Posts

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

DHS Has New Cyber Collaboration Center, But Private Companies May Hesitate to Share — Law.com

  • SonicWall CEO Bill Conner discusses the challenges faced by the new DHS National Risk Management Center initiative in relation to cooperation from the private sector.

ADT Acquires MSSP SDI, Eyes Small Business Cybersecurity Market Growth — MSSP Alert

  • ADT, the monitored security and home and business automation solutions provider, has acquired Secure Designs Inc. (SDI), a well-known MSSP and SonicWall partner that manages firewall equipment for small business customers.

The Changing Data Security Landscape — Database Trends and Applications

  • The SonicWall 2018 Cyber Threat Report is used in an analysis of the overall risk landscape for cybersecurity.

SonicWall to expand product engineering facility in India — ETCIO

  • Debasish Mukherjee, Country Manager India & SAARC SonicWall sat down with ETCIO to discuss the country’s expansion in Bangalore, India.

Cyber Security News

The Sensors That Power Smart Cities Are a Hacker’s Dream — Wired

  • Research from IBM Security and data security firm Threatcare that looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes.

Network of 15,000 bots used to spread cryptocurrency giveaway spam via Twitter — SC Magazine

  • A recently developed methodology for identifying Twitter bot accounts in large quantities turned up a cryptocurrency scam botnet operation found to leverage at least 15,000 bots to submit bogus tweets and likes.

Internet of Things Adoption to Rise Despite Security, Data Integration Challenges — The Wall Street Journal

  • Firms continue to adopt Internet of Things technologies, but believe large-scale deployments and returns on investment may take longer than expected to materialize due to ongoing security and implementation challenges.

iPhone Chipmaker Blames WannaCry Variant for Plant Closures — Bloomberg

  • Taiwan Semiconductor Manufacturing Co. blamed a variant of the 2017 WannaCry ransomware for the unprecedented shutdown of several plants, as it ramps up chipmaking for Apple Inc.’s next iPhones

Atlanta’s Reported Ransomware Bill: Up to $17 Million — Bank Info Security

  • The cost of the city of Atlanta’s mitigation and subsequent IT overhaul following a massive SamSam ransomware infection earlier this year could reach $17 million.

In Case You Missed It

SonicWall’s Consistent Value, Cyber Security Effectiveness Earn ‘Recommended’ Rating from NSS Labs

For far too long the modern organization has been told it must pay hundreds of thousands of dollars (or even millions) for powerful, enterprise-grade security.

But for more than 25 years, SonicWall’s mission has been to deliver consistent value and powerful cyber security for organizations of all sizes and budgets. For the fifth time since 2012, this has been validated by one of the most trusted, fact-based organizations in the industry: NSS Labs.

In its 2018 group test of next-generation firewalls (NGFW), NSS Labs strongly positioned SonicWall and the NSa 2650 firewall in the upper-right ‘Recommended’ quadrant of the 2018 NSS Labs Security Value MapTM (SVM).

“NSS Labs is committed to independent testing that helps enterprises make informed cybersecurity decisions,” said NSS Labs CEO Vikram Phatak in SonicWall’s official announcement. “With ‘Recommended’ ratings for five years, SonicWall next-generation firewalls are an excellent choice for any company seeking devices with strong security and consistent product quality to evolve their security architectures. We applaud SonicWall’s focus on product consistency and security effectiveness.”

This year’s in-depth firewall comparison was comprised of totals based on security effectiveness, block rates, stability, performance, product purchasing price, maintenance, installation costs, required upkeep, management and installation. In its head-to-head comparison tests, NSS Labs verifies that NSa 2650:

  • Remains one of the highest-rated and best-value NGFWs in the industry, with a 98.8 percent security effectiveness rating
  • Delivers second-best total cost of ownership (TCO) with $4 per protected Mbps
  • Tested 100 percent effective in countering all advanced HTTP evasion, obfuscation and fragmentation techniques
  • Earned 100 percent ratings in stability and reliability testing

Many factors are taken into consideration when weighing vendor options, measuring security efficacy and calculating TCO.

