Adware apps downloaded by millions, German politicians have their data leaked, and how is the government shutdown affecting cybersecurity? SonicWall has collected this week’s best cybersecurity stories, just for you.

SonicWall Spotlight

What Is Driving the Workforce of the Future? – IT News Africa

• SonicWall threat data is used to examine the potential dangers of a workforce dependent on the Internet of Things and 5G mobile connection.

Cyber Security News

German Man Confesses to Hacking Politicians’ Data, Officials Say – New York Times

• The December leak of the personal information of German politicians was carried out by a young German student who used very basic techniques like guessing the passwords. The authorities are treating him as a juvenile and he has been released while the investigation is ongoing.

Google Removes 85 Adware Apps That Were Installed by Millions of Users – ZDNet

• Google removed 85 apps from the Play Store after complaints that they were blatantly adware where every page on the apps triggered a full screen advert. At the time of removal one of the apps had already been downloaded over five million times.

Class-Action Lawsuit Filed Over Marriott Data Breach – Washington Times

• 76 plaintiffs from all 50 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands are suing Marriott International Inc. in federal court over the data breach in 2018 that saw millions of people’s data released.

Who Should Be Responsible for Protecting Our Personal Data? – World Economic Forum

• The World Economic Forum explores the growing cybersecurity challenges that are presented by the fact that 89% of Americans and 70% of Europeans use the internet daily, and half the world’s population is online in some way. They ask if governments are reacting fast enough to the changes and if cybersecurity is a personal or public responsibility.

Zeroday Exploit Prices Are Higher Than Ever, Especially for iOS and Messaging Apps – ArsTechnica

• The going rate for a zero-day jailbreak for Apple’s iOS is currently as high as $2 million. That’s the highest end of the scale but the market for exploits has been going higher and higher with no sign of leveling off.

U.S. Initiative Warns Firms of Hacking by China, Other Countries – Reuters

• A new initiative by The National Counter-Intelligence and Security Center (NCSC) has been launched, aimed with improving cybersecurity in U.S. companies. Videos, brochures, and online informational materials have all been made available in an attempt to address ongoing concerns that many companies are not currently doing enough to protect themselves from cyberthreats.

Cybersecurity May Suffer as Shutdown Persists – Roll Call

• The partial government shutdown may be leaving departments open to cybersecurity risks since many of the shutdown departments are on the “hit-list for hackers.” As more time passes there is a fear that minor setbacks may become irreversible.

This Old Ransomware Is Using an Unpleasant New Trick to Try and Make You Pay Up – ZDNet

• First spotted in 2016, Cryptomix is a ransomware that seemed to have disappeared until it was rediscovered recently with a new distasteful trick; using information scraped from children’s charity organizations to make it seem like the ransom payment will be used to help people in need.

  The Cybersecurity Skills Shortage Is Getting Worse – CSO Online

• With 53 percent of respondents of one survey reporting a problematic shortage of people with the right skills, the cybersecurity job situation is seen by some as actively getting worse rather than better. CSO Online recommend massive federal leadership, a more thorough public/private partnership and an integrated industry effort to solve the problem.

In Case You Missed It

• 2018 Holiday Cyber Threat Data: Final Analysis Shows Big Ransomware Spikes in US, UK – John Gordineer
• 4 Security Predictions for MSSPs in 2019 – Brook Chelmo
• Is 802.11ax Going Away? And What is Wi-Fi 6? – Srudi Dineshan
• Video: Why Layered Security Matters – Geoff Blaine
• NRF 2019: Join SonicWall at the ‘Big Show’ – Nicole Landfield

Quantum Cryptography, Malware spreading through the cloud, and Fortnite making teenagers a lot of money; SonicWall has collected and compiled this week’s best cybersecurity stories, just for you.

SonicWall Spotlight

CEO Outlook: Five Questions on 2019  – CRN.com

• SonicWall CEO Bill Conner gives his five predictions for 2019; from the biggest market opportunities to his thoughts on why staying up-to-date will be key for Channel Partners. He also predicts that 2019 will be the year of the SonicWall Capture Cloud Platform.

