Posts

Cyber Security News & Trends – 03-13-20

This week, vote for SonicWall in this year’s CRN Channel Madness!


SonicWall Spotlight

2020 CRN Channel Madness – CRN

  • This year’s CRN Channel Madness has SonicWall’s HoJin Kim up for best channel leader in the security category. Vote early, vote often, vote today!

8 Million UK Shopping Records Exposed – Information Security Buzz

  • SonicWall’s Terry Greer-King is reached for comment after researchers uncovered a leak of personal data from third-party apps used by Amazon UK. Greer-King explains the value of personal information on the Dark Web and the importance of a good cybersecurity plan.

7 Factors to Consider When Evaluating Endpoint Protection Solutions – MSSPAlert

  • SonicWall’s Vishnu Chandra Pandey lists 7 basic checks to help enhance endpoint compliance and better protect from cyberattacks.

Cybersecurity News

State-Sponsored Hackers are now Using Coronavirus Lures to Infect their Targets – ZDNet

  • Government-backed hacking groups worldwide have been detected using coronavirus-based phishing lures as part of their efforts to spread malware. ZDNet investigates campaigns that have taken place over the past month.

Election Commission Hires Cybersecurity Expert to Help States With 2020 Infrastructure – CyberScoop

  • The Election Assistance Commission has hired Joshua Franklin, who spent six years as an engineer at the National Institute of Standards and Technoligy, to act as top cybersecurity expert helping oversee the technology that will be involved in the 2020 US Presidential Election.

Commission to Propose Sweeping National Cybersecurity Strategy – Axios

  • An upcoming report on cybersecurity will, over the course of 75 recommendations, propose “a very ambitious reorganizing of the federal government, perhaps the most ambitious since the 9/11 Commission,” to combat cybersecurity threats.

Australia Sues Facebook over Cambridge Analytica Data Breach – The Hill

  • The Australian information commissioner has sued Facebook for sharing the personal data of more than 300,000 Australians as part of the Cambridge Analytica controversy. The Australian government says that it is actively seeking an order that Facebook pay a monetary penalty.

European Power Grid Organization says its IT Network was Hacked – CyberScoop

  • The European Network of Transmission System Operators for Electricity (ENTSO-E) this week confirmed that its IT network was successfully compromised by hackers. It stresses that the network was not connected to any critical control systems that would have allowed the hackers access to any power infrastructure.

Hackers Get $1.6 Million for Card Data from Breached Online Shops – Bleeping Computer

  • A known MageCart hacking group has collected $1.6 million from selling more than 239,000 payment card records on the dark web.

In Case You Missed It

Cyber Security News & Trends – 03-06-20

This week, find out what’s coming down the line in the world of channel, a 5G bill is passed by the senate, and ransomware attackers are going after your cloud backups.


SonicWall Spotlight

CEO Outlook 2020 Details – CRN

  • SonicWall CEO Bill Conner is interviewed by CRN on what the future of channel sales are, where technology investments is going, and where cybersecurity is going in general.

Network Rail and C3UK Suffer Massive Data Exposure Affecting Thousands – Teiss

  • After an exposed database was discovered on one of the UK’s biggest public Wi-Fi providers for the rail network, SonicWall’s Terry Greer-King gives his thoughts on the needs and capabilities of protecting consumer data.

Security Vendors Eye MSSPs as Key Route to Landing MSPs – Channel Pro Network

  • Over the next few years managed security spending is predicted to rise fast, outstripping other security spending. SonicWall CEO Bill Conner talks to the Channel Pro Network about why forging alliances with the very best Managed Security Providers (MSP) can be a more efficient way to construct a managed security channel than building thousands of MSP relationships individually.

Cybersecurity News

UK Cybersecurity Defense Standards Slip, Calls Made for Improvement – Infosecurity Magazine

  • New research into cybersecurity performance in the UK vs. the rest of the Europe has found that UK businesses need to further strengthen their defenses against cyberattacks after the UK slipped in Europe wide ratings.

What to Know About Cyberattacks Targeting Energy Pipelines – The Hill

  • The Cybersecurity and Infrastructure Security Agency (CISA) discloses a disruptive cyberattack on a U.S. energy facility, confirming reports that critical infrastructure in the US is increasingly coming under cyberattack from abroad.