Security Effectiveness of Firewalls

NSS Labs conducts one of the industry’s most respected, comprehensive and fact-based validation programs for a full range of cybersecurity products, including network and breach security, endpoint protection, cloud and virtual security, and more.

For this year’s comparison test, the SonicWall NSa 2650 next-generation firewall was compared against other industry offerings. During the NSS Labs evaluation, SonicWall NSa 2650 endured thorough testing exercises via the NSS Exploit Library, which exposed the appliance to more than 1,900 exploits.

To ensure real-world testing conditions, NSS Labs engineers utilize multiple commercial, open-source and propriety tools to launch a broad range of attacks. SonicWall NSa 2650 blocked 98.8 percent of all attacks was 100 percent reliable during testing. SonicWall also was successful in countering 100 percent of all advanced HTTP evasion, obfuscation and fragmentation techniques.

The SonicWall NSa 2650 strong security effectiveness and findings within the NSS report are applicable to the entire SonicWall NSa next-generation firewall series.

Total Cost of Ownership for Firewalls

“SonicWall offers the second-lowest TCO with $4 cost per protected Mbps.”

The cyber security industry’s pricing models are, frankly, out of date. Too many legacy vendors believe their old way of doing business — charging hundreds of thousands, or even millions of dollars — is beneficial to end customers and prospects. In some cases, high-end hardware is required, but there should also be powerful, cost-effective options for today’s business.

SonicWall understands and embraces this change.

It’s the reason we continually monitor and refine our pricing structures to ensure every organization is able to protect themselves from today’s most malicious cyberattacks. And we’re proud to say that NSS Labs found SonicWall to offer the second-lowest TCO with $4 cost per protected Mbps.

NSS Labs calculates TCO across a three-year period. At a high level, the formula includes:

  • Year 1 Purchase Price
  • Year 1 Installation & Labor
  • Year 1 Maintenance Costs
  • Year 2 Maintenance Costs
  • Year 3 Maintenance Costs

According to NSS Labs, “Calculations are based on a labor rate of $75 (USD) per hour and vendor-provided pricing information. Where possible, the 24/7 maintenance and support option with 24-hour replacement is used, since enterprise customers typically select that option. Pricing includes one enterprise-class CMS to manage up to five devices.”

As a best practice, enterprises and security-conscious organizations should include TCO as part of their NGFW evaluations, including:

  • Acquisition costs for NGFW and a central management system (CMS)
  • Fees paid to the vendor for annual maintenance, support and signature updates
  • Labor costs for installation, maintenance and upkeep

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

As Malware, Ransomware Surge in 2018, SonicWall Raises Alarm on Encrypted Threats and Chip-Based Attacks

  • SonicWall publishes a mid-year update of 2018 SonicWall Cyber Threat Report, finds more than 5.99 billion total malware attacks, up 102 percent, in the first six months of 2018.

Ghostbusters 2: how to deal with Spectre, the sequel – SC Magazine (UK)

  • Lawrence Pingree, SonicWall’s VP of Product Management discusses the possibilities of future exploits built on the Spectre vulnerability

Big Enterprise or Small Business, It Doesn’t Matter: Hackers Are Coming for You, Right Now – Joseph Steinberg

  • Quotes from a 2017 interview between Bill Conner and Joe Steinberg are resurfaced to explain that about half of all cyber-attacks are on small businesses.

Cyber Security News

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders – The Register

  • An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers’ NPM login tokens.

Hackers are selling backdoors into PCs for just $10 – ZDNet

  • Cyber criminals are offering remote access to IT systems for just $10 via a dark web hacking store — potentially enabling attackers to steal information, disrupt systems, deploy ransomware and more.

Senators press federal election officials on state cybersecurity – The Hill

  • Senators on Wednesday pressed top officials from the U.S. Election Assistance Commission (EAC) about their efforts to boost state cybersecurity election systems, with a focus on whether each state should have a mechanism in place to audit their results.