SonicWall Increasing Local Partner Support Across EMEA – Computer Weekly

• SonicWall celebrates key EMEA milestones including the hiring of industry-leading talent and the opening of three new offices in the UK, Spain, and the UAE.

Quantum Cryptography: The Next-Generation of Secure Data Transmission – Information-Age

• With SonicWall Threat Data showing an increase in encrypted threats throughout 2018, Information Age speculate that quantum cryptography could be the future in encryption.

Cyber Security News

Public Clouds: Fertile Ground to Spread Malware – Security Boulevard

• A general trust in cloud services is leaving an easy entry point open for threat actors to spread malware. Researchers have already found browser hijacker adware Linkury making its way across Microsoft Azure.

Hackers Have Earned $1.7 Million so Far From Trading Data Stolen From US Gov Payment Portals – ZDNet

• Click2Gov, a US government self-service payment system owned by Superion, was hit by a data breach in September 2017. Security researchers are estimating that the hackers have earned at least $1.7 million to date selling the information on the Dark Web.

Google Finds Internet Explorer Zero-Day Exploited in Targeted Attacks – Security Week

• Microsoft released a patch for Internet Explorer fixing a dangerous zero-day bug. SonicWall Captures Labs also issued a signature to provide protection.

Fortnite Teen Hackers ‘Earning Thousands of Pounds a Week’ – BBC

• With Fortnite estimated to have earned more than £1 billion through selling in-game “skins” there is a growing black-market, often run both by and for very young teenagers.

Irish Data Authority Probes Facebook Photo Breach – Security Week

• A GDPR investigation has been launched in Ireland after it was revealed that up to 6.8 million users may have had their photos exposed to third party apps. A fine of up to four percent of annual global turnover can be issued to a corporation if they are found to be in breach of GDPR.

New Malware Pulls Its Instructions From Code Hidden in Memes Posted to Twitter – Tech Crunch

• Researchers have found a type of malware that appears to be activated by memes on Twitter. The good news for those who can’t resist a link to a laugh is that it still looks to be in a testing stage and may never be released.

NASA Discloses Data Breach – ZDNet

• NASA confirmed a data breach in October 2018 where a third party gained access to personal data, including Social Security Numbers, of current and former employees. No missions are believed to jeopardized by the hack but the investigation into the incident will “take time.”

The Nightmare Before Christmas: Cybersecurity Risks for Children’s Toys – EURACTIV (Europe)

• As the Internet of Things enters toy manufacturing a host of problems are coming with it; open Bluetooth connections, cheap manufacturing standards, and cybersecurity laws that cannot yet be effectively applied.

In Case You Missed It

• 5 Tips to Keep You Cybersecure During Holiday Travel – Nicole Landfield
• 4 Security Predictions for MSSPs in 2019 – Brook Chelmo
• Is 802.11ax Going Away? And What is Wi-Fi 6? – Srudi Dineshan
• 6 Phishing Scams to Look Out for this Holiday Shopping Season – Ganesh Umapathy
• Video: Why Layered Security Matters – Geoff Blaine
• NRF 2019: Join SonicWall at the ‘Big Show’ – Nicole Landfield

This week SonicWall has taken to the airwaves as CEO Bill Conner is profiled by KRLD Radio, and in industry news, more new breaches revealed but impacted companies like Quora are saying that Marriott International has it far worse.

SonicWall Spotlight

New Law Aids SMBs in Combating Cybersecurity Risks – The Channel Pro Network

• SonicWall CEO Bill Conner calls SMBs the “foundation of the U.S. economy” in this update about the recently enacted NIST Small Business Cybersecurity Act.

CRN’s 2018 Products of the Year – CRN

• The SonicWall Capture Cloud Platform was announced as a finalist in CRN’s 2018 Products of the Year in the security-cloud category.

CEO Spotlight: Bill Conner, CEO, SonicWall – KRLD Radio (US)

• SonicWall CEO Bill Conner is featured on KRLD’s CEO Spotlight radio segment discussing SonicWall’s holiday cyber threat data.

Cyber Security News

Cyber-espionage group uses Chrome extension to infect victims – ZD Net

• Netscout researchers have released a report revealing details of a nation-state-backed hacking group’s efforts to target the academic sector by pushing a malicious Google Chrome extension through a spear-phishing email campaign.

