Posts

Cybersecurity News & Trends – 10-16-20

This week, increasingly sophisticated ransomware is being deployed by ransomware groups increasingly functioning like businesses.


SonicWall in the News

Sonicwall Trusted By U.S. Federal Agencies, Driving Thought-Leadership With Live Webinar Event — SonicWall Press Release

  • Thursday, Oct. 15, 1 p.m. EDT, SonicWall will host a live webinar event, ‘Securing Federal Agencies in Unprecedented Times’, exploring the effects of COVID-19 on federal networks and employees, changes in the federal space in 2020, and SonicWall’s certified federal solutions.

How The Enterprise Can Shut Down Cyber Criminals and Protect A Remote A Staff  — TechRepublic

  • Hackers accidentally allowed into company software by security-noncompliant employees cost businesses millions annually. Experts to weigh in on best safety practices.

5 Campaign Cybersecurity Lessons Learned from Enterprise — SDxCentral

  • Campaigns can — and should — take a page from enterprise security best practices to harden their defenses and hunt for threats in their environments.

SonicWall Unveils Boundless 2020, Company’s Largest Ever Global Virtual Partner Event — CRN India

  • On the heels of a record-setting year that has included the introduction of the Boundless Cybersecurity platform and numerous new products, services and programs, SonicWall is hosting a three-day virtual partner event, Boundless 2020, from Nov 17-19.

The Best Firewalls For Small Business In 2020 —  Digital Trends

  • In a roundup of the top firewalls for small businesses, SonicWall’s firewalls are ranked first in the category of data-dependent small businesses. *Syndicated on Yahoo Finance

Cybersecurity Experts React on Hackney Council Cyber Attack — Information Security Buzz

  • Media outlets are reporting that Hackney Council in London has been the target of a serious cyberattack, which is affecting many of its services and IT systems.

Industry News

Study: Half of battleground states facing cybersecurity challenges ahead of election — The Hill

  • Around half of battleground states are facing cybersecurity challenges that put them at increased risk of a cybersecurity breach, a study found.

BazarLoader used to deploy Ryuk ransomware on high-value targets — Bleeping Computer

  • The TrickBot gang operators are increasingly targeting high-value targets with the new stealthy BazarLoader trojan before deploying the Ryuk ransomware.

Android Ransomware Has Picked Up Some Ominous New Tricks — Wired

  • Though ransomware has been around for years, it poses an ever-increasing threat to hospitals, municipal governments, and basically any institution that can’t tolerate downtime.

Apple pays $288,000 to white-hat hackers who had run of company’s network — Ars Technica

  • The company has so far processed about half of the vulnerabilities reported and committed to paying $288,500 for them. Once Apple processes the remainder, the total payout might surpass $500,000.

US Cyber Command: Patch Windows ‘Bad Neighbor’ TCP/IP bug now — Bleeping Computer

  • U.S. Cyber Command warns Microsoft customers to patch their systems immediately against the critical and remotely exploitable CVE-2020-16898 vulnerability addressed during this month’s Patch Tuesday.

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work — Krebs on Security

  • Judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.

Hackers Eye Their Next Targets, From Schools to Cars — The Wall Street Journal

  • Hackers will tell you that just about anything with software and an internet connection can get hacked. The next decade will test how much that is true, and the challenge it poses to everyday life.

Ransomware Attackers Buy Network Access in Cyberattack Shortcut — Threatpost

  • Network access to various industries is being offered in underground forums at as little as $300 a pop – and researchers warn that ransomware groups like Maze and NetWalker could be buying in.

Court orders seizure of ransomware botnet controls as U.S. election nears — Reuters

  • Microsoft said Monday it had used a court order to take control of computers that were installing ransomware and other malicious software on local government networks and threatening to disrupt the November election.

The Man Who Speaks Softly—and Commands a Big Cyber Army — Wired

  • Meet General Paul Nakasone. He reined in chaos at the NSA and taught the U.S. military how to launch pervasive cyberattacks. And he did it all without you noticing.

Canva design platform actively abused in credentials phishing — Bleeping Computer

  • Free graphics design website Canva is being abused by threat actors to create and host intricate phishing landing pages.