Cryptocurrency service Bancor robbed of billions; MyEtherWallet users targeted via malicious VPN Chrome extension – SC Magazine

  • Cryptocurrency token conversion service Bancor disclosed yesterday that hackers stole millions in funds from one of its online wallets, while Etherium crypto wallet service MyEtherWallet warned that hackers may have compromised anyone who accessed its service while using the free VPN service Hola and its Chrome extension.

Breach department: Unauthorized party accesses Macys.com and Bloomingdales.com customer accounts – SC Magazine

  • For nearly two months, an unauthorized party reportedly used stolen usernames and passwords to log into the online accounts of certain Macys.com and Bloomingdales.com customers.

In Case You Missed It

5 Cyberattack Vectors for MSSP to Mitigate in Healthcare

It’s no secret that healthcare continues to be one of the most targeted industries for cybercriminals. Healthcare providers store and maintain some of the most valuable data and the appetite for fraudulent claims or fake prescription medications is insatiable.

Despite all of the regulations, there are still fewer watchdogs overseeing healthcare. For many providers, cyber security hasn’t been a priority until very recently.

With more and more organizations reaching out to cyber security experts for assistance, it’s more important than ever that managed security services providers (MSSPs) understand the healthcare industry so that they can tailor solutions aimed at improving the security posture of healthcare providers.

Inside Users Present the Greatest Threat

According to a 2018 survey of cyber security professionals conducted by HIMSS, over 60 percent of threat actors are internal users within a healthcare organization. Email phishing and spear-phishing attempts are aimed at tricking users into providing credentials or access to information for cybercriminals. Negligent insiders, who have access to trusted information, can facilitate data breaches or cyber incidents while trying to be helpful.

In addition to systematically monitoring and protecting infrastructure components, MSSPs need to consider a multi-faceted campaign that creates a cyber security awareness culture within healthcare organizations. This campaign should include template policies and procedures for organizations to adopt, regular and routine training efforts, and human penetration-testing.

From a systematic perspective, it’s important to have tools that will do everything possible to mitigate cyberattacks. Tools like next-generation email security to block potential phishing or spear phishing attempts; endpoint security solutions to monitor behavior through heuristic-based techniques; and internal network routing through a next-generation firewall to perform deep packet inspection (DPI) on any information transgressing the network — especially if it’s encrypted.

Mobile Devices Open Large Attack Surfaces

Mobile devices have changed the way that we do just about everything. And the same is true for the manner in which healthcare conducts business.

To enable mobility and on-demand access, many electronic health record (EHR) applications have specific apps that create avenues for mobile devices to access portions of the EHR software. The widespread adoption of mobile devices and BYOD trends are pushing healthcare to adapt new business models and workflows. Cyber risk mitigation must be a priority as momentum continues to build.

MSSPs need to pay very careful attention to the access that mobile devices have to the EHR application, whether hosted on-premise or in the cloud. For more protection, implement a mobile device management (MDM) solution if the organization doesn’t already have one.

IoT Leaves Many Healthcare Providers at Risk

The Internet of Things (IoT) is bringing connectivity and statistical information to providers in near real-time while offering incredible convenience to the patient. Even wearable devices have immense capabilities to monitor chronic illnesses, such as heart disease, diabetes and hypertension. With these devices comes an incredible opportunity for hackers and immense threat for healthcare providers.

IoT devices tend to have weaker protections than typical computers. Many IoT devices do not receive software or firmware updates in any sort of regular cadence even though all of them are connected to the internet. There are so many manufacturers of IoT devices, and they are distributed through so many channels. There are no standards or controls regarding passwords, encryption or chain of command tracking capabilities to see who has handled the device.

If it’s feasible for the organization, totally isolate any IoT-connected devices to a secure inside network not connected to the internet (i.e., air gapped).

