Posts

Cyber Security News & Trends – 08-17-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New post for PNC’s former CCOPittsburg Biz Journals (US)

  • SonicWall CMO David Chamberlin is featured for his recent appointment to the company following his position as PNC’s former CCO in Pittsburg, Penn.

Foreshadow Vulnerability (L1TF) Introduces New Risks to Intel Processors  — SonicWall Blog

  • Foreshadow, the latest vulnerability to hit microprocessors, comes from the same family as Spectre. SonicWall customers with Capture Advanced Threat Protection (ATP) sandbox service activated are protected.

Cyber Security News

NIST Small Business Cybersecurity Act Becomes Law – Security Week

  • U.S. President Donald Trump signed the NIST Small Business Cybersecurity Act into law on Tuesday (August 14, 2018). It requires NIST to “disseminate clear and concise resources to help small business concerns identify, assess, manage, and reduce their cybersecurity risks.”

Foreshadow and Intel SGX software attestation: ‘The whole trust model collapses’ – The Register

  • In the wake of yet another collection of Intel bugs, The Register had the chance to speak to Foreshadow co-discoverer and University of Adelaide and Data61 researcher Dr Yuval Yarom about its impact.

The state of cybersecurity at small organizations – CSO Online

  • A research survey of 400 cybersecurity professionals in small organizations, found that SMBs are being compromised due to human error, ignorance and apathy.

U.S. investor sues AT&T for $224 million over loss of cryptocurrency – Reuters

  • U.S. entrepreneur and cryptocurrency investor Michael Terpin filed a $224 million lawsuit on Wednesday against telecommunications company AT&T, accusing it of fraud and gross negligence in connection with the theft of digital currency tokens from his personal account.

Cryptojacking attacks: One in three organizations say they’ve been hit with mining malware – ZDNet

  • Almost a third of organizations say they’ve been hit by cryptojacking attacks in the last month, as cyber criminals continue their attempts to push malware designed to secretly use processing power to generate cryptocurrency.

Hundreds of Netflix, HBO, DirecTV and Hulu credentials for sale on dark web – SC Magazine

  • Hundreds of stolen Netflix, HBO, DirecTV and Hulu accounts found at an average price of $8.81, less than the cost of a monthly subscription for most of the services which range from $7.99 per month for Hulu’s lowest tier plan to $15 per month for HBO Go.

FBI Warns of Cyber Extortion Scam – Dark Reading

  • Extortion is a very old crime that’s being given new life in the cyber world. A recent public service announcement from the FBI warns computer users to be on the lookout for threats that use stolen information to tailor extortion demands to specific email addresses.

In Case You Missed It

Cyber Security News & Trends – 08-10-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

DHS Has New Cyber Collaboration Center, But Private Companies May Hesitate to Share — Law.com

  • SonicWall CEO Bill Conner discusses the challenges faced by the new DHS National Risk Management Center initiative in relation to cooperation from the private sector.

ADT Acquires MSSP SDI, Eyes Small Business Cybersecurity Market Growth — MSSP Alert

  • ADT, the monitored security and home and business automation solutions provider, has acquired Secure Designs Inc. (SDI), a well-known MSSP and SonicWall partner that manages firewall equipment for small business customers.

The Changing Data Security Landscape — Database Trends and Applications

  • The SonicWall 2018 Cyber Threat Report is used in an analysis of the overall risk landscape for cybersecurity.

SonicWall to expand product engineering facility in India — ETCIO

  • Debasish Mukherjee, Country Manager India & SAARC SonicWall sat down with ETCIO to discuss the country’s expansion in Bangalore, India.

Cyber Security News

The Sensors That Power Smart Cities Are a Hacker’s Dream — Wired

  • Research from IBM Security and data security firm Threatcare that looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes.

Network of 15,000 bots used to spread cryptocurrency giveaway spam via Twitter — SC Magazine

  • A recently developed methodology for identifying Twitter bot accounts in large quantities turned up a cryptocurrency scam botnet operation found to leverage at least 15,000 bots to submit bogus tweets and likes.