Senate Passes Bill Requiring 5G Security Review – Wall Street Journal

  • The U.S. Senate passes legislation that would require the administration to identify security threats and possible fixes within the equipment and software that support 5G wireless networks.

FBI Working to ‘Burn Down’ Cybercriminals’ Infrastructure – Washington Times

  • FBI Director, Christopher Way, says that law enforcement agents are working to “burn down” the infrastructure of cybercriminals. With huge increases in ransomware attacks, much of it due to the relative ease for criminals to launch them, law enforcement agencies are targeting the host websites and toolmakers of the crimes, rather than “one bad guy at a time.”

Ethical Hackers Submitted More Bugs to the Pentagon than Ever Last Year – Cyberscoop

  • The Defense Department’s Cyber Crime Center has released its annual report, finding that white hat hackers are submitting more bugs than ever, with a 21.7% increase in submitted reports over the past year when compared to 2017.

Cathay Pacific Fined £500k by UK’s ICO over Data Breach disclosed in 2018 – TechCrunch

  • Cathay Pacific has been issued a £500,000 penalty by the UK’s data watchdog for a 2018 data breach which exposed the personal details of 9.4 million customers globally — 111,578 of whom were from the UK.

Ransomware Attackers Use Your Cloud Backups Against You – BleepinComputer

  • Ransomware operators are accessing cloud backups of potential victims in order to prevent them from restoring data. The cybercriminals are also using the backups to launch the cyberattacks themselves and to just plain steal personal data.

In Case You Missed It

Cyber Security News & Trends – 02-28-20

This week, SonicWall firewalls win an award and the company is named one of the coolest Network Security Companies of 2020.


SonicWall Spotlight

SonicWall Wins Best UTM Security Solution at SC Awards 2020 – SonicWall Blog

  • SC Media honors SonicWall and the NSa 2650 Firewall with its Best UTM Security Solution at the 2020 SC Awards Gala. Marrying Capture Advanced Threat Protection (ATP) and Real-Time Deep Memory Inspection (RTDMI) the NSa 2650 firewall proactively blocks mass-market, zero-day threats and unknown malware, and examines every byte of every packet.

The 20 Coolest Network Security Companies Of 2020: The Security 100 – CRN

  • As part of CRN’s 2020 Security 100 list, SonicWall is named as one of the 20 companies that have “raised their game to meet continued network security needs.” SonicWall’s My WorkSpace interface and improvements in Capture Client and Cloud App Security are cited as the reasons SonicWall is included on the list.

Life Lessons: Look at Business as a Game of Chess – IoT NOW

  • SonicWall EMEA VP Terry Greer-King is interviewed by IoT Now. He talks about his career so far, some of the worst bosses he has worked under, and what’s firing up his imagination in 2020 when it comes to the Internet of Things.

Cybersecurity News

To Secure Satellites, Bolster Cybersecurity Standards in Space – Undark

  • With Space X planning to launch tens of thousands of satellites over the next decade, the reality of cyberattacks on such a system is something that needs to be dealt with sooner rather than later. Despite some movement by the US government to address these issues, there are currently no cybersecurity standards for satellites and no governing body to regulate and ensure their cybersecurity.

Cybersecurity: Do These Ten Things to Keep Your Networks Secure from Hackers – ZDNet

  • In the wake of continued cyberattacks on the health sector, the European cybersecurity agency, ENISA, has issued cybersecurity recommendations to hospitals and medical institutions in the form of ten good practices to help resilience against cyberattacks.

How Personality Influences Cybersecurity Behavior – Security Boulevard

  • The Myers-Briggs Company has released preliminary findings of a study investigating how personality types can influence cybersecurity behaviors, breaking down the results into their famous personality types. From this, a list of guidelines and tips on how to best structure security awareness solutions for the different personality types has been developed.

Australian Banks Targeted by DDoS Extortionists – ZDNet

  • A criminal gang has been attempting to extort banks and other financial institutions in Australia, threatening DDoS attacks on their websites unless a ransom is paid. Based on current evidence, the attackers have not followed through on any of their threats.

One in Four Americans Won’t do Business with Data-Breached Companies – ZDNet

  • A new survey of over 1,000 people in the USA has found that over 20% of them are willing to hand over financial information to a company that has suffered a data breach. Almost all respondents agree that businesses are financially liable to their customers after a breach.