In Case You Missed It

Cybersecurity News & Trends – 10-09-20

This week, cybercriminals deployed attacks on both U.S. political parties, the shipping industry, and COVID-19 researchers.


SonicWall in the News

Sonicwall Unveils Boundless 2020, Company’s Largest Ever Global Virtual Partner Event — SonicWall Press Release

  • SonicWall unveils Boundless 2020, a three-day virtual partner event hosted online Nov. 17-19. 

Marina Pharmacy Secures Its Branches With SonicWall Next-Gen Firewalls — Intelligent CIO

  • How UAE-based Marina Pharmacy’s SonicWall implementation has improved the group’s security posture and secured network connectivity across its 40 retail stores.

Surge In Ransomware Attacks Threatens Student Data — TechTarget

  • SonicWall CEO Bill Conner explains why K-12 schools are an increasingly attractive target, and why they shouldn’t give in to ransom demands.

Rethinking Cloud Security Amidst Pandemic and Mounting Threats — Digital TechMedia

  • A closer look at how the pandemic has affected cybersecurity in India and around the globe.

Industry News

Cyber Pirates Hit Global Shipping Industry Nearing Peak Season — Bloomberg

  • Two key players in the global shipping industry are trying to restore computer networks and assess the damage from separate cyberattacks just ahead of peak season.

Hackers are using DNC volunteer pitch to deliver malware, researchers warn — The Washington Times

  • Democratic National Committee messaging has been repurposed and weaponized as part of a hacking campaign spotted by cybersecurity researchers following the debate

Ransomware: Gangs are shifting targets and upping their ransom demands — ZDNet

  • Ransomware gangs are getting smarter, factoring in companies’ revenues when determining the ransom they try to collect.

‘Mercenary’ hacker group runs rampant in Middle East, cybersecurity research shows — Reuters

  • Saudi diplomats, Sikh separatists and Indian business executives have been among those targeted by a group of hired hackers.

Phishing emails lure victims with inside info on Trump’s health — Bleeping Computer

  • A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump’s health after being infected with COVID-19.

US warns: Big surge in Emotet malware campaigns makes it one of today’s top threats — ZDNet

  • CISA’s intrusion detection system has recorded 16,000 Emotet threats to government networks since July.

Will We Have Cyberwar or Cyber Peace? — The Wall Street Journal

  • The Wall Street Journal’s Richard Clark takes a look at what cyber warfare could look like in 2030.

Ransomware: Surge in attacks as hackers take advantage of organisations under pressure — ZDNet

  • Cyber criminals are doubling down on ransomware attacks, deploying more sophisticated campaigns at a time when remote working is already creating additional security challenges for businesses

US brokerage firms warned of widespread survey phishing attacks — Bleeping Computer

  • The U.S. Financial Industry Regulatory Authority (FINRA) has issued a notice warning member brokerage firms of widespread phishing attacks using surveys to harvest information.

COVID-19 Clinical Trials Slowed After Ransomware Attack — Threatpost

  • The attack on eResearchTechnology potentially slowed down coronavirus research worldwide, and researchers suggest a nation-state actor could be behind the incident.

In Case You Missed It

Cybersecurity News & Trends – 10-02-20

This week, attackers targeted everything from the energy sector and the U.S. elections to social media accounts and your coffeemaker.


SonicWall in the News

The 100 People You Don’t Know but Should 2020 — CRN

  • SonicWall’s Jason Carter has been selected to be part of CRN’s annual “100 People You Don’t Know but Should” list.

How Home Tech Can Be Companies’ Weakest Link — Financial Times (Business Education)

  • SonicWall President and CEO Bill Conner weighs in on how companies can protect against risks due to remote employees’ home network setups.

Managed IT Service Providers Expands Support For Remote Workers During Pandemic — Crain’s Detroit Business

  • In March, SonicWall helped Vision Computer Solutions acquire additional licenses more quickly than normal so the company could rapidly transition to remote work.

These 13 Israeli Cybersecurity Startups Have Raised A collective $847 Million In Funding This Year For New Tools That Protect Remote Work  — Business Insider

  • Perimeter 81 — which SonicWall has invested in — is included in the roundup as a cloud-based company helping IT and security professionals more easily secure remote access.