Internet of Things Adoption to Rise Despite Security, Data Integration Challenges — The Wall Street Journal

  • Firms continue to adopt Internet of Things technologies, but believe large-scale deployments and returns on investment may take longer than expected to materialize due to ongoing security and implementation challenges.

iPhone Chipmaker Blames WannaCry Variant for Plant Closures — Bloomberg

  • Taiwan Semiconductor Manufacturing Co. blamed a variant of the 2017 WannaCry ransomware for the unprecedented shutdown of several plants, as it ramps up chipmaking for Apple Inc.’s next iPhones

Atlanta’s Reported Ransomware Bill: Up to $17 Million — Bank Info Security

  • The cost of the city of Atlanta’s mitigation and subsequent IT overhaul following a massive SamSam ransomware infection earlier this year could reach $17 million.

In Case You Missed It

Cyber Security News & Trends – 07-13-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

As Malware, Ransomware Surge in 2018, SonicWall Raises Alarm on Encrypted Threats and Chip-Based Attacks

  • SonicWall publishes a mid-year update of 2018 SonicWall Cyber Threat Report, finds more than 5.99 billion total malware attacks, up 102 percent, in the first six months of 2018.

Ghostbusters 2: how to deal with Spectre, the sequel – SC Magazine (UK)

  • Lawrence Pingree, SonicWall’s VP of Product Management discusses the possibilities of future exploits built on the Spectre vulnerability

Big Enterprise or Small Business, It Doesn’t Matter: Hackers Are Coming for You, Right Now – Joseph Steinberg

  • Quotes from a 2017 interview between Bill Conner and Joe Steinberg are resurfaced to explain that about half of all cyber-attacks are on small businesses.

Cyber Security News

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders – The Register

  • An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers’ NPM login tokens.

Hackers are selling backdoors into PCs for just $10 – ZDNet

  • Cyber criminals are offering remote access to IT systems for just $10 via a dark web hacking store — potentially enabling attackers to steal information, disrupt systems, deploy ransomware and more.

Senators press federal election officials on state cybersecurity – The Hill

  • Senators on Wednesday pressed top officials from the U.S. Election Assistance Commission (EAC) about their efforts to boost state cybersecurity election systems, with a focus on whether each state should have a mechanism in place to audit their results.

Cryptocurrency service Bancor robbed of billions; MyEtherWallet users targeted via malicious VPN Chrome extension – SC Magazine

  • Cryptocurrency token conversion service Bancor disclosed yesterday that hackers stole millions in funds from one of its online wallets, while Etherium crypto wallet service MyEtherWallet warned that hackers may have compromised anyone who accessed its service while using the free VPN service Hola and its Chrome extension.

Breach department: Unauthorized party accesses Macys.com and Bloomingdales.com customer accounts – SC Magazine

  • For nearly two months, an unauthorized party reportedly used stolen usernames and passwords to log into the online accounts of certain Macys.com and Bloomingdales.com customers.

In Case You Missed It

Cyber Security News & Trends – 07-06-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Breaking down SonicWall’s 12 new features for mid-tier enterprises — TechRepublic

  • Following the release of SonicWall’s latest product news, TechRepublic provides an overview of the features released. This article concludes that the new mid-tier offerings make SonicWall an option for companies of any sector and size.

Review: SonicWall TZ400 Provides Local Governments with Deep, Frontline Protection – StateTech

  • SonicWall’s firewall appliance is a strong choice for state and local governments watching the bottom line.

Cyber Security News

Sophos shares tank as revenues slow – UK Investor Magazine

  • Shares in cyber security group Sophos fall by a fifth as growth slows. The company’s shares fell by more than 20% as it said billings growth – an indicator of future revenues – in the three months to the end of June had slowed to just 6pc, or 2pc when adjusted for foreign currency changes.

New Virus Decides If Your Computer Good for Mining or Ransomware — The Hacker News

  • Researchers at Kaspersky Labs have discovered a new variant of Rakhni ransomware family, which has now been upgraded to include cryptocurrency mining capability as well.

Macro-based malware campaign replaces desktop and Quick Launch shortcuts to install backdoor — SC Magazine

  • Researchers have uncovered an unusual malicious macro-based malware campaign that effectively modifies infected users’ shortcut files so that they secretly download a backdoor program.

Trump nominates former Energy official to lead Homeland Security tech research arm — The Hill

  • President Trump announces that he is tapping William Bryan, an Army veteran and former Department of Energy official, to lead the Department of Homeland Security’s technology research and development arm.