Cybersecurity Threats for 2020 – Security Boulevard

  • Deepfakes, ransomware… and how to protect yourself from them. Security Boulevard looks at the biggest cybersecurity threats of 2020.

In Case You Missed It

Cyber Security News & Trends – 02-21-20

This week, a SonicWall firewall achieves a perfect score in a real-world conditions laboratory test, and airports are getting ahead of the game when it comes to cybersecurity readiness.


SonicWall Spotlight

Tip of the Spear – Ping Podcast Episode 13 – Firewalls.com

  • SonicWall’s Matt Brennan talks on the latest episode of Ping, Firewalls.com’s podcast. He explains the risks of spearphishing and business email compromise for Office 365 users, and talks about the worst hands-on cybersecurity situation he has ever seen.

SonicWall Firewall Achieves Perfect Effectiveness Score, Tested in Real-World Conditions via NetSecOPEN Laboratory – SonicWall Press Release

  • This week SonicWall announced that it is one of the first security vendors to receive firewall certification in the 2020 NetSecOPEN Test Report. The SonicWall NSa 4650 firewall achieved 100% security effectiveness against all private CVEs used in the test.

Facilities Firm ISS World Crippled by Ransomware Attack – ComputerWeekly

  • Denmark-based facilities management firm ISS World disconnected from the internet after suffering a suspected ransomware attack that has left hundreds of thousands of employees without access to their systems or email. SonicWall CEO Bill Conner is quoted talking about changing ransomware tactics, as recently reported in the 2020 SonicWall Cyber Threat Report.

Cybersecurity News

Anxiety, Depression and PTSD: The Hidden Epidemic of Data Breaches and Cyber Crimes – USA Today

  • USA Today explores the psychological effects of cyberattacks, arguing that they can rival those of terrorism. According to a recent survey 86% of victims of identity theft reported feeling worried, angry and frustrated, nearly 70% felt they could not trust others and they felt unsafe, and more than two-thirds reported feelings of powerlessness or helplessness.

Oil Industry Boosts Spending on Cybersecurity Five-Fold Since 2017 – Security Boulevard

  • The Oil & Gas sectors have been investing heavily cyber-defenses over the past three years. In a just published global survey of the industry, cybersecurity was cited as the biggest current investment.

US Defense Agency Says Personal Data ‘Compromised’ in 2019 Data Breach – Tech Crunch

  • The Defense Information Systems Agency (DISA), charged with providing information technology and communications support to the U.S. government, including the president and other senior officials, says its network may have been compromised between May and July 2019. Full details on the attack or what was accessed have not been released.

Phishing on Instagram Baits Russians With Free Money Promise – Bleeping Computer

  • A large-scale phishing campaign has been discovered running on Instagram to bait Russians with a fake presidential decree that promises a lump-sum payment for a citizen to start their own business.

Hacking Brain-Computer Interfaces – ZDNet

  • Brain-computer interfaces are still new tech, but it has already been proven that current models can be hacked.

Cybersecurity Check-in: How Airports are Innovating Against Cyberattacks, Security Breaches and Failing Tech Systems – ItProPortal

  • Airports are always under the microscope when it comes to security breaches, whether physical or digital. ItProPortal investigates the current cybersecurity innovations taking place at airports and by airlines in general.

In Case You Missed It

Cyber Security News & Trends – 02-14-20

This week, SonicWall partners with Perimeter 81, Puerto Rico loses millions from a phishing attack, and new figures show how cryptocurrency losses boomed in 2019.


SonicWall Spotlight

2020 SonicWall Cyber Threat Report: Threat Actors Pivot Toward More Targeted Attacks, Evasive Exploits – SonicWall Press Release

  • This week saw the release of the always anticipated yearly SonicWall Cyber Threat Report! Key takeaways include a drop in malware and ransomware attack volumes but an increase in more targeted attacks, a continued rise in encrypted attacks, and a massive fall in cryptojacking.

Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report  – Geoff Blaine

  • SonicWall Vice President of Marketing Geoff Blaine digs into the 2020 Cyber Threat Report, laying out and analyzing the data SonicWall’s Cyber Threat Team have found over the past year.