Industry News

U.S. tech giants face curbs on data sharing, digital marketplaces, under draft EU rules — Reuters

  • Google, Facebook, Amazon, Apple and other U.S. tech giants could be banned from favoring their services or forcing users to sign up to a bundle of services under draft EU rules.

House passes bills to secure energy sector against cyberattacks — The Hill

  • The House has unanimously passed four bills aimed at securing the power grid and other energy infrastructure against cyberattacks.

Microsoft looks to expose espionage groups taking aim at NGOs, US politics — Cyberscoop

  • Cyberscoop summarizes/explores the new Microsoft report — a detailed review of criminal and government hackers’ tradecraft.

When coffee makers are demanding a ransom, you know IoT is screwed — Ars Technica

  • With the name Smarter, you might expect a network-connected kitchen appliance maker to be, well, smarter than companies selling conventional appliances. But in the case of the Smarter’s IoT coffee maker, you’d be wrong.

CISA Warns of Hackers Exploiting Zerologon Vulnerability — Security Week

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert to warn of attackers actively targeting a recently addressed vulnerability in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Microsoft disrupts nation-state hacker op using Azure Cloud service — Bleeping Computer

  • In a report today, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyberattacks.

Ransomware Attacks Take On New Urgency Ahead of Vote — The New York Times

  • Attacks against small towns, big cities and the contractors who run their voting systems have federal officials fearing that hackers will try to sow chaos around the election.

FBI director warns that Chinese hackers are still targeting US COVID-19 research — The Hill

  • FBI Director Christopher Wray said Chinese hackers are continuing to target U.S. companies involved in COVID-19 research and described China as the nation’s “greatest counterintelligence threat.”

Mount Locker ransomware joins the multi-million dollar ransom game — Bleeping Computer

  • A new ransomware operation named Mount Locker is stealing victims’ files before encrypting and then demanding multi-million dollar ransoms.

FBI Director: Feeding DOD’s Cyber Offense Operations Is Crucial to New Strategy — Nextgov

  • Senator says legislation is moving forward to thwart intellectual property theft and defend federal networks from cyberattacks.

Phishing attacks are targeting your social network accounts — Bleeping Computer

  • Scammers are targeting your social network accounts with phishing emails that pretend to be copyright violations or promises of a shiny ‘blue checkmark’ next to your name.

In Case You Missed It

Cybersecurity News & Trends – 09-25-20

This week, foreign hackers made headlines for targeting everything from COVID-19 research, to NASA, to the U.S. presidential election.


SonicWall in the News

Top 5 CyberSecurity Innovations and Why They’re Drawing In The Money — TechGenix

  • SonicWall’s product with Perimeter 81 was in included in article, as an innovation in the zero-trust sector.

ChannelPro Weekly Podcast: Episode #157 – The New M&A (Mongrels & Animals) — ChannelPro Weekly

  • In its weekly news podcast, ChannelPro Network discussed SonicWall’s 7th generation of security products.

Coronavirus Puts Security At The Heart Of The Agenda — MicroScope

  • Terry Greer-King, vice-president for EMEA at SonicWall, says the “mass shift” from working within the corporate perimeter to working from home has made everyone inherently less secure, ushering in an era of “boundless cyber security”

Making Work-From-Home Security Work — ChannelPro Network

  • In an article about how to successfully and securely work from home, SonicWall’s data on the increase in ransomware from the midyear update to the 2020 Cyber Threat Report is included to showcase the dangers of ransomware attacks.

Industry News

U.S. warns ‘foreign actors’ aim to sow doubts over mail-in voting — Reuters

  • U.S. federal law enforcement and cybersecurity agencies on Tuesday warned that “foreign actors” will likely try to discredit the November presidential election by taking advantage of the slow counting of mail-in ballots.

UK Govt Advisor Warns: Universities the Latest Frontier for Cybercriminals — IT Supply Chain

  • Students’ return to universities has coincided with a spate of attacks against academic institutions across the North of England, prompting the National Cyber Security Centre to issue a warning: Prepare for disruption as the term starts.