Adidas Reports Data Breach — The Wall Street Journal

  • Adidas warned late on Thursday that hackers may have lifted customer data from its US website.

In Case You Missed It

Cyber Security News & Trends – 06-29-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

SonicWall Targets Mid-Tier Enterprises with New Network Security Software and Appliances SiliconANGLE

  • Following the release of SonicWall’s latest product news, SiliconANGLE unpacks updates to the SonicWall Capture Security Center. This article also touches on the company’s six new firewall appliances.

Cyber Security News

Despite Caution Over Cryptocurrency, Investors are Bullish The New York Times

  • Initial coin offerings are raising billions for cryptocurrency start-ups, like the Russia messaging service Telegram, which raised nearly $2 billion.

Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records Wired

  • Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses.

Reality Winner, N.S.A. Contractor Accused in Leak Pleads Guilty The New York Times

  • Reality Winner, the former government contractor charged with leaking classified information, pleaded guilty in federal court Tuesday as part of a plea agreement reached with federal prosecutors.

Hotels, Airlines and Travel Sites Battle Bot Attacks ZDNet

  • Attackers in certain countries appear to have a particular focus on breaching organizations operating in the travel sector.

60,000 Android Devices Hit With Ad-Clicking Bot Ransomware SC Magazine

  • A new malicious Android app has infected at least 60,000 devices gaining the ability to extract some important information from each device along with installing some ad click malware.

New Fears Over Chinese Espionage Grip Washington The Hill

  • Lawmakers are scrutinizing the Pentagon over its efforts to keep military secrets safe from hackers, after Chinese actors allegedly breached a Navy contractor’s computer and collected data on submarine technology.

In Case You Missed It

Cyber Security News & Trends – 06-22-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cloud Encryption Market: Security to Remain Primary Factor for Adoption of Cloud Encryption — Tech You n Me

  • This article reviews the cloud encryption market and how key players like SonicWall are releasing innovative new products, like the company’s range of cloud security products that includes the SonicWall Cloud Analytics application for deep security data analysis and automated breach detection.

Sophos XG vs SonicWall NS: Top NGFWs Compared eSecurity Planet

  • In an article detailing the strengths and weaknesses of top vendor next-generation firewalls (NGFWs), the SonicWall NSA is featured in comparison to the Sophos XG.

Cyber Security News

How a Few People Took Equifax to Small Claims Court Over Its Data Breach and Won The New York Times

  • After 145 million Americans’ financial information was exposed last year, some of them won cases against the credit reporting agency in local courts.

Script Kiddie Goes From ‘Bitcoin Baron’ to ‘Lockup Lodger’ After DDoSing 911 Systems The Register

  • Randall Charles Tucker was given a 20-month sentence Tuesday after pleading guilty earlier this year to one count of felony intentional damage to a protected computer. He had faced as many as 41 months.

New Phishing Scam Reels In Netflix Users To TLS-Certified Sites — Threat Post

  • Researchers are warning of a new Netflix phishing scam that leads victims to sites with valid Transport Layer Security (TLS) certificates.

Korean Cryptocurrency Exchange Bithumb Loses More Than $30 Million in Hack The Wall Street Journal

  • Seoul-based bitcoin exchange Bithumb said Wednesday it had lost over $30 million as the result of being hacked, the second cyberattack in two weeks to hit a major South Korean cryptocurrency exchange as safety concerns hamper the industry and weigh on prices.

This New Windows Malware Wants to Add Your PC to a Botnet – or Worse ZDNet

  • Dubbed Mylobot after a researcher’s pet dog, the origins of the malware and its delivery method are currently unknown, but it appears to have a connection to Locky ransomware – one of last year’s most prolific forms of malware.

China-Based Hackers Breached Satellite, Defense Firms: Study The Hill

  • China-based hackers infiltrated satellite operators, defense contractors and telecommunications companies in the U.S. and southeast Asia, according to researchers at Symantec Corp.

In Case You Missed It

Cybersecurity News & Trends – 06-15-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

CEO Spotlight- Bill Conner, SonicWall 1080 KRLD Radio

  • Bill Conner and David Johnson sit down and discuss SonicWall’s momentum, attack vectors threatening business and what’s happening in cybersecurity today on David’s CEO Spotlight radio segment.