The CyberWire Daily Briefing – Cyberwire

Vulnerability in Linear eMerge Access Controllers Exploited in the Wild – SecurityWeek

  • SecurityWeek picks up on SonicWall’s recent SonicAlert about a known vulnerability in Nortek Security & Control’s Linear Emerge E3 Access Controller actively being exploited. Despite this vulnerability being raised a year ago and considered critical, no fix has yet been implemented.

Cybersecurity News

Kobe Bryant Wallpaper Shows how Hackers Exploit Mourning Fans for Cryptocurrency Mining – The Independent (UK)

  • Cybercriminals have been detected attempting to profit from the death of Kobe Bryant by hiding malware within downloadable wallpapers of the basketball star.

Internet of Things: Smart Cities Pick Up the PaceFinancial Times

  • As 5G and the Internet of Things go from a future development to a reality, so do smart cities. The Financial Times investigates where smart cites are right now, how deep 5G and IoT penetration currently goes and what they are likely to look like in the future, including the prediction that up to 30% of smart city programs will be abandoned by 2023.

Magecart Group Jumps from Olympic Ticket Website to new Wave of E-Commerce Shops – ZDNet

  • Despite recent arrests of a major magecart group, a new wave of the malware has been detected spreading across a Russian hosting provider using a Chinese domain registrar, who suspended the domain when the malware was reported.

Watch Out for Coronavirus Phishing Scams – Wired

  • A number of phishing scams have been detected where attackers disseminate malicious links and PDFs that claim to contain information on how to protect yourself from the spread of the Coronavirus. SonicWall’s Cyber Threat team have also detected malicious executables being spread using fears of the virus as bait.

Feds are Lining up More Indictments Related to Chinese Cyber-Activity, Officials say – Cyberscoop

  • U.S. prosecutors are preparing to issue new charges against Chinese nationals related to alleged hacking and insider threats at U.S. organizations. U.S. officials have repeatedly accused China of breaking a 2015 agreement not to conduct “cyber-enabled” intellectual property theft and have ramped up pressure by announcing criminal charges against Chinese nationals. Strain over Huawei and the nascent 5G network may bring the whole thing to a head.

In Case You Missed It

Cyber Security News & Trends – 02-07-20

This week, the release of the 2020 SonicWall Cyber Threat Report!


SonicWall Spotlight

2020 SonicWall Cyber Threat Report: Threat Actors Pivot Toward More Targeted Attacks, Evasive Exploits – SonicWall Press Release

  • This week saw the release of the always anticipated yearly SonicWall Cyber Threat Report! Key takeaways include a drop in malware and ransomware attack volumes but an increase in more targeted attacks, a continued rise in encrypted attacks, and a massive fall in cryptojacking.

Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report  – Geoff Blaine

  • SonicWall Vice President of Marketing Geoff Blaine digs into the 2020 Cyber Threat Report, laying out and analyzing the data SonicWall’s Cyber Threat Team have found over the past year.

The CyberWire Daily Briefing – Cyberwire

Vulnerability in Linear eMerge Access Controllers Exploited in the Wild – SecurityWeek

  • SecurityWeek picks up on SonicWall’s recent SonicAlert about a known vulnerability in Nortek Security & Control’s Linear Emerge E3 Access Controller actively being exploited. Despite this vulnerability being raised a year ago and considered critical, no fix has yet been implemented.

Cybersecurity News

Kobe Bryant Wallpaper Shows how Hackers Exploit Mourning Fans for Cryptocurrency Mining – The Independent (UK)

  • Cybercriminals have been detected attempting to profit from the death of Kobe Bryant by hiding malware within downloadable wallpapers of the basketball star.

Internet of Things: Smart Cities Pick Up the PaceFinancial Times

  • As 5G and the Internet of Things go from a future development to a reality, so do smart cities. The Financial Times investigates where smart cites are right now, how deep 5G and IoT penetration currently goes and what they are likely to look like in the future, including the prediction that up to 30% of smart city programs will be abandoned by 2023.

Magecart Group Jumps from Olympic Ticket Website to new Wave of E-Commerce Shops – ZDNet

  • Despite recent arrests of a major magecart group, a new wave of the malware has been detected spreading across a Russian hosting provider using a Chinese domain registrar, who suspended the domain when the malware was reported.