Encryption for Data at Rest Is Critical

For healthcare providers, it’s equally important to have a strong encryption for both data at rest and data in transit. Encryption for data at rest includes ensuring the software managing PHI doesn’t have a really weak single key that could unlock everyone’s PHI. If at all possible, records should be encrypted with unique keys so that a potentially exposed key doesn’t open the door to everyone’s information.

Attacks Are Hiding within Encrypted Traffic

MSSPs serving healthcare organizations need to realize that there is not one layer of defense that they should rely on. That said, perhaps the most important layer is the firewall.

A next-generation firewall, with DPI capabilities, is a critical component to securing a healthcare network. Even internal traffic transgressing the network should be routed through the firewall to prevent any potential malicious traffic from proliferating the entire LAN and to log transactions.

As much as possible, isolate medical devices and software applications that host PHI inside a secure network zone and protect that zone with an internal DPI-capable firewall that will only allow access to authorized services and IP addresses.


About ProviNET

ProviNET is a SonicWall SecureFirst Gold Partner. For nearly three decades, ProviNET has delivered trusted technology solutions for healthcare organizations. Whether it’s a single project or full-time onsite work, ProviNET designs and implements customized solutions so healthcare organizations can focus on core services.

ProviNET’s tight-knit group of experienced, industry-certified personnel are focused on customer satisfaction. They are a reputable organization, fulfilling immediate IT needs and helping plan for tomorrow. They are ready to put their extensive knowledge to work for healthcare, developing strategies and solving challenges with the latest technology.

To learn more about ProviNET, please visit www.provinet.com.

Ransomware Surges, Encrypted Threats Reach Record Highs in First Half of 2018

To ensure organizations are aware of the latest cybercriminal attack behavior, today SonicWall published a mid-year update to the 2018 SonicWall Cyber Threat Report.

“The cyber arms race is moving faster than ever with bigger consequences for enterprises, government agencies, educational and financial institutions, and organizations in targeted verticals,” said SonicWall CEO Bill Conner in the official announcement.

Cyber threat intelligence is a key weapon in organizations’ fight against criminal organizations within the fast-moving cyber arms race. The mid-year update outlines key cyberattack trends and real-world threat data, including:

Data for the annual SonicWall Cyber Threat Report is gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than 1 million security sensors in nearly 200 countries and territories.

“SonicWall has been using machine learning to collect, analyze and leverage cyber threat data since the ‘90s,” said Conner. “This commitment to innovation and emerging technology is part of the foundation that helps deliver actionable threat intelligence, security efficacy and automated real-time bread detection and prevention to our global partners and customers.”

Get the Mid-Year Update

Dive into the latest cybersecurity trends and threat intelligence from SonicWall Capture Labs. The mid-year update to the 2018 SonicWall Cyber Threat Report explores how quickly the cyber threat landscape has evolved in just a few months.

GET THE UPDATE

Capture Cloud Platform: A Security Ecosystem that Harnesses the Power of the Cloud

We have fantastic advancements in technologies right now. With software-defined everything (SDx) and cloud becoming more accessible and affordable, both large and small organizations can effectively execute their digital business strategies with greater ease and speed.

As new applications, systems and SDx architecture are deployed to advance the digital business, many organizations also find themselves retooling their cyber security model to maintain the health and defense of their networks and services.

Organizations now must have complete knowledge, visibility and control of the security ecosystem, and the capacity to manage and remove cyber risks that can be disruptive and disastrous to the business.

To help make the cloud journey powerful, agile and safe, SonicWall developed its Capture Cloud Platform to address CISOs’ top three cyber security priorities:

  1. Give actionable cyber threat intelligence to help better understand security risks and quickly respond to them
  2. Reduce security silos by consolidating and integrating security technologies
  3. Manage cyber risk with greater visibility and control

Integrated Security, Management & Analytics

The core value of the Capture Cloud Platform is the integration of several key capabilities with our cloud-based centralized management, reporting and analytics services, including the Capture Advanced Threat Protection (ATP) sandbox, which includes Real-Time Deep Memory Inspection (RTDMITM) technologies, and Capture Labs and Capture Threat Network threat intelligence services.