FBI Open China-Related Counterintelligence Case Every 10 Hours — SC Media

  • FBI Director Christopher Wray offered the House Homeland Security Committee some sobering news about China: the FBI opens a new China-related counterintelligence case roughly every 10 hours.

Ransomware gang targets Russian businesses in rare coordinated attacks — ZDNet

  • Group breaks an unofficial rule in the cybercrime underground not to target the former Soviet space.

Lessons from the ransomware death: Prioritize cyber emergency preparedness — SC Magazine

  • The death of a woman, at least in part due to a ransomware attack, has placed security teams on high alert.

“LokiBot,” the malware that steals your most sensitive data, is on the rise — Ars Technica

  • Officials are seeing a big uptick in infections coming from LokiBot, an open-source DIY malware package that’s openly sold or traded in underground forums. It steals passwords and cryptocurrency wallets, and can also download and install new malware.

The dark web won’t hide you anymore, police warn crooks — ZDNet

  • ‘Operation Disruptor’ involved agencies from nine countries and resulted in the seizure of over $6.5m in cash and cryptocurrencies, as criminals are warned law enforcement will track them down.

Healthcare lags behind in critical vulnerability management, banks hold their ground — ZDNet

  • New research sheds light on which industries are performing well when it comes to patching high-risk bugs.

Officials say NASA facing increased targeting by foreign and domestic hackers — The Hill

  • Top officials at NASA say the agency is facing increasing attempts by foreign hackers to target sensitive information as it works to improve its IT security during the COVID-19 pandemic.

FBI sounds alarm on rampant personal-data theft by China-backed hackers — The Washington Times

  • China is engaged in massive data mining in the U.S. and likely has stolen personal information on nearly half of the entire U.S. population, FBI Director Christopher Wray revealed.

Chinese and Russian hackers pose ‘very, very real threat’ to COVID-19 research: FBI Director Wray — The Washington Times

  • Foreign hackers searching for ways to steal coronavirus research remain a “very, very real cyber threat,” FBI Director Christopher A. Wray told the House Homeland Security Committee.

U.K. warns of surge in ransomware threats against education sector — Bleeping Computer

  • The U.K. National Cyber Security Centre has issued an alert about a surge in ransomware targeting educational institutions, urging them to follow new recommendations for mitigating attacks.

In Case You Missed It

Cybersecurity News & Trends – 09-18-20

Between legislation to protect government IoT devices, developments in the TikTok saga and Supreme Court arguments, what’s happening at the federal level this week could have far-reaching implications for cybersecurity.


SonicWall in the News

Politics in the Technology World Order — Verdict Magazine
SonicWall President and CEO Bill Conner weighs in on the future of the U.S. data privacy landscape.

Perimeter 81 Looks To Take Firewall Appliances Out — Security Boulevard
SonicWall, an investor in Perimeter 81’s recent funding round, has partnered with the firm on its firewall-as-a-service software.

Sectigo to Be Acquired by GI Partners — Sectigo Press Release
In a comment about the acquisition, SonicWall President, CEO and Sectigo Board Chairman Bill Conner said, “The future is bright for Sectigo as the company builds on its impressive position as a digital identity and web security solutions leader.”


Industry News

This security awareness training email is actually a phishing scam — Bleeping Computer
A creative phishing campaign spoofs a well-known security company in an email pretending to be a reminder to complete security awareness training.

Oracle-TikTok Deal to Undergo U.S. Security Review — The Wall Street Journal
The Treasury Department said it would review an agreement for Oracle and others to revamp TikTok’s U.S. operations, with the aim of avoiding a ban of the popular video-sharing app.

House approves bill to secure internet-connected federal devices against cyber threats — The Hill
The Internet of Things (IoT) Cybersecurity Improvement Act, passed unanimously by the House, would require all internet-connected devices purchased by the federal government to comply with minimum security recommendations.

Hackers are getting more hands-on with their attacks. That’s not a good sign — ZDNet
Both nation-state-backed hackers and cybercriminals are trying to take advantage of the rise in remote working — and getting more sophisticated in their approach.

LockBit ransomware launches data leak site to double-extort victims — Bleeping Computer
The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom.