Watch Out for Coronavirus Phishing Scams – Wired

  • A number of phishing scams have been detected where attackers disseminate malicious links and PDFs that claim to contain information on how to protect yourself from the spread of the Coronavirus. SonicWall’s Cyber Threat team have also detected malicious executables being spread using fears of the virus as bait.

Feds are Lining up More Indictments Related to Chinese Cyber-Activity, Officials say – Cyberscoop

  • U.S. prosecutors are preparing to issue new charges against Chinese nationals related to alleged hacking and insider threats at U.S. organizations. U.S. officials have repeatedly accused China of breaking a 2015 agreement not to conduct “cyber-enabled” intellectual property theft and have ramped up pressure by announcing criminal charges against Chinese nationals. Strain over Huawei and the nascent 5G network may bring the whole thing to a head.

In Case You Missed It

Cyber Security News & Trends – 01-31-20

This week, SonicWall experts explain the accuracy and reach of data tracking, cyber-insurance court cases continue to heat up, and government drones are grounded for cybersecurity reasons.


SonicWall Spotlight

How Do I Love Thee, Data Privacy? Let Me Count the Ways – Forbes

  • SonicWall’s Dmitriy Ayrapeto talks data privacy with Forbes on Data Privacy Day 2020, explaining just how large, sophisticated, and accurate data tracking methods are, even for people not signed up for social media accounts.

A Glimpse Into what Cyber Security Has in Store in 2020 – VarIndia

  • What’s coming from SonicWall in India in 2020? SonicWall’s Debasish Mukherjee reflects on the current cybersecurity and threat landscape, noting a general downtick in ransomware in India as hackers choose more targeted attacks on larger corporations instead of scattergun approaches.

Cybersecurity News

Leaked Report Shows United Nations Suffered Hack – Washington Times

  • Hackers managed to get into the U.N. networks in Geneva last year, compromising dozens of servers and accessing domain administrator accounts. It is unknown how much damage was done but espionage has been put forward as a likely reason. The U.N. say nothing confidential was compromised.

AIG Must Cover Client’s $5.9 Million in Cyber-Related Losses, Judge Rules – Cyber Scoop

  • In the latest cyber-insurance development, a judge has decided that AIG must pay out for a $5.9 million claim it had previously denied after its clients lost money through a business email compromise scam.

US Space Industry to Launch Cybersecurity Portal – InfoSecurity Magazine

  • The Space Information Sharing and Analysis Center (ISAC) is setting up an unclassified portal where companies can share and analyze information on cybersecurity threats, with the aim of protecting the space industry.

The Space Race For Secure Access Service Edge (SASE) – Forbes Technology Council

  • SonicWall partners Perimeter 81 talk about the rise of and race for Secure Access Service Edge (SASE), a security solution created to fit the modern challenges of nomad and digital workforce, cloud adoption and 5G networks.

Dept. of Interior Grounds its Drones Amid Cybersecurity Concerns TechCrunch

  • The U.S. Department of the Interior released a statement confirming that non-emergency drones were being temporarily grounded for a cybersecurity review, admitting that concerns from “foreign entities, organizations, and governments” are driving the decision.

Malware Tries to Trump Security Software With POTUS Impeachment – Bleeping Computer

  • New research has found malware using text from President Trump’s impeachment as cover in an attempt to pass itself off as “goodware.“

Dozens of Companies Have Data Dumped Online by Ransomware Ring Seeking Leverage – Ars Technica

  • The Maze ransomware ring has begun to post data from companies caught by their malware, threatening to dump huge amounts of the information if their ransom demands are not met.
And Finally

Hacker Snoops on Art Sale and Walks Away with $3.1m, Victims Fight Each Other in Court ZDNet

  • Hackers who managed to intercept talks between an art dealer and a Dutch museum spoofed the dealer’s email account and convinced the museum to send $3.1 million to a bank account in Hong Kong. Both the art dealer and the museum are now blaming the other side for the mistake.

In Case You Missed It

Cyber Security News & Trends – 01-24-20

This week, SonicWall talks protecting non-profits, new cybercrime laws are proposed, and old cybercrime laws are criticized.


