This week, increasingly sophisticated ransomware is being deployed by ransomware groups increasingly functioning like businesses.

SonicWall in the News

Sonicwall Trusted By U.S. Federal Agencies, Driving Thought-Leadership With Live Webinar Event — SonicWall Press Release

• Thursday, Oct. 15, 1 p.m. EDT, SonicWall will host a live webinar event, ‘Securing Federal Agencies in Unprecedented Times’, exploring the effects of COVID-19 on federal networks and employees, changes in the federal space in 2020, and SonicWall’s certified federal solutions.

How The Enterprise Can Shut Down Cyber Criminals and Protect A Remote A Staff  — TechRepublic

• Hackers accidentally allowed into company software by security-noncompliant employees cost businesses millions annually. Experts to weigh in on best safety practices.

5 Campaign Cybersecurity Lessons Learned from Enterprise — SDxCentral

• Campaigns can — and should — take a page from enterprise security best practices to harden their defenses and hunt for threats in their environments.

SonicWall Unveils Boundless 2020, Company’s Largest Ever Global Virtual Partner Event — CRN India

• On the heels of a record-setting year that has included the introduction of the Boundless Cybersecurity platform and numerous new products, services and programs, SonicWall is hosting a three-day virtual partner event, Boundless 2020, from Nov 17-19.

The Best Firewalls For Small Business In 2020 —  Digital Trends

• In a roundup of the top firewalls for small businesses, SonicWall’s firewalls are ranked first in the category of data-dependent small businesses. *Syndicated on Yahoo Finance

Cybersecurity Experts React on Hackney Council Cyber Attack — Information Security Buzz

• Media outlets are reporting that Hackney Council in London has been the target of a serious cyberattack, which is affecting many of its services and IT systems.

Industry News

Study: Half of battleground states facing cybersecurity challenges ahead of election — The Hill

• Around half of battleground states are facing cybersecurity challenges that put them at increased risk of a cybersecurity breach, a study found.

BazarLoader used to deploy Ryuk ransomware on high-value targets — Bleeping Computer

• The TrickBot gang operators are increasingly targeting high-value targets with the new stealthy BazarLoader trojan before deploying the Ryuk ransomware.

Android Ransomware Has Picked Up Some Ominous New Tricks — Wired

• Though ransomware has been around for years, it poses an ever-increasing threat to hospitals, municipal governments, and basically any institution that can’t tolerate downtime.

Apple pays $288,000 to white-hat hackers who had run of company’s network — Ars Technica

• The company has so far processed about half of the vulnerabilities reported and committed to paying $288,500 for them. Once Apple processes the remainder, the total payout might surpass $500,000.

US Cyber Command: Patch Windows ‘Bad Neighbor’ TCP/IP bug now — Bleeping Computer

• U.S. Cyber Command warns Microsoft customers to patch their systems immediately against the critical and remotely exploitable CVE-2020-16898 vulnerability addressed during this month’s Patch Tuesday.

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work — Krebs on Security

• Judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.

Hackers Eye Their Next Targets, From Schools to Cars — The Wall Street Journal

• Hackers will tell you that just about anything with software and an internet connection can get hacked. The next decade will test how much that is true, and the challenge it poses to everyday life.

Ransomware Attackers Buy Network Access in Cyberattack Shortcut — Threatpost

• Network access to various industries is being offered in underground forums at as little as $300 a pop – and researchers warn that ransomware groups like Maze and NetWalker could be buying in.

Court orders seizure of ransomware botnet controls as U.S. election nears — Reuters

• Microsoft said Monday it had used a court order to take control of computers that were installing ransomware and other malicious software on local government networks and threatening to disrupt the November election.

The Man Who Speaks Softly—and Commands a Big Cyber Army — Wired

• Meet General Paul Nakasone. He reined in chaos at the NSA and taught the U.S. military how to launch pervasive cyberattacks. And he did it all without you noticing.