Zerologon attack lets hackers take over enterprise networks — ZDNet
If you’re managing enterprise Windows servers, don’t skip on the August 2020 Patch.

Security researchers slam Voatz brief to the Supreme Court on anti-hacking law — Cyberscoop
The Supreme Court is about to take up a case with major implications for computer research — and a group of high-profile cybersecurity specialists doesn’t want mobile voting firm Voatz to have the last word.

Don’t pay the ransom, mate. Don’t even fix a price, say Australia’s cyber security bods — The Register
Over the past 12 months, the Australian Cyber Security Centre has observed real-world impacts of ransomware incidents, which have typically originated from a user executing a file received as part of a spearphishing campaign.

Russian Intelligence Hackers Are Back, Microsoft Warns, Aiming at Officials of Both Parties — The New York Times
China is also growing more adept at targeting campaign workers, with Beijing mostly aiming at Biden campaign officials.

Iran Says US Vote Hack Allegation ‘Absurd’ — Security Week
Tehran on Friday hit back at allegations by Microsoft that Iran-based hackers had targeted the U.S. presidential campaigns.

Treasury Dept. sanctions Russian, Ukrainian individuals for election interference — The Hill
The Treasury Department has added four Russian and Ukrainian individuals to its specially designated nationals list, citing attempts by the individuals to interfere in U.S. elections.


In Case You Missed It

Cybersecurity News & Trends – 09-11-20

This week, students are going back to school, cybersecurity is going into outer space, and Emotet is going through the roof.


SonicWall Spotlight

Cybersecurity for the post-COVID new normal of work — Managing the Future of Work podcast

  • SonicWall CEO Bill Conner discusses how COVID-19 and the 2020 election are creating unprecedented infrastructure challenges in cybersecurity, and how forces such as the cybersecurity business gap and the need for secure remote access will shape the cybersecurity landscape going forward.

Tackle the Growing Number of IoT Ransomware Threats — TechTarget – IoT Agenda

  • Ransomware attacks have increased 20% worldwide in the first half of the year and 105% in the U.S., according to SonicWall’s latest cyberthreat report.

Cybersecurity News

FBI: Thousands of orgs targeted by RDoS extortion campaign — Bleeping Computer

  • The FBI has warned U.S. companies that thousands of organizations around the world, from various industry sectors, have been threatened with DDoS attacks within six days unless they pay a Bitcoin ransom.

Inter: a ‘low bar’ kit for Magecart credit card skimmer attacks on e-commerce websites — ZDNet

  • Researchers say that any attacker with “a little cash to burn” can join the attack trend.

 Website Crashes and Cyberattacks Welcome Students Back to School — The New York Times

  • With many districts across the country opting for online learning, a range of technical issues marred the first day of classes.

Phishing adds overlay on official company page to steal logins — Bleeping Computer

  • A phishing campaign deployed recently at various businesses uses the company’s home page to disguise the attack and trick potential victims into providing login credentials.

Money from bank hacks rarely gets laundered through cryptocurrencies — ZDNet

  • Despite being considered a cybercrime haven, cryptocurrencies play a very small role in laundering funds obtained from bank hacks, the SWIFT financial organization said.

White House issues cybersecurity space policy — SpaceNews

  • Space Policy Directive 5 is the first comprehensive government policy on cybersecurity for satellites and related systems, and outlines best practices to protect space systems from hacking and other cyber threats.

U.S. Department of Defense discloses critical and high severity bugs — Bleeping Computer

  • The U.S. Department of Defense has disclosed details about four security vulnerabilities on its infrastructure. Two of them have a high severity rating, while the other two received a critical score.

France, Japan, New Zealand warn of sudden spike in Emotet attacks — ZDNet

  • Emotet activity has ramped up to new levels in September 2020, alarming some cybersecurity agencies.

In Case You Missed It

Cybersecurity News & Trends – 09-04-20

This week, teenage hackers and nation-state attackers made trouble worldwide.


SonicWall Spotlight

SonicWall TZ 600 POE — SC Magazine

  • SC Media takes a close look at the TZ 600 POE and awards it top marks.