SonicWall Spotlight

Don’t Let Cyber Hygiene Become an Afterthought – Nonprofit Technology News

  • With most of the big headlines concentrating on breaches and cyberattacks on large companies, SonicWall CEO Bill Conner, writing in Nonprofit Technology News, reminds us that cybercriminals know that SMBs and smaller non-profits often do not budget adequately for cybersecurity and can leave themselves open.

The Big Picture: SonicWall Sets Sights on the Enterprise Market – Tahawultech

  • SonicWall’s Terry Greer-King sits down with Security Advisor ME to discuss the history of SonicWall, personal highlights in the company so far, and what the future holds.

Cybersecurity News

Cyberattack on a Major Bank Would Have Ripple Effect: Study – BankInfoSecurity

  • A new study, Cyber Risk and the U.S. Financial System: A Pre-Mortem Analysis, has found that if a cyberattack disrupting money transfers was successfully carried out on any of the five most active U.S. banks, there would be huge, rippling damage to the financial network in general.

Analysis Ties Hacking of Bezos’ Phone to Saudi Leader’s Account New York Times

  • A forensic analysis of Jeff Bezos’ cellphone has found with “medium to high confidence” that the Amazon chief’s device was hacked after he received a video from a WhatsApp account reportedly belonging to Crown Prince Mohammed bin Salman of Saudi Arabia.

Secret Service to Launch Private-Sector Cybercrime Council – Cyberscoop

  • The United States Secret Service has recently hand-picked a small group of private-sector cybersecurity experts to advise the agency’s investigations team on how it can better take down cybercriminals. Members were selected to represent a wide array of experiences including law enforcement, computer scientists, network security, malware, ransomware, identity theft and more.

Cybercrime Laws Need Urgent Reform to Protect UK, Says Report – The Guardian

  • A new report in the UK has found that the current cybercrime laws, dating back to 1990, are not fit for purpose and “crying out for reform.” As it stands, the act exposes cybersecurity professionals to prosecution for carrying out intelligence research against cybercriminals and foreign state actors.

US Could Appoint a Cybersecurity Leader for Each State – InfoSecurity Magazine

  • US Legislators are proposing the Cybersecurity State Coordinator Act of 2020, which would improve intelligence sharing between state and federal governments and appoint an employee in each state to serve as cybersecurity state coordinator.

GDPR: 160,000 Data Breaches Reported Already, so Expect the Big Fines to Follow – ZDNet

  • It has been 18 months since GDPR regulation came into force but there’s no sign of breach notifications slowing, in fact they are currently rising with an average of 278 per day.
And Finally

Euro Cup and Olympics Ticket Reseller Hit by MageCart – Bleeping Computer

  • Magecart continues its reign of terror as an Olympics and Euro Cup ticketing reseller site is the latest to be infected by the card skimmer.

In Case You Missed It

Cyber Security News & Trends – 01-17-20

This week, SonicWall experts explain why the Dustman attack likely originates from Iran, the NSA publishes a major exploit in Microsoft ECC Certs, and Emotet makes a return after a holiday-season break.


SonicWall Spotlight

Security Advisor January 2020 – Tahulwheltech

  • SonicWall’s VP for EMEA Sales, Terry Greer-King, sits down with Security Advisor Middle East, and sheds some light on how SonicWall has become a major cybersecurity player in the Enterprise space with a “direct touch” approach and unrivaled security innovations.

The US is Worried about Iran Retaliating with a Cyberattack – Vox

  • As tensions between the US and Iran simmered in recent days, eyes have turned to Iran’s arsenal of cyberattack capabilities. Speaking to Vox SonicWall CEO Bill Conner stresses that American businesses must use the situation to bolster their cyberdefenses.

Dustman Attack Underscores Iran’s Cyber Capabilities – Dark Reading

  • A malware known as Dustman attacked Bahrain’s national oil company in a cyberattack in late December. SonicWall’s Dmitiry Ayrapetov explains to Dark Reading why an Iran-backed group is likely the likely source of the attack as they investigate the attack.

Landry’s Malware Attack Highlights Need for Stronger Data Security – Channel Futures

  • SonicWall CEO Bill Conner explains to Channel Futures that the recent attack on Landry’s is just one of several attacks that should not even be happening because large companies have the budget to afford the best in cybersecurity.