Canva design platform actively abused in credentials phishing — Bleeping Computer

• Free graphics design website Canva is being abused by threat actors to create and host intricate phishing landing pages.

In Case You Missed It

• Securing Devices at Home and at Work — Amber Wolff
• The Scope of Application Vulnerabilities — Brook Chelmo
• SonicWall Unveils Boundless 2020, Company’s Largest Ever Global Virtual Experience — Robert (Bob) VanKirk
• IoT Devices: If You Connect It, Protect It — Amber Wolff
• ‘3 & Free’ Promotion: How to Upgrade Your SonicWall Firewall for Free — Robert (Bob) VanKirk
• National Cybersecurity Awareness Month Empowers Individuals, Orgs to Own Their Role in Cybersecurity — Amber Wolff
• 10 Reasons to Upgrade to the Latest SonicWall TZ Firewall — Brook Chelmo

This week, attackers targeted everything from the energy sector and the U.S. elections to social media accounts and your coffeemaker.

SonicWall in the News

The 100 People You Don’t Know but Should 2020 — CRN

• SonicWall’s Jason Carter has been selected to be part of CRN’s annual “100 People You Don’t Know but Should” list.

How Home Tech Can Be Companies’ Weakest Link — Financial Times (Business Education)

• SonicWall President and CEO Bill Conner weighs in on how companies can protect against risks due to remote employees’ home network setups.

Managed IT Service Providers Expands Support For Remote Workers During Pandemic — Crain’s Detroit Business

• In March, SonicWall helped Vision Computer Solutions acquire additional licenses more quickly than normal so the company could rapidly transition to remote work.

These 13 Israeli Cybersecurity Startups Have Raised A collective $847 Million In Funding This Year For New Tools That Protect Remote Work  — Business Insider

• Perimeter 81 — which SonicWall has invested in — is included in the roundup as a cloud-based company helping IT and security professionals more easily secure remote access.

Industry News

U.S. tech giants face curbs on data sharing, digital marketplaces, under draft EU rules — Reuters

• Google, Facebook, Amazon, Apple and other U.S. tech giants could be banned from favoring their services or forcing users to sign up to a bundle of services under draft EU rules.

House passes bills to secure energy sector against cyberattacks — The Hill

• The House has unanimously passed four bills aimed at securing the power grid and other energy infrastructure against cyberattacks.

Microsoft looks to expose espionage groups taking aim at NGOs, US politics — Cyberscoop

• Cyberscoop summarizes/explores the new Microsoft report — a detailed review of criminal and government hackers’ tradecraft.

When coffee makers are demanding a ransom, you know IoT is screwed — Ars Technica

• With the name Smarter, you might expect a network-connected kitchen appliance maker to be, well, smarter than companies selling conventional appliances. But in the case of the Smarter’s IoT coffee maker, you’d be wrong.

CISA Warns of Hackers Exploiting Zerologon Vulnerability — Security Week

• The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert to warn of attackers actively targeting a recently addressed vulnerability in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Microsoft disrupts nation-state hacker op using Azure Cloud service — Bleeping Computer

• In a report today, Microsoft said that it disrupted operations of a nation-state threat group that was using its Azure cloud infrastructure for cyberattacks.

Ransomware Attacks Take On New Urgency Ahead of Vote — The New York Times

• Attacks against small towns, big cities and the contractors who run their voting systems have federal officials fearing that hackers will try to sow chaos around the election.

FBI director warns that Chinese hackers are still targeting US COVID-19 research — The Hill

• FBI Director Christopher Wray said Chinese hackers are continuing to target U.S. companies involved in COVID-19 research and described China as the nation’s “greatest counterintelligence threat.”

Mount Locker ransomware joins the multi-million dollar ransom game — Bleeping Computer

• A new ransomware operation named Mount Locker is stealing victims’ files before encrypting and then demanding multi-million dollar ransoms.