Why Small Businesses Must Deal With Emerging Cybersecurity Threats — Entrepreneur

  • Cybercriminals are counting on small businesses to be less protected — and they’re often right.

Surging CMS attacks keep SQL Injections On The Radar During The Next Normal — Help Net Security

  • Cyberattacks have risen during the pandemic, leaving businesses to wonder whether things will settle down when COVID-19 begins to wane, or if the increase in attacks is here to stay.

Cybersecurity News

Teenager arrested in cyberattacks on Miami-Dade schools — The Washington Times

  • A 16-year-old student has been arrested for orchestrating a series of network outages and cyberattacks during the first week of school in Florida’s largest district.

Microsoft Defender can ironically be used to download malware — Bleeping Computer

  • A recent update to Windows 10’s Microsoft Defender antivirus solution ironically allows it to download malware and other files to a Windows computer.

Twitter Hack May Have Had Another Mastermind: A 16-Year-Old — The New York Times

  • A Massachusetts teenager appears to have played a significant role in the July 15 Twitter attack, investigators and fellow hackers said.

Chinese Hackers Targeted European Officials in Phishing Campaign — Bloomberg

  • Chinese nation-state hackers launched a phishing campaign against European government officials, diplomats, non-profits and other organizations to gather intelligence about global economies reeling from the pandemic.

Minister: New Zealand Enduring Wave of Cyberattacks — Security Week

  • According to the Associated Press, tracking down the perpetrators will be extremely difficult, as the distributed denial of service attacks are being routed through thousands of computers.

Federal agencies deny seeing attacks on voting infrastructure — The Hill

  • The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have denied seeing any reports of attacks on voting infrastructure, following the publication of a report on potential Russian election interference.

The FBI Botched Its DNC Hack Warning in 2016—but Says It Won’t Next Time — Wired

  • Facing looming election threats and a ransomware epidemic, the bureau says it has revamped its process for warning hacking victims.

The accidental notary: Apple approves notorious malware to run on Macs — Ars Technica

  • Newfangled malware protection gives users a false sense of security, critics say, making it potentially worse than nothing at all.

Attackers abuse Google DNS over HTTPS to download malware — Bleeping Computer

  • More details have emerged on a malware sample that uses Google DNS over HTTPS to retrieve the stage 2 malicious payload.

‘UltraRank’ Gang Sells Card Data It Steals — Bank Info Security

  • A cybercriminal gang that has spent five years planting malicious JavaScript code in order to steal payment card data from hundreds of e-commerce websites also takes the unusual step of selling the data on its own.

Hackers Attack Norway’s Parliament — Security Week

  • Norway’s parliament said Tuesday it had been the target of a “vast” cyberattack that allowed hackers to access the some lawmakers’ emails.

In Case You Missed It

Cybersecurity News & Trends – 08-21-20

This week, U.S. national security was at the forefront, with authorities working to secure voting systems ahead of the November elections, FBI and CISA issuing warnings about Linux malware and the U.S. Army detailing North Korea’s cyberattack strategies.


SonicWall Spotlight

Interview: Bill Conner, President and CEO, SonicWall — Infosecurity

  • With remote working likely to be far more common going forward, businesses are considering what they should do to adequately secure themselves.

How to Negotiate with Cyber Terrorists During a Pandemic — Bloomberg (United Kingdom)

  • According to SonicWall’s mid-year Cyber Threat Report, the number of ransomware attacks climbed 20% in the first half of the year, to a total of 121.4 million.
    *Syndicated on Yahoo! Finance UK, Washington Post and The Star

D&H Expands Hosted Security Offerings for MSPs, SMBs — Channelnomics

  • D&H Distributing is giving MSPs and SMBend customers access to SonicWall’s security solutions through a subscription model that removes upfront costs and offers predictable monthly payments.

Cybersecurity News

Taiwan says China behind cyberattacks on government agencies, emails — Reuters

  • Taiwan said hacking groups linked to the Chinese government had attacked at least 10 government agencies and some 6,000 government email accounts to steal important data.

FritzFrog malware attacks Linux servers over SSH to mine Monero — Bleeping Computer

  • A sophisticated botnet campaign named FritzFrog has been discovered breaching SSH servers around the world.