This all-in-one approach enables our complete portfolio of high-performance hardware, virtual appliances and clients to harness the power, agility and scalability of the cloud and allows organizations to:

  • Drive end-to-end visibility and share intelligence across a unified security framework
  • Proactively protect against known and unknown cyberattacks (e.g., zero days)
  • Gain contextual awareness to detect and respond to security risks with greater speed and accuracy
  • Make informed security policy decisions based on real-time and consolidated threat information

SonicWall Capture Cloud Platform service-oriented architecture tightly unifies the current and future SonicWall security and management services organizations needs to run an efficient security operation center (SOC). It eases and, in most cases, automates the governance of their network, endpoints and cloud security services with single-pane-of-glass (SPOG) experience.

10 Components of the Capture Cloud Platform

Organizations are empowered by Capture Cloud Platform to make the shift from the old on-premises world of IT into the new hybrid cloud-as-a-service world by coalescing SonicWall security solutions with simple, common management tools that not only help achieves desired security and operational goals but also real business values.

Currently, Capture Cloud Platform is comprised of 10 key SonicWall security and service components:

  1. Capture Security Center
  2. Real-Time Cyber Threat Intelligence
  3. Capture Client
  4. Capture ATP
  5. Cloud App Security
  6. Management & Analytics
  7. NSv Series virtual firewalls
  8. NSa Series hardware firewalls
  9. Web Application Firewall (WAF)
  10. MySonicWall & Licensing (credentials required)

The combination of these services delivers mission-critical layered cyber defense, threat intelligence, analysis and collaboration, and common management, reporting and analytics, that work synchronously together.

This help organizations stay on top of the cyber threat landscape, protect sensitive information, meet compliance, and maintain normal service operations while moving the company’s digital transformation forward safely.

Visit our Capture Cloud Platform to get detailed information on each of the solution values and learn how the platform can securely accelerate your cloud journey.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity 500 List, 2018 Edition Cybersecurity Ventures

  • SonicWall is announced as #36 on Cybersecurity Ventures Cybersecurity 500: 2018 Edition List which includes the world’s hottest and most innovative cybersecurity companies to watch in 2018.

British Businesses Facing Cyber Ransom Demands of up to £200,000 The Daily Telegraph

  • Cyber criminals are arming themselves with “malware cocktails”, expertly blended using old variants of malicious computer code. The new viruses are more potent than their predecessors because they have adapted to companies’ cyber defenses, like a digital version of antibiotic-resistant superbugs.

Securing Your Journey to Success With Innovation and Security: SonicWall Silicon Review

  • Recently announced as one of the 10 Best Security Companies in 2018, SonicWall is featured in an editorial highlighting the company’s history and success with CEO Bill Conner at the forefront.

10 Best Security Companies in 2018 Silicon Review

  • SonicWall is announced as one of the 10 Best Security Companies in 2018.

Cyber Security News

Cybercriminals on Average Have Seven-Day Window of Opportunity to Attack SC Magazine

  • Once a vulnerability is announced, the average attacker has a seven-day window of opportunity to exploit the flaw before a defender is even aware they are vulnerable, according to report from Tenable.

Deadly Attacks Feared as Hackers Target Industrial Sites The Hill

  • The hacking threat to critical infrastructure in the United States and beyond is growing larger, with nation states and other malicious actors looking to gain a foothold in sensitive technologies to conduct espionage and potentially stage disruptive or destructive attacks.

U.S. Judge Dismisses Kaspersky Suits to Overturn Government Ban Reuters

  • A U.S. federal judge on Wednesday dismissed two lawsuits by Moscow-based Kaspersky Lab that sought to overturn bans on the use of the security software maker’s products in U.S. government networks.