DHS Says SamSam Ransomware is Targeting Critical Infrastructure Entities – Security Week

• The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) issue an alert on activity related to SamSam, the malware which has supposedly cost private enterprises and organizations over $5.9 million in the last two years.

U.S. Financial Firms to Further Increase Cybersecurity Spending – Bloomberg

• U.S. banks and other financial firms are projecting higher spending on cybersecurity as they face bigger threats and more attacks.

Marriott looking at China in data breach: report – The Hill

• Investigators looking into the recent Marriott breach, which saw personal data belonging to over 500 million hotel guests exposed, are looking to China as the most likely source of the attack.

Quora reports data breach affecting 100 million users – Phys Org

• Quora has notified users of a data breach involving the email addresses and encrypted passwords of about 100 million users. The question-and-answer website is downplaying the incident, claiming that it “is nothing like” the sustained breach suffered by Marriott International over the last four years.

Why Cyber Monday Is Just the Beginning of the Festive Hacking Season – ZDNet

• Cyberattacks reach a peak around the holiday season but ZDNet argue that understaffing over Christmas leaves many companies open to further attacks.

Huawei Said to Plan $2 Billion Cybersecurity Reboot – Industry Week

• Small companies often do not have the resources to be able to meet the strictest cybersecurity standards. Two academics argue that they should not be financially penalized in the same way as larger corporations can be.

In Case You Missed It

• Cloud Security: Making the Invisible … Visible – Beau Beamesderfer
• 3 Ways to Prevent Cryptominers from Stealing Your Processing Power – Brook Chelmo
• SonicWall Wins Gold and Silver in Best in Biz Awards 2018 – Nicole Landfield
• Historic Black Friday, Cyber Monday Threat Data Prepares Businesses, Shoppers for Holiday Cyberattacks – Scott Grebe
• October 2018 Cyber Threat Data: Web App Attacks, Ransomware Continue Upward Trend – John Lynch

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Two Cybersecurity Policies, One Clear New Objective – The Hill

• SonicWall CEO Bill Conner has written an op-ed with his three policy prescriptions for the U.S. government following the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act and The National Cyber Strategy being signed into law.

Historic Black Friday, Cyber Monday Threat Data Prepares Businesses, Shoppers for Holiday Cyberattacks – SonicWall Blog

• With Black Friday and Cyber Monday upon us cybercriminals are working overtime to find a gap in your cyber defense. We look at last year’s leap in malware attacks and advise on how to protect your business.

SonicWall Launches SD-WAN, Risk Metrics and New UTM Hardware – eWEEK

• Sean Michael Kerner, senior editor at eWEEK, speaks to SonicWall’s Lawrence Pingree about SonicWall’s recent product expansion.

5 Key Skills for Next-Gen Communicators – Commpro

• SonicWall’s David Chamberlin was recently featured on a panel discussion, How To Stay Relevant as a Communications Executive in 2020. Commpro has pulled the discussion together into a handy infographic.

Cyber Security News

Amazon Data Breach Reveals Private Details of Customers Ahead of Black Friday – The Telegraph (UK)

• On the eve of some of the busiest shopping days of the year, Amazon confirmed a leak of customer names and emails.

VisionDirect Blindsided by Magecart in Data Breach – Threat Post

• After VisionDirect confirmed a data breach exposing full names, addresses, telephone numbers, email addresses, passwords and payment card data, security researchers are saying this is the latest case of the ever-prolific Magecart threat group.

Security Warning: UK Critical Infrastructure Still at Risk From Devastating Cyber Attack – ZDNet

• With the head of the UK National Cyber Security Centre previously stating that a major cybersecurity attack is a matter of “when, not if”, a new report from the UK’s Joint Committee on the National Security Strategy says the UK is still not facing up to cybersecurity threats.

Nine Cyber Security Predictions for 2019 – CSO Online

• Ransomware, regulation, cyberwarfare and more; CSO Online tries to predict where cybersecurity will go over the next 12 months.

