Posts

Cybersecurity News & Trends – 03-10-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

Another week is in the books for 2023, and SonicWall is still going strong with the recently released 2023 Cyber Threat Report.

In industry news, Dark Reading has the scoop on an Iranian threat group targeting women’s rights protesters with spear-phishing attacks as well as a large school district falling victim to ransomware. Bleeping Computer provided details on a new cryptocurrency scam the FBI is warning about. Billions of IoT and enterprise devices are at risk due to new TPM vulnerabilities according to Hacker News, and TechCrunch reported on GitHub’s new two-factor authentication policy.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Covert Cyberattacks on The Rise as Attackers Shift Tactics for Maximum Impact

HelpNetSecurity, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 million), according to SonicWall.

2023 Could Be the Biggest Ever Year for Cybercrime

TechRadarPro, SonicWall News: 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals.

Spikes In IoT Malware, Cryptojacking Offset Decline in Ransomware In 2022

MSSP Alert, SonicWall News: SonicWall researchers recorded the second-highest year on record for global ransomware attempts but it was an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) that signaled a shift in the overall threat landscape in 2022, the company said in a new report.

Cybercrime Spiked In 2022 — And This Year Could Be Worse

Digital Trends, SonicWall News: Last year saw a massive spike in cybercrime, with some types of malicious digital activity rising by as much as 87%. It doesn’t bode well — but there were a couple of relative bright spots. That information comes from a new report published by cybersecurity firm SonicWall. It makes for interesting reading, especially since one of the biggest rises came from an unusual source — and one of the most feared types of malware saw a hefty drop.

Ransomware Attacks Plunged 48 Percent in US Last Year: SonicWall

CRN, SonicWall News: In a major reversal from prior years, the volume of ransomware attacks globally dropped by 21 percent in 2022, year-over-year, with a 48-percent decline in the U.S., SonicWall said in a new report Tuesday. It’s encouraging that we’re seeing a decrease” in ransomware attacks, SonicWall CEO Bob VanKirk said in an interview with CRN. At the same time, “the number of attacks still is staggering,” VanKirk said.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

Evening Standard, SonicWall News: The scale of the threat posed to companies and consumers by cyberattacks was laid bare today in a new report which reveals global ransomware attempts hit their second highest year on record in 2022.

Cyber intrusion attempts and malware attacks climbed 19% and 2% respectively, according to the Global Cyberattack Trends report by SonicWall, while crypto-theft attacks jumped 43% to reach a record high. The volume of ransomware attacks was especially severe in the UK, climbing a staggering 112% in 2022, the report found, despite a 21% decrease in attacks worldwide.

Experts Spot Half a Million Novel Malware Variants in 2022

InfoSecurity, SonicWall News: Global malware detections increased 2% year-on-year (YoY) in 2022 to hit 5.5 billion, with never-before-seen variants surging 5%, according to SonicWall. The security vendor captured threat intelligence from its global SonicWall Capture Threat network, including one million security sensors, in order to compile its 2023 SonicWall Cyber Threat Report.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

MSN, SonicWall News: Bob Vankirk, CEO of SonicWall, said: “The past year reinforced the need for cybersecurity in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance. While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”

State-Sponsored Hackers Are Diversifying Tactics, Targeting Small Businesses

IT Pro, SonicWall News: State-sponsored threat actors are increasingly shifting their focus towards SMBs and smaller enterprises, according to new research. While large enterprises, public services, and critical national infrastructure have traditionally been key targets for state-sponsored threat actors, SonicWall’s 2023 Cyber Threat Report predicted that groups will ‘diversify’ their tactics in 2023 to target SMBs and a “broader set of victims.”

Cybersecurity Predictions for 2023 – Things You Should Know

Utah Pulse, SonicWall News: SonicWall reports a 328% YoY increase in healthcare ransomware attacks in 2022, and healthcare and education are expected to be among the most targeted sectors in 2023. The expanding IoT footprint in these sectors is predicted to make them more vulnerable to digital attacks, increasing the risk to critical infrastructure.

The 20 Coolest Network Security Companies Of 2023: The Security 100

CRN, SonicWall News: Key offer­ings from SonicWall in the realm of next-gener­ation firewalls include the SonicWall NSa 5700, which utilizes a scalable hardware architecture designed to fit in a single rack-mountable unit. The high port density of the NSa 5700 includes multiple 10-Gigabit Ether­net and 1-Gigabit Ethernet fiber and copper interfaces.

CEO Outlook 2023

CRN, SonicWall News: One of the biggest opportunities we will be tackling with our partners is providing a broader set of unified and cost-effective solutions that fully secure the evolving network perimeter. For many of our partners and customers, 2023 will represent a period of cautious and informed investment in IT and security – customers will demand more bang for their security buck.

Industry News

Billions of IoT and Enterprise Devices at Risk Due to New TPM 2.0 Flaws

Two critical security vulnerabilities were found in the Trusted Platform Module (TPM) 2.0 reference library specification. Both vulnerabilities could cause significant issues. The first is described as an out-of-bounds write while the other is an out-of-bounds read. IoT devices and enterprise devices were among the devices deemed most vulnerable, but all systems that utilize TPM could be vulnerable. According to Hacker News, the function of TPM is to secure cryptographic functions and physical security mechanisms to thwart bad actors. All users should implement the latest updates from both TCG and their vendors to ensure these vulnerabilities are addressed.

Iranian Threat Group Targeting Female Activists in Wake of Protests

The controversial death of Iranian women’s rights activist Mahsa Amini sparked protests and outrage among Iranians late last year. Now it appears that the state-sponsored threat group known as Cobalt Illusion is targeting female protesters on Twitter in a spear-phishing campaign. The threat group uses a fake Twitter account posing as a US think tank to lure victims in and build rapport with them before carrying through their phishing attack. Dark Reading says Cobalt Illusion was using the protests to find a common ground with the women. The information stolen by the threat group is used in multiple ways – notably to inform the Iranian government and military of victims’ activities.

GitHub to Enforce 2FA Among All Contributors Beginning Next Week

Any developer who writes code for any project on GitHub’s platform will now be required to implement two-factor authentication (2FA). The new policy will start to be implemented on March 13th and continue to expand through the remainder of 2023. Multi-factor authentication has been gaining steam in recent years as it is a great way for companies to significantly reduce risks from certain cyber threats. According to TechCrunch, GitHub has over 100 million users who are developers, so this move toward stronger security will be far reaching. This announcement comes on the heels of the Biden administration urging large tech companies to accept more responsibility for ensuring that they have strong security postures. GitHub’s 2FA rollout will begin next week and continue until all developers are enrolled.

Medusa Ransomware Gang Reveals Data to Minneapolis School District

The Medusa ransomware gang is asking for $1 million after sending the Minneapolis Public School (MPS) district an hour-long video showing all of the data that they stole. Dark Reading says the cybercriminals gave MPS a deadline of March 17 to make the payment, and made it known that they will accept $1 million from other buys before that deadline as well. This attack is a stark reminder that last year 1 in 4 schools were the victims of a cyberattack.