BackSwap Banking Malware Bypasses Browser Protections With Clever Technique SC Magazine

  • A new banking malware called BackSwap has replaced tricky conventional browser injections with a simpler browser manipulation technique.

Over 5K Gas Station Tank Gauges Sit Exposed on the Public Net Dark Reading

  • It’s been three years since researchers first discovered automated tank gauges (ATGs) at some 5,000 US gas stations exposed on the public Internet without password protection, and a recent scan found 5,635 locations were vulnerable to the same issue.

In Case You Missed It


Upcoming Webinars & Events

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Real-Time Cyber Threat Intelligence Is More Critical Than Ever Forbes

  • SonicWall CEO Bill Conner discusses the importance of organizations utilizing real-time cyber threat intelligence as the cybersecurity landscape grows increasingly dangerous.

SonicWall Splits from Quest, Surpasses Financial Objectives Dark Reading

  • Dark Reading breaks down SonicWall’s recent momentum announcement, touching on the company’s newfound financial and operational independence, as well as innovations on the partner and customer front

SonicWall Boasts 60% YOY Partner Deal-Registration Increase Channel Partners

  • Due to SonicWall’s recent announcement, the company is featured for its success in the channel with the SecureFirst program which enabled partner deal registrations to hit a year-over-year increase of 60 percent.

Cyber Security News

VPNFilter Malware With Bricking Capabilities Poses Major Threat After Infecting 500,000+ Networking Devices SC Magazine

  • A potentially highly-destructive malware is estimated to have infected at least 500,000 networking devices in at least 54 countries since as far back as 2016, in what could be the prelude to a massive attack potentially capable of cutting off the internet from hundreds of thousands around the world.

U.S. Launches Criminal Probe into Bitcoin Price Manipulation Bloomberg

  • The Justice Department has opened a criminal probe into whether traders are manipulating the price of Bitcoin and other digital currencies, dramatically ratcheting up U.S. scrutiny of red-hot markets that critics say are rife with misconduct, according to four people familiar with the matter.

UK Threatens to Name and Shame State Backers of Cyber-attacks The Guardian

  • In a speech referring to Russian and North Korean “campaigns of intrusion”, Jeremy Wright QC called for international sanctions to be applied against countries that exploit cyberspace for illegal purposes.

Cyber Amendments to Watch in the House’s Defense Authorization Bill Nextgov

  • The House Rules Committee is considering more than a dozen cyber-focused amendments to the National Defense Authorization Act, a must-pass policy bill.

Intel Responds to Spectre-Like Flaw in CPUs Threat Post

  • Intel acknowledged that its processors are vulnerable to another dangerous speculative execution side channel flaw that could give attackers unauthorized read access to memory.

In Case You Missed It


Upcoming Webinars & Events

May 30
Webinar
11 a.m. PDT
Identify and Stop Malware in the Quickest and Most Accurate Way Possible
> Register Now

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New DHS National Cybersecurity Framework Sets Goals, Milestones — MSSP Alert

  • As a result of the recent elimination of the White House cybersecurity coordinator role, SonicWall CEO Bill Conner is featured for his perspective and insight into what the move implies for the future of cybersecurity policy.

SonicWall Pushes Capture Cloud Platform with Endpoint Security — Chinabyte.com

  • SonicWall’s recent updates including the company’s new Capture Cloud Platform, enhanced RTDMI technology and more are featured in this article.

Cybersecurity Sourcebook 2018 Looks at Evolving Data Threat Landscape — Database Trends & Applications

  • This article explains the serious need to safeguard data using key SonicWall threat data. Specifically, they’ve included stats sharing that cyberattacks are becoming the number-one risk to businesses, brands, operations, and financials, and that there were 9.32 billion malware attacks in total in 2017, representing an 18.4% increase over 2016.

Cyber Security News

Brutal Cryptocurrency Malware Crashes Your PC When Discovered — ZDNet

  • The malware, dubbed WinstarNssmMiner by 360 Total Security researchers, has been used in half a million attempted attacks leveraged at PCs in only three days.