Ongoing Campaign Uses HTML Smuggling for Malware Delivery — Security Week

  • Referred to as Duri, the campaign attempts to evade network security solutions, including proxies and sandboxes, to deliver malicious code.

IRS Granted Tens of Thousands of Devices Network Access Without Proper Authentication — Nextgov

  • Most devices accessing the Internal Revenue Service’s internal network using wireless connections and virtual private networks weren’t authenticated, according to an audit.

U.S. Army Report Describes North Korea’s Cyber Warfare Capabilities — Security Week

  • A 332-page report, titled “North Korean Tactics,” details North Korean forces and their actions, with one chapter focusing on electronic intelligence warfare.

How a new federal policy for telling election officials about cyber-intrusions got put to use — Cyberscoop

  • An unidentified hacker reportedly spoofed the email account of a voting-equipment vendor and sent a phishing email to a local election official in Missouri.

NSA and FBI warn that new Linux malware threatens national security — Ars Technica

  • The FBI and NSA have issued a joint warning that Russian state hackers are using a previously unknown piece of Linux malware to infiltrate sensitive networks, steal confidential information, and execute malicious commands.

CISA Warns of Phishing Emails Delivering KONNI Malware — Security Week

  • The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert providing information on attacks delivering the KONNI remote access Trojan (RAT).

CactusPete hackers go on European rampage with Bisonal backdoor upgrade — ZDNet

  • The APT is attacking banks and military organizations throughout Eastern Europe.

Lawmakers introduce bill to help election officials address cyber vulnerabilities — The Hill

  • Reps. John Katko (R-N.Y.) and Kathleen Rice (D-N.Y.) introduced legislation to provide election officials with enhanced cybersecurity resources, as authorities ramp up warnings of foreign interference in the upcoming U.S. elections.

In Case You Missed It

Cybersecurity News & Trends – 08-14-20

This week marks one of the biggest launches in SonicWall history, bringing with it a comprehensive set of new solutions designed to increase security, simplify management and meet the challenges of today’s cybersecurity reality.


SonicWall Spotlight

SonicWall’s Biggest Launch To-Date Delivers Future-Proof Security, Remotely — CRN TV

  • CRN’s video discusses SonicWall CEO Bill Conner’s leadership and showcases the importance of SonicWall to the channel and the industry overall.

SonicWall Leads SMB Market To Resolve Stretched Security Budgets And Risks For Newly Extended Remote Workforces — Source Security

  • SonicWall is introducing new zero-touch enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console.

SonicWall Refreshes High End Both Enterprise and SMB Firewalls — ChannelBuzz

  • ChannelBuzz highlights the new versions of SonicWall’s firewalls and includes commentary from Bill Conner on the importance of the launch.

SonicWall Sounds Off On Next-Gen Security Line Up  — SDxCentral

  • SDxCentral explains how SonicWall’s Gen 7 offerings expand the company’s enterprise capabilities and strengthen its current portfolio of products.

SonicWall Ships High-Speed Firewalls for SMB and Branch Office Environments — The ChannelPro Network

  • In a feature on SonicWall’s Gen 7 launch, the ChannelPro Network discusses SonicWall’s new firewall appliances.

Cybersecurity News

Israel Says It Thwarted Cyber Attack Targeting Defense Industry — Bloomberg

  • Israel has announced it foiled a cyberattack targeting its defense industry by a shadowy group that the U.S. has linked to North Korea. .

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal — Threat Post

  • The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware.

Trump Moves on China Apps May Create New Internet ‘Firewall’ — Security Week

  • A Trump administration ban on apps such as TikTok and WeChat risks fragmenting an already fragile global internet and creating an American version of China’s “Great Firewall.

Avaddon ransomware launches data leak site to extort victims — Bleeping Computer

  • The Avaddon ransomware operators’ site will be used to publish the stolen data of victims who do not pay a ransom demand.

Hacked government, college sites push malware via fake hacking tools — Bleeping Computer

  • A large scale hacking campaign appears to offer articles on hacking social network accounts, but instead delivers malware and scams.