Scammers Using Games to Steal Cryptocurrency says FBI

The FBI has warned that millions of dollars in cryptocurrency are being stolen through online and mobile games. Bleeping Computer states that the cybercriminals accomplish this by creating custom games and apps that promise players large monetary rewards to victims that they’ve built rapport with online. The threat actors build an actual relationship with the victims before inviting them to play their fake games. They promise the users that the game rewards them with potentially large amounts of cryptocurrency for simple tasks like maintaining a virtual farm. The app prompts the user to store large amounts of cryptocurrency in their scam crypto-wallet and, over time, tempts them to store more crypto-currency in the wallet. Once the user stops making deposits, the scammers drain the wallet of all funds. The FBI has asked all victims to report crimes to the Internet Crime Complaint Center to help them stop these scams.

SonicWall Blog

Recognizing Outstanding Partner and Distributor Performance in 2022 – Bob VanKirk

Latest Threat Intelligence Reveals Rising Tide of Cryptojacking– Amber Wolff

Latest Threat Intelligence Tracks Shifting Cyber Frontlines in 2022 – Amber Wolff

New SMA Release Updates OpenSSL Library, Includes Key Security Features – Jai Balasubramaniyan

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

Latest Threat Intelligence Reveals Rising Tide of Cryptojacking

Threat actors looking for a steadier (and stealthier) income stream pushed cryptojacking to record highs in 2022.

Late February was a wakeup call for anyone who still thought it was a good idea to illegally download software: Researchers identified a new version of cryptojacking malware hiding within cracked versions of Apple’s Final Cut Pro video editing app. This macOS-targeting malware was designed to turn the tables on pirates by hijacking their computers and using them to illegally mine Monero.

While this isn’t the first time XMRig, a perfectly legal cryptominer, has been identified in pirated Final Cut Pro software, this version is particularly stealthy. If a user happens to notice their machine’s performance is suffering and opens Activity Monitor to find the source of the trouble, XMRig shuts down to avoid detection, then relaunches once Activity Monitor is closed.

What is Cryptojacking?

Cryptojacking refers to the act of using a computer or other device to mine cryptocurrency without the knowledge or consent of the device’s owner. This process is often very resource-intensive, and can cause the device’s performance to suffer or result in higher electric bills for the target.

Cryptojacking Reached Record High in 2022

While companies such as Apple are working to bolster their defenses against cryptojacking campaigns, recent data suggests this may continue to be an uphill battle.

In the 2023 SonicWall Cyber Threat Report, SonicWall Capture Labs threat researchers reported a 43% year-over-year increase in cryptojacking attempts in 2022. This spike pushed attack volume past the 100-million mark for the first time ever and set a new record high of 139.3 million attacks by year’s end.

SonicWall also observed a shift in the locations being targeted. While North America experienced a 36% year-over-year increase, Asia and Europe both saw triple-digit increases, with the latter recording 6.5 times the number of attacks in 2022 as in 2021.

As noted in the report, some of this growth may be due to threat actors supplementing or shifting from ransomware to more low-profile revenue streams. At least one ransomware gang has publicly announced they were shutting down their ransomware operation in favor of cryptojacking. And based on the 21% year-over-year decrease in ransomware attacks observed by SonicWall in 2022, others have likely followed suit.

Attacks Becoming More Prevalent, Stealthy and Sophisticated

As cryptojacking becomes more widely adopted, it’s also expanding its territory, with threat actors continuing to broaden their scope beyond traditional Windows-based attacks. In addition to the recently discovered Final Cut Pro campaign, cryptominers have also been identified hitching a ride on other apps designed for Macs, such as Adobe Photoshop and Apple Logic Pro.

Linux servers and even internal Redis servers were also popular targets for cryptojacking campaigns in 2022. While we reported on the growth in Redis attacks in our 2023 Cyber Threat Report, in just the week since its launch, another cryptojacking campaign targeting Redis has been identified — this one leveraging the legitimate tool transfer[.]sh.

And as cryptojacking continues to pick up steam, cybercriminals are becoming increasingly innovative. For example, in January 2023, threat actors used automation to create 130,000 free trial accounts on cloud platform services, with the end goal of exploiting GitHub Actions workflows for illicit cryptomining.

With cryptojacking attacks on the rise and the cyber landscape continuing to evolve, staying up to date on the latest threat intelligence has never been more important.

“It is crucial for organizations to understand attackers’ tactics, techniques and procedures (TTPs), and commit to threat-informed cybersecurity strategies to defend and recover successfully from business-disrupting events,” said SonicWall Threat Detection and Response Strategist Immanuel Chavoya. “This includes stopping sophisticated ransomware attacks as well defending emerging threat vectors, including IoT and cryptojacking.”

Cybersecurity News & Trends – 03-03-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

It’s the first week of March, and the 2023 SonicWall Cyber Threat Report was released this week! SonicWall has been dominating the news cycle following its release. MSN quoted our CEO, Bob VanKirk, about the great need for cybersecurity among all businesses. ITPro cited data from the 2023 Threat Report. CRN quoted Bob VanKirk as well about 2022 ransomware numbers. Evening Standard cited the 2023 Threat Report’s cryptojacking data. The 2023 Cyber Threat Report has made a huge splash in the media and will continue to do so all year.

In industry news, TechCrunch had the lowdown on the major ransomware attack at Dish Network. Dark Reading shared details of the follow-up attack at LastPass. Hacker News had the scoop on the first UEFI bootkit to bypass Windows 11 Secure Boot, and Bleeping Computer reported on the Russian government banning use of certain foreign communication apps.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Covert Cyberattacks on The Rise as Attackers Shift Tactics for Maximum Impact

HelpNetSecurity, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 million), according to SonicWall.

2023 Could Be the Biggest Ever Year for Cybercrime

TechRadarPro, SonicWall News: 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals.

Spikes In IoT Malware, Cryptojacking Offset Decline in Ransomware In 2022

MSSP Alert, SonicWall News: SonicWall researchers recorded the second-highest year on record for global ransomware attempts but it was an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) that signaled a shift in the overall threat landscape in 2022, the company said in a new report.

Cybercrime Spiked In 2022 — And This Year Could Be Worse

Digital Trends, SonicWall News: Last year saw a massive spike in cybercrime, with some types of malicious digital activity rising by as much as 87%. It doesn’t bode well — but there were a couple of relative bright spots. That information comes from a new report published by cybersecurity firm SonicWall. It makes for interesting reading, especially since one of the biggest rises came from an unusual source — and one of the most feared types of malware saw a hefty drop.

Ransomware Attacks Plunged 48 Percent in US Last Year: SonicWall

CRN, SonicWall News: In a major reversal from prior years, the volume of ransomware attacks globally dropped by 21 percent in 2022, year-over-year, with a 48-percent decline in the U.S., SonicWall said in a new report Tuesday. It’s encouraging that we’re seeing a decrease” in ransomware attacks, SonicWall CEO Bob VanKirk said in an interview with CRN. At the same time, “the number of attacks still is staggering,” VanKirk said.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

Evening Standard, SonicWall News: The scale of the threat posed to companies and consumers by cyberattacks was laid bare today in a new report which reveals global ransomware attempts hit their second highest year on record in 2022.