FBI Director: Feeding DOD’s Cyber Offense Operations Is Crucial to New Strategy — Nextgov

• Senator says legislation is moving forward to thwart intellectual property theft and defend federal networks from cyberattacks.

Phishing attacks are targeting your social network accounts — Bleeping Computer

• Scammers are targeting your social network accounts with phishing emails that pretend to be copyright violations or promises of a shiny ‘blue checkmark’ next to your name.

In Case You Missed It

• ‘3 & Free’ Promotion: How to Upgrade Your SonicWall Firewall for Free — Robert (Bob) VanKirk
• National Cybersecurity Awareness Month Empowers Individuals, Orgs to Own Their Role in Cybersecurity — Amber Wolff
• 10 Reasons to Upgrade to the Latest SonicWall TZ Firewall — Brook Chelmo
• 10 Reasons to Upgrade to the Latest SonicWall NSa Firewall — Brook Chelmo
• SonicWall’s Jason Carter Recognized as One of CRN’s ‘100 People You Don’t Know but Should’ — Lindsey Lockhart
• Advanced Threats: Am I At Risk? — Osca St. Marthe

Between legislation to protect government IoT devices, developments in the TikTok saga and Supreme Court arguments, what’s happening at the federal level this week could have far-reaching implications for cybersecurity.

SonicWall in the News

Politics in the Technology World Order — Verdict Magazine
SonicWall President and CEO Bill Conner weighs in on the future of the U.S. data privacy landscape.

Perimeter 81 Looks To Take Firewall Appliances Out — Security Boulevard
SonicWall, an investor in Perimeter 81’s recent funding round, has partnered with the firm on its firewall-as-a-service software.

Sectigo to Be Acquired by GI Partners — Sectigo Press Release
In a comment about the acquisition, SonicWall President, CEO and Sectigo Board Chairman Bill Conner said, “The future is bright for Sectigo as the company builds on its impressive position as a digital identity and web security solutions leader.”

Industry News

This security awareness training email is actually a phishing scam — Bleeping Computer
A creative phishing campaign spoofs a well-known security company in an email pretending to be a reminder to complete security awareness training.

Oracle-TikTok Deal to Undergo U.S. Security Review — The Wall Street Journal
The Treasury Department said it would review an agreement for Oracle and others to revamp TikTok’s U.S. operations, with the aim of avoiding a ban of the popular video-sharing app.

House approves bill to secure internet-connected federal devices against cyber threats — The Hill
The Internet of Things (IoT) Cybersecurity Improvement Act, passed unanimously by the House, would require all internet-connected devices purchased by the federal government to comply with minimum security recommendations.

Hackers are getting more hands-on with their attacks. That’s not a good sign — ZDNet
Both nation-state-backed hackers and cybercriminals are trying to take advantage of the rise in remote working — and getting more sophisticated in their approach.

LockBit ransomware launches data leak site to double-extort victims — Bleeping Computer
The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom.

Zerologon attack lets hackers take over enterprise networks — ZDNet
If you’re managing enterprise Windows servers, don’t skip on the August 2020 Patch.

Security researchers slam Voatz brief to the Supreme Court on anti-hacking law — Cyberscoop
The Supreme Court is about to take up a case with major implications for computer research — and a group of high-profile cybersecurity specialists doesn’t want mobile voting firm Voatz to have the last word.

Don’t pay the ransom, mate. Don’t even fix a price, say Australia’s cyber security bods — The Register
Over the past 12 months, the Australian Cyber Security Centre has observed real-world impacts of ransomware incidents, which have typically originated from a user executing a file received as part of a spearphishing campaign.

Russian Intelligence Hackers Are Back, Microsoft Warns, Aiming at Officials of Both Parties — The New York Times
China is also growing more adept at targeting campaign workers, with Beijing mostly aiming at Biden campaign officials.

Iran Says US Vote Hack Allegation ‘Absurd’ — Security Week
Tehran on Friday hit back at allegations by Microsoft that Iran-based hackers had targeted the U.S. presidential campaigns.