UN reports sharp increase in cybercrime during pandemic — The Washington Times

  • A 350% increase in phishing websites was reported in Q1 2020, many targeting hospitals and health care systems responding to the COVID-19 pandemic

Magecart group uses homoglyph attacks to fool you into visiting malicious websites — ZDNet

  • A new campaign is utilizing the Inter kit and favicons to hide skimming activities.

Maryland officials warn gun dealers about phishing scams — The Washington Times

  • Authorities in Maryland have issued an advisory about an apparent email phishing scam targeting firearms dealers in the state.

In Case You Missed It

Cybersecurity News & Trends – 08-07-20

This week, hackers dominated the headlines. But from financial firms, to voting machines, to entire countries, many are beginning to mount a stronger defense.


SonicWall Spotlight

AT&T Cybersecurity: Do Secure VPNs, Don’t Pay Ransoms — SDxCentral

  • The author notes that, per SonicWall’s mid-year update to the 2020 Cyber Threat Report, there was a 20% jump in ransomware globally in the first half of 2020 compared to mid-year 2019, including a staggering 109% spike in the U.S.

3 Tips For Improving Your Cybersecurity Program This School Year — EdTech Magazine

  • As schools prepare to reopen, EdTech Magazine offers three ways districts can improve their cybersecurity programs.

Covid-19 pandemic: Russian hackers target UK, US and Canadian research — Pharmaceutical Technology

  • Security services in the UK, US and Canada have determined that Russian cyber hacking group APT29 has attempted to illicitly access Covid-19 research. SonicWall CEO Bill Conner discusses how state-sponsored espionage groups are targeting medical data.

Cybersecurity News

Insecure satellite Internet is threatening ship and plane safety — Ars Technica

  • At the Black Hat security conference, researcher James Pavur presented findings that show that satellite-based Internet is putting millions at risk despite safeguards implemented by providers.

How the US Can Prevent the Next ‘Cyber 9/11’ — Wired

  • In an interview with WIRED, former national intelligence official Sue Gordon discusses Russian election interference and other digital threats to democracy.

U.S. Government Launches Cyber Career Path Tool — Security Week

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week announced the launch of a free tool designed to help users identify and navigate a potential career path.

U.S. coronavirus fraud losses near $100 million as COVID scams double — Reuters

  • U.S. losses from coronavirus-related fraud and identity theft have reached nearly $100 million, while complaints of COVID-19 scams have at least doubled in most states.

Financial Firms’ Cybersecurity Spending Jumps 15%, Survey Finds — Bloomberg

  • Big banks and other financial firms are spending 15% more this year to defend computer networks from cyber criminals, and the pandemic and work-from-home arrangements are probably spurring further increases.

Hackers Get Green Light to Test U.S. Voting Systems — The Wall Street Journal

  • Election Systems & Software, the top U.S. seller of voting-machine technology, is calling a truce in its feud with computer security researchers over the ways they probe for vulnerabilities of the company’s systems.

Hackers can abuse Microsoft Teams updater to install malware — Bleeping Computer

  • Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.

Robots Running the Industrial World Are Open to Cyber Attacks — Bloomberg

  • According to a new report titled “Rogue Automation,” some robots have flaws that could make them vulnerable to advanced hackers, who could steal data or alter a robot’s movements remotely.

Interpol Warns of ‘Alarming’ Cybercrime Rate During Pandemic — Security Week

  • Global police body Interpol has warned of an “alarming” rate of cybercrime during the coronavirus pandemic.

CISA, DOD, FBI expose new versions of Chinese malware strain named Taidoor — ZDNet

  • U.S. government agencies say the Taidoor remote access trojan (RAT) has been used as far back as 2008.

Exclusive: China-backed hackers ‘targeted COVID-19 vaccine firm Moderna’ — Reuters

  • Chinese government-linked hackers targeted biotech company Moderna Inc., a U.S.-based coronavirus vaccine research developer, this year in a bid to steal data, according to a U.S. security official.

Hackers Are Targeting the Remote Workers Who Keep Your Lights On — Bloomberg

  • With many of the people who help keep the grid running now working from home, cyberattacks targeting the power sector have surged.

Hackers Broke Into Real News Sites to Plant Fake Stories — Wired

  • A disinformation operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO.

In Case You Missed It