Cyber intrusion attempts and malware attacks climbed 19% and 2% respectively, according to the Global Cyberattack Trends report by SonicWall, while crypto-theft attacks jumped 43% to reach a record high. The volume of ransomware attacks was especially severe in the UK, climbing a staggering 112% in 2022, the report found, despite a 21% decrease in attacks worldwide.

Experts Spot Half a Million Novel Malware Variants in 2022

InfoSecurity, SonicWall News: Global malware detections increased 2% year-on-year (YoY) in 2022 to hit 5.5 billion, with never-before-seen variants surging 5%, according to SonicWall. The security vendor captured threat intelligence from its global SonicWall Capture Threat network, including one million security sensors, in order to compile its 2023 SonicWall Cyber Threat Report.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

MSN, SonicWall News: Bob Vankirk, CEO of SonicWall, said: “The past year reinforced the need for cybersecurity in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance. While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”

State-Sponsored Hackers Are Diversifying Tactics, Targeting Small Businesses

IT Pro, SonicWall News: State-sponsored threat actors are increasingly shifting their focus towards SMBs and smaller enterprises, according to new research. While large enterprises, public services, and critical national infrastructure have traditionally been key targets for state-sponsored threat actors, SonicWall’s 2023 Cyber Threat Report predicted that groups will ‘diversify’ their tactics in 2023 to target SMBs and a “broader set of victims.”

Cybersecurity Predictions for 2023 – Things You Should Know

Utah Pulse, SonicWall News: SonicWall reports a 328% YoY increase in healthcare ransomware attacks in 2022, and healthcare and education are expected to be among the most targeted sectors in 2023. The expanding IoT footprint in these sectors is predicted to make them more vulnerable to digital attacks, increasing the risk to critical infrastructure.

The 20 Coolest Network Security Companies Of 2023: The Security 100

CRN, SonicWall News: Key offer­ings from SonicWall in the realm of next-gener­ation firewalls include the SonicWall NSa 5700, which utilizes a scalable hardware architecture designed to fit in a single rack-mountable unit. The high port density of the NSa 5700 includes multiple 10-Gigabit Ether­net and 1-Gigabit Ethernet fiber and copper interfaces.

CEO Outlook 2023

CRN, SonicWall News: One of the biggest opportunities we will be tackling with our partners is providing a broader set of unified and cost-effective solutions that fully secure the evolving network perimeter. For many of our partners and customers, 2023 will represent a period of cautious and informed investment in IT and security – customers will demand more bang for their security buck.

Industry News

Personal Data Stolen in Dish Network Ransomware Attack

Dish Network is experiencing a prolonged outage on its website, apps and customer support services following a ransomware attack last week. In a public filing, Dish said that the threat actors had successfully exfiltrated data from their servers that may contain personal information. TechCrunch spoke with several Dish Network customers who said they have not had TV service since last Thursday. No attackers have yet taken credit for the breach, but it’s suspected that the Black Basta ransomware gang is responsible.

LastPass Vault Data Lost in Follow-up Attack

LastPass has experienced another breach from the same threat actors that infiltrated their development environment in August 2022. According to Dark Reading, LastPass lost the decryption keys for a large amount of customer and encrypted vault data. The threat actors accessed the data by infiltrating the home computer of a LastPass DevOps engineer who had the data. The attack utilized a vulnerable media player on the engineer’s home computer. LastPass did make a statement reminding end users that their master passwords are not known or stored by LastPass, so they were not stolen in the breach.

BlackLotus UEFI Bootkit Malware Bypasses Windows 11 Secure Boot

In a first for Windows 11, a Unified Extensible Firmware Interface (UEFI) bootkit has bypassed Secure Boot. The UEFI bootkit is called BlackLotus, and is the first UEFI bootkit to pull off such a feat which makes it a danger to any system running Windows 11. BlackLotus was first sold in October 2022 and the seller did claim it was capable of bypassing Secure Boot. The seller also claimed it could disable security software. At a price of only $5,000, it’s a much more accessible tool for a broader range of cyber criminals. According to Hacker News, exploiting the Secure Boot vulnerability allows the attacker to execute arbitrary code during early boot phases which allows the attacker to wreak havoc on a user’s system. It’s not yet known exactly how the bootkit is deployed, but Microsoft will surely want to patch this vulnerability quickly and thoroughly.

Foreign Communication Apps Banned in Russian Government Organizations

Laws banning foreign messaging applications in the Russian government have started being enforced this week. Roskomnadzor, Russia’s internet control agency, announced the new restrictions this week. The services banned by the Russian government include Discord, Microsoft Teams, Skype for business, Snapchat, Telegram, Threema, Viber, WhatsApp and WeChat. As of now, the ban only applies to Russian government and state agencies. Russian citizens can still use the communication apps. According to Bleeping Computer, Roskomnadzor did not ban Zoom or the encrypted messaging app Signal.

SonicWall Blog

Latest Threat Intelligence Tracks Shifting Cyber Frontlines in 2022 – Amber Wolff

New SMA Release Updates OpenSSL Library, Includes Key Security Features – Jai Balasubramaniyan

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

Cybersecurity News & Trends – 02-24-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

We’re nearing the end of February, and SonicWall is still receiving positive press. Cyber Security Intelligence looked to SonicWall for data on higher education. CRN discussed SonicWall’s plans for 2023 and some of the features of the NSa 5700. Utah Pulse discusses our data on healthcare and education.

In industry news, Dark Reading reported on a U.S. military email server being exposed and Google bug bounty programs setting records. Hacker News has the scoop on the spam and phishing attacks at NPM. Bleeping Computer covered Activision’s phishing attack as well as a multi-year breach at GoDaddy.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Cybersecurity Predictions for 2023 – Things You Should Know

Utah Pulse, SonicWall News: SonicWall reports a 328% YoY increase in healthcare ransomware attacks in 2022, and healthcare and education are expected to be among the most targeted sectors in 2023. The expanding IoT footprint in these sectors is predicted to make them more vulnerable to digital attacks, increasing the risk to critical infrastructure.

The 20 Coolest Network Security Companies Of 2023: The Security 100

CRN, SonicWall News: Key offer­ings from SonicWall in the realm of next-gener­ation firewalls include the SonicWall NSa 5700, which utilizes a scalable hardware architecture designed to fit in a single rack-mountable unit. The high port density of the NSa 5700 includes multiple 10-Gigabit Ether­net and 1-Gigabit Ethernet fiber and copper interfaces.

CEO Outlook 2023

CRN, SonicWall News: One of the biggest opportunities we will be tackling with our partners is providing a broader set of unified and cost-effective solutions that fully secure the evolving network perimeter. For many of our partners and customers, 2023 will represent a period of cautious and informed investment in IT and security – customers will demand more bang for their security buck.