What Makes ZTE a Cybersecurity Threat? Congress Wants to Know — CNET

  • Congress wants a detailed explanation on what cybersecurity threats the Chinese phone company poses.

Mexico Central Bank Says Hackers Siphoned $15 Million from Five Companies — Reuters

  • Mexico’s central bank said on Wednesday that a cyber attack had sucked around 300 million pesos ($15.33 million) in fraudulent transfers from five companies, but it was unclear how much thieves had managed to pull out in cash.

Former CIA Software Engineer ID’ed as Suspect in Vault 7 Leaks — SC Magazine

  • The former CIA software engineer believed to have leaked the CIA’s Vault 7 hacking tools is already behind bars at the Metropolitan Correctional Center in New York City, after being indicted for possessing child pornography.

DHS Issues More Medical Device Cybersecurity Alerts — GovInfo Security

  • The Department of Homeland Security has yet again issued a warning about cybersecurity vulnerabilities in medical devices. These warnings have come after independent researchers, or the companies themselves, have reported the problems.

Cybersecurity Whistleblowers are Growing Corporate Challenge — The Wall Street Journal

  • Signals from the U.S. Securities and Exchange Commission over how seriously it takes cybersecurity, combined with a Supreme Court ruling on whistleblower protections, are putting pressure on companies to be more careful about how they deal with potential tipsters, lawyers say

In Case You Missed It


 

 

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Bringing Visibility to the Midmarket  Data Breach Today

  • In a video interview with ISMG’s Data Breach Today, SonicWall’s Bill Conner shares his vision to ensure smaller and mid-sized businesses have a clear view of the threat landscape taking aim at their companies. In the video he expands on the SME visibility challenge, SonicWall’s solutions to improve alerts and analytics and how SonicWall is addressing customer cloud security concerns.

Jonesboro Council Tackles Cybersafety  The Clayton News Daily

  • Due to the recent Atlanta data breach, other cities are taking the initiative to bolster their preventative cybersecurity measures such as Georgia’s Jonesboro City Council who recommend SonicWall’s TZ300 Firewall solution to protect the city’s financial data.

SonicAlert: New Variant Family of PUBG Ransomware  SonicWall Security Center

  • The SonicWall Capture Labs Threat Research Team has observed reports of a new variant family of PUBG Ransomware [Pubg.RSM] actively spreading in the wild. PUBG Ransomware encrypts the victim’s files and forces them to play an hour of a game called PlayerUnknown’s Battlegrounds to get their files back.

Cyber Security News

Almost Half UK Businesses Suffered Cyberattack or Security Breach Last Year, Figures Show  The Independent

  • Nearly half the businesses in the UK have fallen victim to cyberattacks or security breaches in the last year, costing them each thousands of pounds, new data shows.

Global Police Just Shut Down World’s Largest Marketplace That Allegedly Disrupted Millions of Sites  The Washington Post

  • An international police operation recently shut down the world’s largest for-hire service that allegedly slowed and disrupted millions of websites using malicious cyber tools, officials said Wednesday.

Traffic Hijack: Users Sent to Phishing Site in Two-Hour Cryptocurrency Heist  ZDNet

  • Attackers on Tuesday pulled off a complex attack using kinks in core internet infrastructure that caused users of an Ethereum wallet developer’s website to be redirected to a phishing site.

Huawei Under Criminal Investigation Over Iran Sanctions  The Wall Street Journal

  • The Justice Department is investigating whether Huawei Technologies Co. violated U.S. sanctions related to Iran, according to people familiar with the matter, opening a new avenue of scrutiny amid wider national-security concerns over the Chinese cellular-electronics giant.

This Ransomware was Rewritten to Mine Cryptocurrency – and Destroy Your Files  ZDNet

  • Some criminals are shifting from ransomware to cryptocurrency miners — those behind XiaoBa have rejigged the code to shift the same malware towards a different focus.

In Case You Missed It