Brightstar is the first SonicWall MSSP in India CRN.in

  • The recent SonicWall and Brightstar India partnership news continues to garner coverage featuring the launch of Security as a Service (SeCaaS) in the region.

“Digital Infrastructure Is Critical In Transforming a City and Creating a Sustainable Smart Ecosystem” BWSmart Cities

  • SonicWall’s Debasish Mukherjee, Country Manager India & SAARC, explains how crucial digital infrastructure is in transforming the cities of the future and how the role of new-age trends — like IoT, cloud and machine learning — drive the growth of the network security market.

Cyber Security News

Intel Chip Flaw: Math Unit May Spill Crypto Secrets to Apps–Modern Linux, Windows, BSDs Immune The Register

  • A security flaw within Intel Core and Xeon processors can be potentially exploited to swipe sensitive data from the chips’ math processing units.

U.S. warns World Cup attendees of Russian hacking risks The Washington Times

  • World Cup attendees risk having their personal data compromised by hackers, state-sponsored or otherwise, the head of the U.S. National Counterintelligence and Security Center warned ahead of the annual soccer tournament starting in Russia this week.

Luckymouse Threat Group Strikes National Data Center to Exploit Government Website ZDNet

  • Researchers say the Chinese threat actors behind the campaign aimed to compromise government resources.

UK Watchdog Issues $330K Fine for Yahoo’s 2014 Data Breach Tech Crunch

  • Another fallout from the massive Yahoo data breach that dates back to 2014: The UK’s data watchdog issued a £250,000 (about $334,000 USD) penalty for violations of the Data Protection Act 1998.

FBI Announces Arrrest of 74 Email Fraudsters ZDNet

  • Police have carried out a worldwide wave of arrests that have seen 74 people detained and over $16 million in purloined funds seized by suspected whalers or business email compromise (BEC) fraudsters.

Hackers Target Payment Transfer System at Chile’s Biggest Bank, ‘Take $10M’  — The Register

  • Banco de Chile has become the latest victim in a string of cyberattacks targeting the payment transfer systems of banks. Hackers reportedly used a variant of the complex KillDisk wiper malware to distract attention before targeting systems linked to the SWIFT inter-bank transfer network.

In Case You Missed It

May 2018: Cyberattack Volume Continues to Rise, Ransomware Attempts Jump 299 Percent

The very latest cyber threat intelligence for May 2018 depicts increases in a number of attack areas, particularly when comparing against 2017 cyber threat data. Through May 2018, the SonicWall Capture Labs threat researches have recorded:

Global Cyberattacks — May 2018

  • 2 million malware attacks (64 percent year-over-year increase)
  • 9 million ransomware attacks (78 percent year-over-year increase)
  • 238,828 encrypted threats (142 percent year-over-year increase)

Global Cyberattacks — Year to Date

  • 5 billion malware attacks (128 percent increase )
  • 2 million ransomware attacks (299 percent increase)
  • 2 million encrypted threats (283 percent increase)

To put these numbers in a more practical light, it’s helpful to break them down by customer. In May 2018 alone, the average SonicWall customer faced:

  • 2,302 malware attacks (56 percent year-over-year increase)
  • 62 ransomware attacks (69 percent year-over-year increase)
  • Almost 94 encrypted threats
  • Over 14 phishing attacks per day

With each passing month, cybercriminals continue to perpetrate cyberattacks at an ever-accelerating rate. It is interesting to note that although encrypted traffic is actually down slightly when compared with last year, encrypted threats have more than doubled. This points to cybercriminals who are more aware of the efficacy of encrypting their attacks.

In addition, phishing attacks have increased by almost 40 percent since last month. To better educate your end users and follow secure email best practices, use the phishing IQ test to increase their suspicions when opening emails, particularly from unknown senders.

As the cyber war continues between threat actors and security professionals, arming your organization with the latest cyber threat intelligence is critical to implementing or improving a sound security posture. As long as vulnerabilities exist, there are threat actors working to exploit them.

Find Threat Metrics When You Need Them

Would you like to keep up-to-date on threat metrics, security news and worldwide cyberattacks? The SonicWall Security Center has all of this and more.