Universities Targeted with Ransomware

Cyber Security Intelligence, SonicWall News: According to research carried out by threat analysts at SonicWall there was a 51% increase in ransomware attacks within the education sector in 2022. They predicted the education sector to be among the most targeted by cyber criminals in 2023. This is certainly proving to be true so far.

Ransomware Attacks Aimed at Manufacturing Grew By 50pc in 2022

SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of SonicWall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

Genie Out of The Bottle: ChatGPT Has Shaken Up the AI Sector

SiliconRepublic, SonicWall News: In recent AI predictions for 2023, experts such as Immanuel Chavoya of SonicWall said new software will give threat actors the ability to quickly exploit vulnerabilities and reduce the technical expertise required “down to a five-year-old level.”

Stolen MTU Data Appears on Dark Web Following IT Breach

SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of Sonicwall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

Ryuk, Conti Ransomware Members Hit with UK Sanctions in Latest Crackdown

ITPro, SonicWall News: In 2020 – the third year of it being considered a major strain – security firm SonicWall revealed it was behind a third of ransomware attacks worldwide for the year.

Global Hacker Attack May Reach Brazil but Risk Is Limited, Says Experts

GQ Brasil, SonicWall News: Arley Brogiato, director for Latin America and the Caribbean of the multinational security company SonicWall, does not exclude the possibility of these attacks reaching Brazilian companies, but says he is surprised by the alerts and the dissemination of the news, which on the morning of last Monday (6) competed with football game calendars and the price of cooking gas in Manaus the most sought after Google Trends.

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition

SonicWall Blog, SonicWall News: SonicWall Chief Revenue Officer (CRO) Jason Carter and Vice President Americas Channel Sales Matt Brennan have been named to CRN’s 2023 Channel Chiefs list. Every year, CRN honors the IT channel executives who drive the channel success and evangelize the importance of channel partnerships within the IT industry.

Challenges For Startups in The IoT Sector
TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.

JD Sports Cyber Attack: Why Online Retail Is Vulnerable and What Can Be Done?

Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.

Industry News

Activision Breached Following Phishing Attack

Gaming giant Activision revealed that they were the victim of a data breach in December 2022 exposing employee and game info. According to Bleeping Computer, hackers gained access to their systems by using a phishing SMS that successfully tricked an employee. No source data or player info was exposed in the leak. A research group called VX-Underground claims that sensitive employee information as well the companies release schedule up to November 2023 was stolen in the attack. Insider Gaming reported that the compromised employee was in the human resources department which netted the attackers access to large amounts of sensitive employee data.

Google Bug Bounties Break Records

Last year, Google awarded more than $12 million to ethical hackers and researchers for bug bounties while addressing over 2,900 vulnerabilities in its products. According to Dark Reading, that total eclipses the previous years dollar amount of $8.5 million. Bug bounties in the Android ecosystem alone netted white hats $4.8 million. Google released their annual Vulnerability Reward Program (VRP) report, and it showed multiple segments of their VRP set records in 2022.

U.S. Military Emails Exposed Due to Password Mishap

A cloud-based email server for the Department of Defense spent two weeks without password protection leaving it wide open to the public. A security researcher spotted the server and noticed sensitive information in the emails. According to Dark Reading, the email server appeared to be configured improperly. It’s not known if anyone aside from the security researcher found the exposed data during the two-week period it was unprotected. There was no classified data leaked from the server.

NPM Repository Attacked with Spam and Phishing Links

An attack on the widely used JavaScript package manager NPM has resulted in one of its repositories being flooded with over 15,000 spam packages. The threat actors were attempting to distribute phishing links on the open-source platform. According to Hacker News, the fake packages were attempting to pass off as free goodies. Some of the packages were called things like “free-tiktok-followers,” or “free-xbox-codes.” The attackers used automation to post a large number of packages quickly.

GoDaddy Reveals They Suffered Multi-year Breach

Popular web hosting company GoDaddy has been the victim of a multi-year breach that has resulted in their source code being stolen. GoDaddy says currently unknown attackers placed malware on their servers after infiltrating them. The attack was discovered in December 2022 when some GoDaddy users reported that their domains were now being redirected to random websites. While it was only discovered in December, GoDaddy revealed that the attackers had access to their networks for multiple years. According to Bleeping Computer, the breaches that GoDaddy experienced in November 2021 and March 2020 are related to this multi-year breach. GoDaddy has enlisted the help of external cybersecurity experts and law enforcement to investigate the cause of the incident.

SonicWall Blog

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

Cybersecurity News & Trends – 02-17-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

It’s Valentine’s week, and SonicWall is getting love from media outlets once again. SiliconRepublic talked to our own Spencer Starkey about his predictions for 2023 and quoted Immanuel Chavoya’s thoughts on artificial intelligence.

In industry news, Bleeping Computer has the low-down on Apple and Microsoft’s zero-day issues and has informed us of another zero-day exploit that was used to breach 130 organizations. Dark Reading reported on a former cybersecurity entrepreneur from Russia being convicted of a hack-to-trade scheme. Hacker News warns of a North Korean threat actor targeting South Korean systems as well as a flurry of attacks from the notorious SideWinder group.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Ransomware Attacks Aimed at Manufacturing Grew By 50pc in 2022

SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of SonicWall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

Genie Out of The Bottle: ChatGPT Has Shaken Up the AI Sector

SiliconRepublic, SonicWall News: In recent AI predictions for 2023, experts such as Immanuel Chavoya of SonicWall said new software will give threat actors the ability to quickly exploit vulnerabilities and reduce the technical expertise required “down to a five-year-old level.”

Stolen MTU Data Appears on Dark Web Following IT Breach

SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of Sonicwall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

Ryuk, Conti Ransomware Members Hit with UK Sanctions in Latest Crackdown

ITPro, SonicWall News: In 2020 – the third year of it being considered a major strain – security firm SonicWall revealed it was behind a third of ransomware attacks worldwide for the year.

Global Hacker Attack May Reach Brazil but Risk Is Limited, Says Experts

GQ Brasil, SonicWall News: Arley Brogiato, director for Latin America and the Caribbean of the multinational security company SonicWall, does not exclude the possibility of these attacks reaching Brazilian companies, but says he is surprised by the alerts and the dissemination of the news, which on the morning of last Monday (6) competed with football game calendars and the price of cooking gas in Manaus the most sought after Google Trends.

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition

SonicWall Blog, SonicWall News: SonicWall Chief Revenue Officer (CRO) Jason Carter and Vice President Americas Channel Sales Matt Brennan have been named to CRN’s 2023 Channel Chiefs list. Every year, CRN honors the IT channel executives who drive the channel success and evangelize the importance of channel partnerships within the IT industry.

Challenges For Startups in The IoT Sector

TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.

JD Sports Cyber Attack: Why Online Retail Is Vulnerable and What Can Be Done?

Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.

The Best Hardware Firewalls for Small Businesses

Ask by Geeks, SonicWall News: One of the best small business firewalls is the SonicWall TZ400 Security Firewall. The SonicWall TZ400 NGFW Premium is considered a little more expensive than other firewall options, but its security, reliability, ease of use, and unique features justify its price.