Cybersecurity News

Cybersecurity Threats Call for a Global Response – IMF Blog

  • The International Monetary Fund calls for a unified worldwide response to cyberthreats, listing four areas where the international community can come together to work better – understanding of the risks; improving collaboration; consistent regulatory approaches, and being ready for cyberattacks when they do happen.

60% of US politicians haven’t upgraded their cybersecurity since 2016 – MIT Technology Review

  • Despite controversy over alleged cyberattacks in the 2016 US Presidential campaign, a new poll of 500 high-risk users found that 60% of them have not upgraded their cybersecurity in the intervening years.

Proof-of-Concept Exploits Published for the Microsoft-NSA Crypto bug – ZDNet

  • Microsoft released a security update this week that includes a fix to a dangerous bug discovered and reported to them by the NSA. With the bug being described as “seriously, seriously bad” it only took 48 hours for two proof-of-concept exploits for the vulnerability to be published.

Unprotected Medical Systems Expose Data on Millions of Patients – SecurityWeek

  • New research and analysis has found that hundreds of internet-connected and unprotected medical imaging systems worldwide are exposing data of millions of patients. The most badly affected country is the USA where over 800 institutions have been exposed.

Renewed Emotet Phishing Activity Targets UN, Government and Military Users – SC Magazine

  • After a massive drop in attacks in December 2019, the Emotet botnet and banking trojan renewed attacks in January 2019, launching a massive phishing campaign targeting high profile organizations like the United Nations.

In Case You Missed It

Cyber Security News & Trends – 12-20-19

This week, SonicWall warnings about school districts under cyberattack prove prophetic as a new bill to protect K-12 districts is introduced, and do you know that the first ransomware attack was 30 years ago?


SonicWall Spotlight

US Senators Introduce Bill to Protect Schools Against Cyber-Threats – Infosecurity Magazine

  • SonicWall CEO Bill Conner weighs in on the importance of cybersecurity in school districts, commenting on a new bill introduced to the US House of Representatives this week. The bill is designed to enhance the cybersecurity of K–12 schools in a year where they have suffered heavily under cyberattacks.

Cybersecurity News

Hackers Steal Data for 15 Million Patients, Then Sell It Back to Lab That Lost It – Ars Technica

  • Canada’s biggest provider of lab testing services has confirmed it suffered a data breach, with info as old as 2016 accessed. It has also admitted that it made “a payment” to the hackers to retrieve the data, without disclosing exactly how much was paid.

Oil and Gas Industry Risks Escalate, Cybersecurity Should Be Prioritized – HelpNetSecurity

  • A new in-depth report draws on a decade’s worth of cyberattack data in the oil and gas industries, calling for a strengthening of cybersecurity as the risks continue to escalate.

Mobile Devices Account for 41% of DDoS Attack Traffic – Dark Reading

  • While the image DDoS attacks conjure up might be one of racks of computers all being harnessed, the reality right now is that around half of the traffic is now coming from mobile and IoT devices. A newly released report on DDoS attacks looking deeply into the current DDoS threat landscape also finds that China, Turkey, the US, and South Korea are the main sources of the attacks.

WhatsApp Updated to Patch Bug That Allows Attacker to Crash Group Chats – Washington Times

  • Another WhatsApp bug has been discovered and patched. This particular vulnerability allowed a user to send a malicious message to a group chat that would cause the app on every participant’s mobile device to continuously crash.

Maze Ransomware Gang Dumps Purported Victim List – BankInfoSecurity

  • In the latest escalation of ransomware attacks, the gang behind the Maze ransomware is threatening to name and shame victims if they do not pay the ransom. Proving they can make good on their threat, last month the gang published data stolen from a security services firm who did not pay.

10 Cybersecurity Stories in 2019 That Make Us Feel Less Secure – Tech Republic

  • Before looking to the future, we have to look to the past. Tech Republic lists the top 10 2019 cybersecurity stories that worry them the most, including the Capital One breach, juice jacking, and the number of adware attacks like xHelper and Joker in the Android ecosystem.
And Finally

30 Years of Ransomware: How One Bizarre Attack Laid the Foundations for the Malware Taking Over the World – ZDNet

  • Thirty years ago, the first ransomware attack was launched… on a floppy disk… with a PO Box to pay the ransom by postal order or check.

In Case You Missed It