersecurity’ Protects Organizations Mobilizing for the New Business Normal – Geoff Blaine
• The New Front in Hospitals’ Battle Against COVID-19: Ransomware – Amber Wolff
• SonicWall Unveils Partner Program Designed for MSSPs – Lindsey Lockheart
• Securing SaaS: Protect More, Manage Less—Vishnu Chandra Pandey
• How to Simplify Endpoint Security – Vishnu Chandra Pandey

This week, SonicWall strengthens MSSP security offerings, cyberthreats to the upcoming census, and the end of decade lists begin.

SonicWall Spotlight

SonicWall Strengthens MSSP Security Offerings, Simplifies Account Management, Product Registration, Licensing Control. – SonicWall Press Release

• SonicWall announced new offerings for managed security service providers (MSSP). The newly announced capabilities allow MSSPs to simplify oversight, visibility and management of cybersecurity ecosystems as they continue to expand. The news is covered in CRN, Channel Futures, MSSP Alert, Channelnomics, and more.

553: Opening a Spin-off’s Liberated Growth Chapter – CFO Thought Leader podcast

• How do you take a business unit, extract it, and set it up to be a running company on its own, all within one year? SonicWall CFO Ravi Chopra sits down with the CFO Thought Leader podcast and explains exactly how he did it with SonicWall. He also discusses his career path, his experiences in the dot com crash, and how he learns from his mentors.

Cybersecurity Should Be the Core Pillar of Any Modern Digital Hospital: Dmitriy Ayrapetov – The Economic Times of India

• SonicWall’s Dmitriy Ayapetov is interviewed talking about the impact of cyberattacks on the health industry – with ransomware attacks growing and the rise of the Cloud and Internet of Things devices leading to potentially many new entry points for a cybercriminal, he stresses the need for greater cybersecurity awareness.

Cybersecurity News

Black Friday UK: Just One in 20 Discounts Are Genuine, Research Finds – The Guardian (UK)

• Research by consumer group Which? Has found that the majority of Black Friday deals are sold at the same price or cheaper throughout the year. SonicWall figures on ransomware are also referred to, highlighting the increase in cyberattacks around the Black Friday period.

Special Report: 2020 U.S. Census Plagued by Hacking Threats, Cost Overruns – Reuters

• An in-depth investigation into the upcoming 2020 US census has found that despite a major technology overhaul, fears of hacking attempts are running high and a lack of adequate training and understanding of cybersecurity risks internally is not helping.

Report Highlights Nation-State Cyberthreats Facing SMBs in 2020 – Tech Republic

• A new survey of over 1000 cybersecurity officials working at SMBs has found that more than 60% of respondents intend to increase their cybersecurity budgets next year due to growing fears of cyberattacks from both at home and abroad, especially during the upcoming elections.

India Plans Security Audit of WhatsApp After Hacking Attempt – Reuters

• The Indian government is pushing for a security audit of WhatsApp after revelations emerged last month that spyware inserted by surveillance groups allowed access to the phones of roughly 1400 users.

44 Million Microsoft Users Reused Passwords in the First Three Months of 2019 – ZDNet

• Microsoft has completed an audit of their accounts and found that 44 million people are still using usernames and passwords that were leaked online in 2019. A forced password reset has been enacted to help solve the problem.

FBI Issues Smart TV Cybersecurity Warning – Infosecurity Magazine

• The Federal Bureau of Investigation has issued a warning to holiday shoppers over the cyber-risks an unsecured smart TV might pose to a household. Default passwords should be changed, and a familiarization of all connection options is recommended at a bare minimum.

And Finally

A Decade of Malware: Top Botnets of the 2010s – ZDNet

• It’s the end of a decade, and with it comes the lists! ZDNet round up some of the biggest, in both size and infamy, botnets that hit throughout the 2010s, including those old favorites, Emotet, Trickbot, and Dridex.

In Case You Missed It

• My Workspace: Streamlining Asset Management for MSSPs – Suroop Chandran
• SonicWall Simplifies Day-to-Day Operations for MSSPs – Robert (Bob) VanKirk
• Meeting a Russian Ransomware Cell – Brook Chelmo
• 10 Reasons to Upgrade to the Newest SonicWall TZ Firewall – Brook Chelmo
• SonicWall: Encrypted Attacks, IoT Malware Surge as Global Malware Volume Dips – Geoff Blaine
• How to Protect Multi-Cloud Environments with a Virtual Firewall – Tiju Cherian