10 million Customers Exposed in JD Sports Cyber Attack

ITPro, SonicWall News: A study last year by SonicWall found that the retail sector saw a 264% surge in ransomware attacks between February 2021 and 2022. The widespread consumer shift to online shopping during the pandemic prompted hackers to escalate attacks against online retailers.

Three Ways Governments Can Better Protect Public Data

Networking+, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.

2023 Predictions: Emerging Tech & Global Conflict Bring New Cyber Threats

CyberSecurityInsiders, SonicWall News: 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.

Cybersecurity ‘More Critical Than Ever’ In Era of Connected Care: BD

MedTechDive, SonicWall News: Ransomware attacks in which cybercriminals attempt to extort money declined by 23% overall during the first half of 2022 but increased 328% in healthcare, according to data from cybersecurity company SonicWall.

Industry News

SideWinder Group Responsible for Over 60 Attacks According to Researchers

The notorious threat actor group known as SideWinder has been linked to 61 attacks across Sri Lanka, Bhutan, Nepal, Afghanistan and Myanmar. According to Hacker News, the groups targets include government, finance, military and other organizations. Their typical attacks start with a spear-phishing email that includes a bogus URL. The URL directs victims to a site where the main malware is dropped onto their computer. It was also stated that SideWinder has added new tools to its threat arsenal. The ability to reload and retool so frequently suggests that SideWinder has considerable financial backing – perhaps even from a nation-state.

CISA Warns of Zero-days Being Exploited On iOS and Windows

Four new exploits were added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) list of exploits found in the wild this week. Three of them affected Microsoft products, and Microsoft patched all three on Tuesday as part of their February 2022 patch. The fourth affected WebKit on Apple devices and was acknowledged by Apple on Monday. Apple released emergency security updates to address the issues. According to Bleeping Computer, CISA has now given U.S. federal agencies until March 7th to patch all four exploits.

Clop Ransomware Gang Uses Zero-Day to Breach 130 Organizations

GoAnywhere MFT secure file transfer tool has been exploited for a zero-day vulnerability. The exploit allowed the attackers to execute code remotely on the compromised systems. According to Bleeping Computer, the ransomware gang known as Clop reached out last week to inform BleepingComputer that they had used this vulnerability to breach 130 organizations already. They refused to go into details on whether they had already begun demanding ransoms from their victims or not. Reporter Brian Krebs reported that GoAnywhere MFT had warned of this exploit last week. Fortra, the developer of GoAnywhere MFT, said, “We are working directly with customers to assess their individual potential impact, apply mitigations and restore systems.” The full impact of the breaches is still unknown.

Tesla, Roku Hacker from Russia Faces Decades in Prison

Vladislav Klyushin has been found guilty by a U.S. district court for crimes involving information theft from U.S. networks. Klyushin is a former cybersecurity businessman from Russia. According to a release from the United States Justice Department, Klyushin was arrested in Sion, Switzerland, in 2021 before being sent to the U.S. to stand trial. U.S. attorney Rachael S. Rollins said, “For nearly three years, he and his co-conspirators repeatedly hacked into U.S. computer networks to obtain tomorrow’s headlines today.” Klyushin and his co-conspirators used the stolen information to gain money through insider trading. According to Dark Reading, the charges of security fraud and wire fraud could each put him behind bars for 20 years. Klyushin will face sentencing on May 4th.

North Korean Threat Actor Targeting South Korea with Malware

A threat actor who has been linked to North Korea has been caught targeting South Korea with a new malware. They’re calling the new malware M2RAT, and the threat actor is being tracked as APT37. According to Hacker News, this cybercriminal is also tracked under the monikers ScarCruft, Ricochet Chollima, Red Eyes and Reaper. The new malware was observed in January 2023, and it uses a now-patched vulnerability in the South Korean word processor Hangul. This same vulnerability was exploited in 2017 but the North Korean Lazarus group to target South Korean cryptocurrency exchanges.

SonicWall Blog

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

Cybersecurity News & Trends – 02-10-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

Winter is rolling on, and SonicWall is still plowing its way into headlines. ITPro cited our data while discussing major ransomware strains. Our Director of Regional Sales in LATAM, Arley Brogiato, spoke with GQ Brasil. We congratulate SonicWall’s Jason Carter and Matt Brennan for earning 2023 CRN Channel Chief Recognition.

In industry news, Bleeping Computer reported on a grocery delivery service breach that affected over 1 million customers and a Canadian bookstore that suffered a major attack. Dark Reading told the tale of an ethical hacker gaining control of Toyota’s internal systems. Ransomware is running loose on an unpatched VMWare product according to Hacker News. IT Security Guru reported on an attack from the notorious LockBit ransomware gang that halted London stock trading.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Ryuk, Conti Ransomware Members Hit with UK Sanctions in Latest Crackdown

ITPro, SonicWall News: In 2020 – the third year of it being considered a major strain – security firm SonicWall revealed it was behind a third of ransomware attacks worldwide for the year.

Global Hacker Attack May Reach Brazil but Risk Is Limited, Says Experts

GQ Brasil, SonicWall News: Arley Brogiato, director for Latin America and the Caribbean of the multinational security company SonicWall, does not exclude the possibility of these attacks reaching Brazilian companies, but says he is surprised by the alerts and the dissemination of the news, which on the morning of last Monday (6) competed with football game calendars and the price of cooking gas in Manaus the most sought after Google Trends.

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition

SonicWall Blog, SonicWall News: SonicWall Chief Revenue Officer (CRO) Jason Carter and Vice President Americas Channel Sales Matt Brennan have been named to CRN’s 2023 Channel Chiefs list. Every year, CRN honors the IT channel executives who drive the channel success and evangelize the importance of channel partnerships within the IT industry.

Challenges For Startups in The IoT Sector

TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.

JD Sports Cyber Attack: Why Online Retail Is Vulnerable and What Can Be Done?

Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.

The Best Hardware Firewalls for Small Businesses

Ask by Geeks, SonicWall News: One of the best small business firewalls is the SonicWall TZ400 Security Firewall. The SonicWall TZ400 NGFW Premium is considered a little more expensive than other firewall options, but its security, reliability, ease of use, and unique features justify its price.

10 million Customers Exposed in JD Sports Cyber Attack

ITPro, SonicWall News: A study last year by SonicWall found that the retail sector saw a 264% surge in ransomware attacks between February 2021 and 2022. The widespread consumer shift to online shopping during the pandemic prompted hackers to escalate attacks against online retailers.

Three Ways Governments Can Better Protect Public Data

Networking+, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.

2023 Predictions: Emerging Tech & Global Conflict Bring New Cyber Threats

CyberSecurityInsiders, SonicWall News: 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.

Cybersecurity ‘More Critical Than Ever’ In Era of Connected Care: BD

MedTechDive, SonicWall News: Ransomware attacks in which cybercriminals attempt to extort money declined by 23% overall during the first half of 2022 but increased 328% in healthcare, according to data from cybersecurity company SonicWall.