Facebook Appeals Against Cambridge Analytica Fine – BBC (UK)

• Facebook is appealing their £500,000 fine, arguing that there is no evidence that any UK citizens had their data shared with Cambridge Analytica.

L0rdix Becomes the New Swiss Army Knife of Windows Hacking – ZDNet

• A new malware called L0rdix has been found by researchers. It still looks to be in the development stages but it already manages to combine cryptocurrency mining, data theft and the ability to avoid malware analysis.

Report Reveals Struggles of SMBs Navigating Cyber Threat Landscape – SC Magazine

• A recent study of Small and Medium Sized Businesses found over half of those surveyed have suffered from a data breach in the past year. Most respondents blame insufficient staff or cash, and a general lack of understanding of the threat landscape. SonicWall’s Charles Ho has some suggestions.

In Case You Missed It

• October 2018 Cyber Threat Data: Web App Attacks, Ransomware Continue Upward Trend – John Lynch
• Bill Conner: We Need a ‘Single, Comprehensive National Cybersecurity Strategy’ – Geoff Blaine
• Why SMBs Continue to Drive Growth in Managed Security Demand – Charles Ho
• Monitor & Optimize Your Cybersecurity Posture with Real-Time Risk Metering – Ken Dang
• Choosing a Firewall with PoE Integration – Scott Grebe
• What is Secure SD-WAN and How Can It Save Me Money? – Scott Grebe

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

New NIST Small Business Cybersecurity Act to Provide Guidance for Protecting SMBs – SonicWall eBook

• If you’re a small to medium-sized business (SMB) looking for guidance on the NIST Small Business Cybersecurity Act, get this eBook. It includes an explanation of the act and information on how best to protect yourself and your business.

Intel CPUs Fall to New Hyperthreading Exploit That Pilfers Crypto Keys – Ars Technica

• PortSmash is a new attack that exploits Intel’s Hyper-Threading architecture. SonicWall adds a layer of protection against this exploit and other similar side-channel attacks.

Cyber Security News

The Mad Dash to Find a Cybersecurity Force – The New York Times

• The need for skilled cybersecurity experts in the workplace is growing faster than the talent pool can provide with an estimated 3.5 million cybersecurity jobs available but unfilled by 2021.

Lazarus FASTCash ATM Attack Details Discovered – SC Magazine

• North Korean hacker group Lazarus has been using FASTCash trojan on obsolete AIX servers to hack ATMs and steal tens of millions of dollars.

Data of Nearly 700,000 Amex India Customers Exposed via Unsecured MongoDB Server – ZDNet

• American Express India has been caught with an unencrypted server accessible online without a password, exposing a huge amount of personal data.

HSBC Customers Hit by Data Breach in US Business – BBC News

• At least one customer in every U.S. state has been affected by a data breach that occurred between October 4 and 14 of this year. HSBC say it affected less than 1 percent of its U.S. customer base but the details include account numbers and transaction histories.

Cambodia’s ISPs Hit by Some of the Biggest DDoS Attacks in the Country’s History – ZDNet

• Someone is bombarding ISPs in Cambodia with DDoS attacks and ZDNet have a few theories on who it might be.

Private Messages From 81,000 Hacked Facebook Accounts for Sale – BBC

• Hackers who claim to have access to 120 million Facebook accounts have been attempting to sell private messages online for as little as 10 cents per account.

Ransomware Keeps Ringing in Profits for Cybercrime Rings – BankInfoSecurity

• If you’re confused by the many different types of ransomware in the news right now, BankInfoSecurity explain current trends and who is most at risk.

In Case You Missed It

• Cybersecurity for SMBs: Bundled Network Security Delivers Cost-Effective Protection – Steve Pataky
• Bypassing Government Security Controls with Customized Malware – Brook Chelmo
• 4 Ways SonicWall & ConnectWise Simplify Security Management for MSPs – Ken Dang           
• The libssh Vulnerability: What’s at Risk & How SonicWall Helps Prevent It – Rob Krug
• SonicWall Extends Next-Generation Firewalls to Public Cloud Deployments, Including AWS and Azure – Srudi Dineshan          
• 3 Elements of a Successful Managed Security Services (MSS) Bundle – Joe Velderman