Treasury Dept. sanctions Russian, Ukrainian individuals for election interference — The Hill
The Treasury Department has added four Russian and Ukrainian individuals to its specially designated nationals list, citing attempts by the individuals to interfere in U.S. elections.

In Case You Missed It

• Overcoming Advanced Evasion of Malware Detection — Brook Chelmo
• ‘3 & Free’ Promotion: How to Upgrade Your SonicWall Firewall for Free — Robert (Bob) VanKirk
• New SonicWall Solutions: Engineered for the New Normal — Atul Dhablania
• Your Email DLP Just Got Better and More Secure — Vishnu Chandra Pandey
• All it Takes is One Click! — Vishnu Chandra Pandey
• Not Safe for Work — Amber Wolff

This week, teenage hackers and nation-state attackers made trouble worldwide.

SonicWall Spotlight

SonicWall TZ 600 POE — SC Magazine

• SC Media takes a close look at the TZ 600 POE and awards it top marks.

Why Small Businesses Must Deal With Emerging Cybersecurity Threats — Entrepreneur

• Cybercriminals are counting on small businesses to be less protected — and they’re often right.

Surging CMS attacks keep SQL Injections On The Radar During The Next Normal — Help Net Security

• Cyberattacks have risen during the pandemic, leaving businesses to wonder whether things will settle down when COVID-19 begins to wane, or if the increase in attacks is here to stay.

Cybersecurity News

Teenager arrested in cyberattacks on Miami-Dade schools — The Washington Times

• A 16-year-old student has been arrested for orchestrating a series of network outages and cyberattacks during the first week of school in Florida’s largest district.

Microsoft Defender can ironically be used to download malware — Bleeping Computer

• A recent update to Windows 10’s Microsoft Defender antivirus solution ironically allows it to download malware and other files to a Windows computer.

Twitter Hack May Have Had Another Mastermind: A 16-Year-Old — The New York Times

• A Massachusetts teenager appears to have played a significant role in the July 15 Twitter attack, investigators and fellow hackers said.

Chinese Hackers Targeted European Officials in Phishing Campaign — Bloomberg

• Chinese nation-state hackers launched a phishing campaign against European government officials, diplomats, non-profits and other organizations to gather intelligence about global economies reeling from the pandemic.

Minister: New Zealand Enduring Wave of Cyberattacks — Security Week

• According to the Associated Press, tracking down the perpetrators will be extremely difficult, as the distributed denial of service attacks are being routed through thousands of computers.

Federal agencies deny seeing attacks on voting infrastructure — The Hill

• The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have denied seeing any reports of attacks on voting infrastructure, following the publication of a report on potential Russian election interference.

The FBI Botched Its DNC Hack Warning in 2016—but Says It Won’t Next Time — Wired

• Facing looming election threats and a ransomware epidemic, the bureau says it has revamped its process for warning hacking victims.

The accidental notary: Apple approves notorious malware to run on Macs — Ars Technica

• Newfangled malware protection gives users a false sense of security, critics say, making it potentially worse than nothing at all.

Attackers abuse Google DNS over HTTPS to download malware — Bleeping Computer

• More details have emerged on a malware sample that uses Google DNS over HTTPS to retrieve the stage 2 malicious payload.

‘UltraRank’ Gang Sells Card Data It Steals — Bank Info Security

• A cybercriminal gang that has spent five years planting malicious JavaScript code in order to steal payment card data from hundreds of e-commerce websites also takes the unusual step of selling the data on its own.

Hackers Attack Norway’s Parliament — Security Week

• Norway’s parliament said Tuesday it had been the target of a “vast” cyberattack that allowed hackers to access the some lawmakers’ emails.