IT Services Industry Looks to Cyber, Cloud Consulting for Growth

TechTarget, SonicWall News: Logically’s MSSP offerings include extended detection and response, endpoint detection and response, and MDR; enterprise-level managed firewall services; and cybersecurity assessments, according to Skeens. The company runs a SOC. The company’s IT security technology partners include SonicWall.

The Sonicwall NSsp 15700 Brings Serious Network Protection Super Powers

iTWire, SonicWall News: iTWire really could go on and on; the list of features is almost endless. There is a database of applications for intelligent packet analysis, support for IoT devices, DNS protection, and more. However, the best thing right now is to take it for a spin yourself. You can demo the SonicWall NSsp series firewalls online without any installation or commitment and see all the features and benefits in action.

Royal Mail ‘Cyber Incident’ Causes Widespread Disruption

Strategic Risk, SonicWall News: There were 623 million ransomware attacks globally in 2021 according to Sonic wall, representing a 105% year on year increase. The UK saw a 228% surge and a 65% increase in never-seen-before malware.

Industry News

Weee! Grocery Service Discloses Data Breach Affecting Over 1 million Customers

The self-proclaimed largest Asian and Hispanic grocery delivery service in North America, Weee!, lost the personal data of 1.1 million customers in a recent breach. According to Bleeping Computer, a bad actor with the username ‘IntelBroker,’ began leaking data from Weee! on a data breach forum. The leak contained customers names, phone numbers, email addresses, device types, order notes and other data. Weee! does not retain customer payment information in their databases, so no customer payment data was lost. Weee! stated that they would notify all impacted customer individually if their information was exposed.

Cyberattack Disrupts London Stock Trading

A ransomware attack brought London stock trading to a screeching halt last week. The ransomware group LockBit targeted Ion Markets in an attack. Ion Markets is a financial data group that supports a large amount of derivatives trading in the London market. According to IT Security Guru, 42 clients were affected by the attack. The attack even forced some groups to begin processing trades manually. LockBit allegedly used its signature ransomware attack which locks the victims out of accessing their data through encryption and leaves a note demanding payment. The company said all affected servers have been disconnected and they’re working to resolve the issue.

Hacker Gains SysAdmin Privileges to Toyota Through Portal Flaw

A web app for Toyota employees was broken into by an ethical hacker who simply knew the email address of one of the users. The security researcher revealed that he discovered the backdoor entrance into the app in October. In a blog post about the attack, he revealed that he was able to log in as any corporate user or supplier. He used that entryway to log in as a system administrator and therefore gain total control over the app. According to Dark Reading, he then had full access to internal projects, documents and user accounts. This is yet another sign that every business should be taking extra care with their cybersecurity. Toyota is lucky that this hacker was ethical.

Canadian Bookseller Goes Dark Following Cyberattack

The largest book retailer in Canada, Indigo Books & Music, shut down following a cyberattack. The retailer was forced to take its website offline and resort to cash only payments at its physical locations. The attack even made gift card purchases impossible. According to Bleeping Computer, it’s still unclear what type of attack the bookseller suffered. The retailer released a statement indicating they are working with a third party to determine the cause and resolve the situation.

VMWare Bug Exploitation Attracts Ransomware Attacks

According to Hacker News, attacks focused on VMWare ESXi hypervisors are deploying ransomware on vulnerable systems. The attacks are targeting outdated software. A patch has been available since February 2021. The experts believe it can be traced to a Rust-based ransomware strain called ‘Nevada.’ VMWare recommends users update to the latest patch to avoid any issues.

SonicWall Blog

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

Cybersecurity News & Trends – 02-03-2023

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

It’s the first week of February, and SonicWall has continued to draw interest in the news for excellent products and relevant research. Ask by Geek calls the TZ400 one of the best firewalls for small businesses. Charged Retail cites SonicWall’s data to contextualize a breach in the retail sector. Networking+ discusses rising ransomware numbers using data from our threat report.

It’s been another busy week for the cybersecurity world. Bleeping Computer has the lowdown on a recent attack from Russia’s Sandworm hacking group. Dark Reading warns of the return of North Korea’s state-backed hacker organization known as Lazarus. Google Fi lost customer data in a breach reported on by TechCrunch. Info Security breaks down how threat actors have been impersonating DocuSign in an elaborate phishing scheme. Hacker News unravels a Realtek vulnerability that is wreaking havoc on IoT devices.

Keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Challenges For Startups in The IoT Sector

TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.

JD Sports Cyber Attack: Why Online Retail Is Vulnerable and What Can Be Done?

Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.

The Best Hardware Firewalls for Small Businesses

Ask by Geeks, SonicWall News: One of the best small business firewalls is the SonicWall TZ400 Security Firewall. The SonicWall TZ400 NGFW Premium is considered a little more expensive than other firewall options, but its security, reliability, ease of use and unique features justify its price.

10 million Customers Exposed in JD Sports Cyber Attack

ITPro, SonicWall News: A study last year by SonicWall found that the retail sector saw a 264% surge in ransomware attacks between February 2021 and 2022. The widespread consumer shift to online shopping during the pandemic prompted hackers to escalate attacks against online retailers.

Three Ways Governments Can Better Protect Public Data

Networking+, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.

2023 Predictions: Emerging Tech & Global Conflict Bring New Cyber Threats

CyberSecurityInsiders, SonicWall News: 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.

Cybersecurity ‘More Critical Than Ever’ In Era of Connected Care: BD

MedTechDive, SonicWall News: Ransomware attacks in which cybercriminals attempt to extort money declined by 23% overall during the first half of 2022 but increased 328% in healthcare, according to data from cybersecurity company SonicWall.

IT Services Industry Looks to Cyber, Cloud Consulting for Growth

TechTarget, SonicWall News: Logically’s MSSP offerings include extended detection and response, endpoint detection and response, and MDR; enterprise-level managed firewall services; and cybersecurity assessments, according to Skeens. The company runs a SOC. The company’s IT security technology partners include SonicWall.

The Sonicwall NSsp 15700 Brings Serious Network Protection Super Powers

iTWire, SonicWall News: iTWire really could go on and on; the list of features is almost endless. There is a database of applications for intelligent packet analysis, support for IoT devices, DNS protection and more. However, the best thing right now is to take it for a spin yourself. You can demo the SonicWall NSsp series firewalls online without any installation or commitment and see all the features and benefits in action.

Royal Mail ‘Cyber Incident’ Causes Widespread Disruption

Strategic Risk, SonicWall News: There were 623 million ransomware attacks globally in 2021 according to Sonic wall, representing a 105% year on year increase. The UK saw a 228% surge and a 65% increase in never-seen-before malware.

8 Safety Solutions to Keep Your Business Secure

Business Info, SonicWall News: Network security devices are essential for any business. They establish a firewall that will protect internal networks from external threats, such as attacks from the internet. The SonicWall TZ270 uses Real-Time Deep Memory Inspection to prevent cyber-attacks.