VISIT THE SECURITY CENTER

Cybersecurity News & Trends – 06-08-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Galix Becomes SonicWall’s First Ever Platinum Partner in Africa IT News Africa

  • Galix, an IT services, infrastructure management and compliance company, has become the first ever African partner to receive SonicWall’s Platinum Partner status.

SonicWall Looks Beyond Firewalls to Bolster Cyber-Security eWeek

  • eWeek sits down with SonicWall CEO Bill Conner at RSA to discuss the company’s progress toward becoming a financially and operationally independent company in a written article and accompanying video interview.

Cyber Security News

US-North Korea Summit News Used as Lure in New Malware Campaign Dark Reading

  • North Korea’s Group 123, an advanced persistent threat actor responsible for several major malicious campaigns in recent years, is believed to be behind new malware activity targeting users in South Korea.

Researcher Finds Login Info for 92 Million MyHeritage Users on Private Server SC Magazine

  • A file named myheritage discovered on an outside private server contained the email addresses and hashed passwords of more than 92 million MyHeritage customers, the genealogy and DNA testing company’s CISO said.

Here’s a Transaction Transamerica Regrets: Transgressors Swipe Retirees’ Personal Info The Register

  • Financial house Transamerica has admitted hackers swiped some of its customers’ sensitive personal information, including social security numbers.

Ukraine Says Prevented Cyber Attack on NATO Country Embassy Reuters

  • Ukraine’s state security service (SBU) prevented a cyber attack on the embassy of a NATO country in Kiev, it said in a statement on Tuesday, without specifying which one.

Mich. County Official Falls for Phishing Scam, Quits The Detroit News

  • An official in a small Michigan county has resigned after being tricked into wiring $50,000 to an overseas bank account.

In Case You Missed It

Cybersecurity News & Trends – 06-01-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity 500 List, 2018 Edition Cybersecurity Ventures

  • SonicWall is announced as #36 on Cybersecurity Ventures Cybersecurity 500: 2018 Edition List which includes the world’s hottest and most innovative cybersecurity companies to watch in 2018.

British Businesses Facing Cyber Ransom Demands of up to £200,000 The Daily Telegraph

  • Cyber criminals are arming themselves with “malware cocktails”, expertly blended using old variants of malicious computer code. The new viruses are more potent than their predecessors because they have adapted to companies’ cyber defenses, like a digital version of antibiotic-resistant superbugs.

Securing Your Journey to Success With Innovation and Security: SonicWall Silicon Review

  • Recently announced as one of the 10 Best Security Companies in 2018, SonicWall is featured in an editorial highlighting the company’s history and success with CEO Bill Conner at the forefront.

10 Best Security Companies in 2018 Silicon Review

  • SonicWall is announced as one of the 10 Best Security Companies in 2018.

Cyber Security News

Cybercriminals on Average Have Seven-Day Window of Opportunity to Attack SC Magazine

  • Once a vulnerability is announced, the average attacker has a seven-day window of opportunity to exploit the flaw before a defender is even aware they are vulnerable, according to report from Tenable.

Deadly Attacks Feared as Hackers Target Industrial Sites The Hill

  • The hacking threat to critical infrastructure in the United States and beyond is growing larger, with nation states and other malicious actors looking to gain a foothold in sensitive technologies to conduct espionage and potentially stage disruptive or destructive attacks.

U.S. Judge Dismisses Kaspersky Suits to Overturn Government Ban Reuters

  • A U.S. federal judge on Wednesday dismissed two lawsuits by Moscow-based Kaspersky Lab that sought to overturn bans on the use of the security software maker’s products in U.S. government networks.

BackSwap Banking Malware Bypasses Browser Protections With Clever Technique SC Magazine

  • A new banking malware called BackSwap has replaced tricky conventional browser injections with a simpler browser manipulation technique.

Over 5K Gas Station Tank Gauges Sit Exposed on the Public Net Dark Reading

  • It’s been three years since researchers first discovered automated tank gauges (ATGs) at some 5,000 US gas stations exposed on the public Internet without password protection, and a recent scan found 5,635 locations were vulnerable to the same issue.

In Case You Missed It


Upcoming Webinars & Events

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now