In Case You Missed It

• Your Email DLP Just Got Better and More Secure — Vishnu Chandra Pandey
• All it Takes is One Click! — Vishnu Chandra Pandey
• Not Safe for Work — Amber Wolff
• SonicWall Wins ChannelPro Reader’s Choice Award — Amber Wolff
• Get the Most out of Your Security Appliance with Multi-Instance — Ajay Uggirala
• SonicWall Products Compliant with NDAA Section 889 Regulations — Wayne Engelke
• SonicWall CEO Bill Conner Talks Company Milestone in CRNtv Guest Appearance — Lindsey Lockhart
• Introducing the SonicExpress Mobile App — Sathya Thammanur

This week marks one of the biggest launches in SonicWall history, bringing with it a comprehensive set of new solutions designed to increase security, simplify management and meet the challenges of today’s cybersecurity reality.

SonicWall Spotlight

SonicWall’s Biggest Launch To-Date Delivers Future-Proof Security, Remotely — CRN TV

• CRN’s video discusses SonicWall CEO Bill Conner’s leadership and showcases the importance of SonicWall to the channel and the industry overall.

SonicWall Leads SMB Market To Resolve Stretched Security Budgets And Risks For Newly Extended Remote Workforces — Source Security

• SonicWall is introducing new zero-touch enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console.

SonicWall Refreshes High End Both Enterprise and SMB Firewalls — ChannelBuzz

• ChannelBuzz highlights the new versions of SonicWall’s firewalls and includes commentary from Bill Conner on the importance of the launch.

SonicWall Sounds Off On Next-Gen Security Line Up  — SDxCentral

• SDxCentral explains how SonicWall’s Gen 7 offerings expand the company’s enterprise capabilities and strengthen its current portfolio of products.

SonicWall Ships High-Speed Firewalls for SMB and Branch Office Environments — The ChannelPro Network

• In a feature on SonicWall’s Gen 7 launch, the ChannelPro Network discusses SonicWall’s new firewall appliances.

Cybersecurity News

Israel Says It Thwarted Cyber Attack Targeting Defense Industry — Bloomberg

• Israel has announced it foiled a cyberattack targeting its defense industry by a shadowy group that the U.S. has linked to North Korea. .

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal — Threat Post

• The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware.

Trump Moves on China Apps May Create New Internet ‘Firewall’ — Security Week

• A Trump administration ban on apps such as TikTok and WeChat risks fragmenting an already fragile global internet and creating an American version of China’s “Great Firewall.

Avaddon ransomware launches data leak site to extort victims — Bleeping Computer

• The Avaddon ransomware operators’ site will be used to publish the stolen data of victims who do not pay a ransom demand.

Hacked government, college sites push malware via fake hacking tools — Bleeping Computer

• A large scale hacking campaign appears to offer articles on hacking social network accounts, but instead delivers malware and scams.

UN reports sharp increase in cybercrime during pandemic — The Washington Times

• A 350% increase in phishing websites was reported in Q1 2020, many targeting hospitals and health care systems responding to the COVID-19 pandemic

Magecart group uses homoglyph attacks to fool you into visiting malicious websites — ZDNet

• A new campaign is utilizing the Inter kit and favicons to hide skimming activities.

Maryland officials warn gun dealers about phishing scams — The Washington Times

• Authorities in Maryland have issued an advisory about an apparent email phishing scam targeting firearms dealers in the state.

In Case You Missed It

• Bring the Power of RTDMI Analysis On-Premises with CSa 1000 — Dmitriy Ayrapetov
• SonicWall NSM: Centralized Firewall Management that Scales for Any Environment — Ken Dang
• New SonicWall NSsp 15700 Firewall: Security for Modern Enterprises — Mallik Vatti
• New SonicWall TZ570 and TZ670: Security for Modern SMBs and Branches — Sathya Thammanur
• New SonicWall SonicOSX 7.0 and SonicOS 7.0 Operating Systems Offer Visibility and Simplicity — Srudi Dineshan
• New SonicWall Solutions Deliver Security, Simplicity and Value — Bill Conner
• What’s the Malware Capital of the US? — Amber Wolff