Safe Homes: Security Tech for Remote Workers

Silicon, SonicWall News: Speaking to Silicon UK, Rick Meder, VP of Strategic Partnerships and Platform Architecture at SonicWall, commented: “With most employees no longer within the protected perimeter of a traditional corporate network, the basic secure access tools in place for remote access workers have become quickly inadequate. The potential attack surface expands exponentially, oversite by security staff is met with extreme challenges, and policy complexity reaches levels like never before. Efforts to uphold an adequate security posture while maintaining workforce productivity quickly become overwhelming.”

Industry News

Realtek Vulnerability is Real Problem for IoT Devices

A now-patched vulnerability in Realtek’s Jungle SDK has resulted in over 134 million hack attempts on IoT devices since August 2022. Threat actors have been abusing the vulnerability to try and infect devices across the globe. The exploit makes some devices manufactured by D-Link, ASUS, LG, Belkin and NETGEAR vulnerable. Hacker News warned users of the importance of updating devices regularly to protect them from exposure to attacks like this.

North Korean Lazarus Group Targeting Medical Research and Energy Intel

The North Korean hacker group known as Lazarus has made another appearance, this time targeting intel in medical research and the energy sector. The discovery was made by threat intelligence analysts at WithSecure. WithSecure was able to assert with high confidence that the attack came from Lazarus after discovering that the attacker made an operational security error. The actions carried out by Lazarus point to this being an intelligence-gathering attack. Per Dark Reading, Lazarus never lays low for long. They are a long-running group that is thought to be run by North Korea’s Foreign Intelligence and Reconnaissance Bureau. Lazarus first appeared on the scene in 2009 and has made numerous appearances since then with minimal time spent in the dark. Last year, Lazarus targeted Apple’s M1 chip in an attack. The group is a large source of income for the North Korean regime, so their attacks are usually both finance- and intel-based.

Sandworm Hacker Group Using Active Directory to Wipe Critical Files

A new malware capable of wiping critical files and data has been discovered following a cyberattack on a target in Ukraine. The malware, which the researchers who discovered it are calling ‘SwiftSlicer,’ uses Windows’ Active Directory Group Policy. The malware variant is being attributed to Russia’s Sandworm hacking group. According to Bleeping Computer, the target’s name has not been released. Sandworm recently attacked Ukrinform, which is Ukraine’s national news agency. A Tweet from ESET Research says, “Once executed, it deletes shadow copies; recursively overwrites files located in %CSIDL_SYSTEM%\drivers.” Bleeping Computer notes that by targeting that specific folder, the malware hopes to bring down entire Windows domains alongside wiping critical files. While the malware was only added to the Virus Total database on January 26, more than half of the antiviruses on the platform are currently detecting it.

Google Fi Loses Customer Data in Breach

Google’s cell phone service, Google Fi, lost customer data in a recent breach. The folks at TechCrunch believe it may be related to the recent T-Mobile breach that resulted in 37 million customers data being stolen. Google stated that information such as the content of calls and texts, payment card data, passwords, and customer personal information were not stolen in the breach. The attackers accessed limited customer information such as phone numbers, SIM card serial numbers and information on the type of plan customers were enrolled in. As of now, it’s unclear how many Google Fi customers were affected in the breach. Google has not made the total number of Google Fi customers public, so it is difficult to speculate how many people could be affected. Google notified customers in an email that they are attempting to secure the data and notify all customers whose data was taken.

Threat Actors Impersonate DocuSign to Target 10,000 People in Phishing Attack

A phishing attack from a group impersonating DocuSign targeted 10,000 users across multiple organizations. Attackers sent emails that managed to bypass security and reach the inbox of the targets. Cybersecurity researchers at Armorblox discovered the ploy and have issued guidance on how to avoid similar attacks. According to Info Security, victims were redirected to a fake DocuSign landing page after clicking the link provided in the email. The emails were sent from a valid domain to make it past security.

SonicWall Blog

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

Cybersecurity News & Trends – 01-27-2022

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

We’re nearing the end of January, and SonicWall is still roaring into headlines. Read about the NSsp 15700’s “superpowers,” as described by the folks at iTWire, and see how CyberSecurityInsider breaks down some of our latest threat intelligence. Take a look at MedTechDive citing some of our data and see TechTarget’s piece on one of our partners.

This week has been busy for industry news. The FBI has taken down the ransomware gang known as Hive, and we have information from Dark Reading, Axios and Reuters. Security Week reports that German airports, banks and government have been hit with Killnet DDoS attacks. TechCrunch reports that backups have been stolen from a breach at LastPass. At Hacker News, we’re hearing about vulnerabilities in Samsung’s Galaxy app store on Android. Bleeping Computer is reporting that Microsoft OneNote attachments are the latest trend in email-based malware.

SonicWall News

2023 Predictions: Emerging Tech & Global Conflict Bring New Cyber Threats

CyberSecurityInsiders, SonicWall News: 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.

Cybersecurity ‘More Critical Than Ever’ In Era of Connected Care: BD

MedTechDive, SonicWall News: Ransomware attacks in which cybercriminals attempt to extort money declined by 23% overall during the first half of 2022 but increased 328% in healthcare, according to data from cybersecurity company SonicWall.

IT Services Industry Looks to Cyber, Cloud Consulting for Growth

TechTarget, SonicWall News: Logically’s MSSP offerings include extended detection and response, endpoint detection and response, and MDR; enterprise-level managed firewall services; and cybersecurity assessments, according to Skeens. The company runs a SOC. The company’s IT security technology partners include SonicWall.

The Sonicwall NSsp 15700 Brings Serious Network Protection Super Powers

iTWire, SonicWall News: iTWire really could go on and on; the list of features is almost endless. There is a database of applications for intelligent packet analysis, support for IoT devices, DNS protection and more. However, the best thing right now is to take it for a spin yourself. You can demo the SonicWall NSsp series firewalls online without any installation or commitment and see all the features and benefits in action.

Royal Mail ‘Cyber Incident’ Causes Widespread Disruption

Strategic Risk, SonicWall News: There were 623 million ransomware attacks globally in 2021 according to SonicWall, representing a 105% year-on-year increase. The UK saw a 228% surge and a 65% increase in never-before-seen malware.

8 Safety Solutions to Keep Your Business Secure

Business Info, SonicWall News: Network security devices are essential for any business. They establish a firewall that will protect internal networks from external threats, such as attacks from the internet. The SonicWall TZ270 uses patented Real-Time Deep Memory Inspection (RTDMI) to prevent cyber-attacks.

Safe Homes: Security Tech for Remote Workers

Silicon, SonicWall News: Speaking to Silicon UK, Rick Meder, VP of Strategic Partnerships and Platform Architecture at SonicWall, commented: “With most employees no longer within the protected perimeter of a traditional corporate network, the basic secure access tools in place for remote access workers have become quickly inadequate. The potential attack surface expands exponentially, oversight by security staff is met with extreme challenges, and policy complexity reaches levels like never before. Efforts to uphold an adequate security posture while maintaining workforce productivity quickly become overwhelming.”

Finally, Ransomware Victims Are Refusing to Pay Up

The Register, SonicWall News: SonicWall in October 2022 said that it saw a 31 percent drop in ransomware attacks in the first nine months of the year, but that also was coming off record numbers recorded in 2021. CEO Robert VanKirk at the time told The Register there was an “unstable cyberthreat landscape” fed by expanded attack surfaces, growing numbers of threats, and a tense geopolitical environment that included the Russia’s attack on Ukraine. The CEO also noted that even though the numbers in 2022 were down, they were still higher than in any year but 2021.

Top 7 AI Trends to Watch Out for In 2023

Silicon, SonicWall News: Immanuel Chavoya, emerging threat expert at cybersecurity company SonicWall, believes new AI software will give threat actors the ability to quickly exploit vulnerabilities and reduce the technical expertise required “down to a five-year-old level.”

All You Need to Know About The ‘Godfather’ Malware Targeting This Country’s Financial System

AMB Crypto, SonicWall News: “The research titled “2022 SonicWall Cyber Threat Report” from cybersecurity company SonicWall claims that cryptojacking attacks have increased in the banking sector by 269% year-to-date. This figure is nearly five times higher than cyberattacks directed at the retail sector. According to the study from SonicWall, the total number of cryptojacking incidents increased by 30% to 66.7 million in the first half of 2022.”

An Evolving Landscape: Top 10 Cybersecurity Predictions For 2023

Silicon Republic, SonicWall News: “Spencer Starkey, channel sales EMEA VP for SonicWall, predicts that healthcare and education will be among the sectors most targeted by cyberattacks in 2023. The cybersecurity company claims the healthcare sector saw a 328% year-on-year increase in ransomware attacks last year.”

Royal Mail’s Export Service Hit with Major Cyber Incident And Is Experiencing ‘Severe Disruption’

City AM, SonicWall News: “Terry Greer-King, Head of EMEA at SonicWall, a cybersecurity firm, linked this cyber incident to declining cyber safety in the UK. Greene told City Am: “The cyber incident at the Royal Mail shows that the public sector, like all other industries, is still vulnerable to mass cyberattack. As legacy IT concerns become more apart across the UK’s public sector, the state of its cybersecurity is still a main topic that must be addressed, especially after 2021 brought a 94% increase in malware on the global government sector. As a service that people and businesses alike depend on day-to-day, ensuring its digital infrastructure remains secure must be a top priority. To truly safeguard national public-sector cybersecurity, the government must take real concerted action now,” he added.

Industry News

Russia-backed Hacker Group Killnet Attacks German Infrastructure

After Germany agreed to send aid to Ukraine in the form of tanks, the Russia-backed cybercriminal gang known as Killnet attacked airports, banks and government offices in Germany with DDoS attacks. While the attack was instigated by Killnet, it is likely that more people took part in it. Killnet announced the attack on Wednesday following Germany’s announcement of sending aid to Ukraine. According to Security Week, Germany is on high alert for cybercriminal activity due to the geopolitical unrest in Europe.

FBI Hacks Hive Ransomware Gang

In perhaps the week’s biggest news, the U.S. government has busted the infamous Hive ransomware gang. The group has been extremely active since it first appeared in 2021. According to Dark Reading, the gang has been operating a ransomware-as-a-service (RaaS) platform. The gang does not discriminate, as they have attacked schools, infrastructure and businesses alike. According to the U.S. Department of Justice, they have been infiltrating Hive’s systems since July 2022 and have captured their decryption keys. According to Reuters, this move from the FBI may have saved victims up to $130 million. Government hackers were able to break into Hive’s networks and distribute their decryption keys to victims across the world. The government hackers warned the victims in advance so they could take precautions against Hive. Hive was one of the most notorious cybercriminal gangs in the world. They typically extorted international businesses and demanded huge cryptocurrency payments in return.

According to Axios, this move from the DoJ is one of the most significant moves the U.S. government has taken against a ransomware gang. Before now, the U.S. has been tight-lipped about its operations against cybercriminal gangs. In the wake of the attack on the Colonial Pipeline in 2021, ransomware has become a priority for the U.S. government. The FBI’s director, Christopher Wray, said the investigation into Hive is still ongoing. It’s unclear how large of a dent this will make in global ransomware attacks, but one thing is certain – it’s a good day to be fighting against cybercriminals.

GoTo Encrypted Backups Stolen in LastPass Breach

GoTo, the parent company of the popular password manager LastPass, has revealed that customers’ encrypted backup data was stolen during a recent breach. According to LastPass, the attackers used information that was stolen during an incident in August 2022. According to TechCrunch, the breach also impacted several of GoTo’s products, including its VPN tool, Hamachi. GoTo CEO Paddy Srinivasan said, “The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of multi-factor authentication settings, as well as some product settings and licensing information.” Srinivasan also said GoTo is advising impacted customers to reset passwords and MFA settings.

Samsung’s Galaxy App Store Security Flaws

NCC Group has discovered two security flaws in Samsung’s Galaxy app store on Android. The vulnerabilities could allow threat actors to direct users to bogus landing pages or even install malicious apps on the user’s device. Hacker News reports that Samsung has patched the vulnerability to stop unauthorized access. These vulnerabilities only affect users who are running Android 12 or any version before that. Users who are running Android 13 are unaffected.

Microsoft OneNote Attachments Now Being Used to Spread Malware

Threat actors are now able to infect remote access users with phishing malware using OneNote attachments, according to Bleeping Computer. In the past, attackers have been able to attach malicious Excel and Word files to emails which ran macros on the infected computers to install malware. Microsoft has since disabled macros by default, which has forced threat actors to look elsewhere for getting malicious files from point A to point B. TrustWave SpiderLabs began warning users in December about OneNote files being used in this way. Fortunately, OneNote has been able to recognize these files and warn users not to open them. However, some users have ignored the warning and opened the malicious files anyways. The best way to protect yourself is to not open files from anyone you don’t know.

SonicWall Blog

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

Cybersecurity News & Trends – 01-20-2022

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

SonicWall continues to make waves in the news with its products and executives. Read Business Info’s safety solutions to keep your business secure and see what our VP of Strategic Partnerships and Platform Architecture, Rick Meder, had to say to Silicon. We also hear from our CEO, Bob VanKirk, and our emerging threat expert, Immanuel Chavoya.

In industry news, we’re taking a peek at newly discovered vulnerabilities, artificial intelligence and the open sea. Dark Reading reports that everyone’s favorite AI chatbot, ChatGPT, is dabbling in writing polymorphic malware. Over at Bleeping Computer, the word is that a vendor’s exposed database has caused trouble at Nissan. The good folks at Hacker News warn of a Linux vulnerability that has caught the attention of malicious actors. From Trend Micro, GitHub CodeSpaces has a port forwarding issue that’s allowing easy malware delivery. Security Weekly alerts us about a ransomware attack that affected 1,000 ships across the globe.

SonicWall News

Royal Mail ‘Cyber Incident’ Causes Widespread Disruption

Strategic Risk, SonicWall News: There were 623 million ransomware attacks globally in 2021 according to SonicWall, representing a 105% year on year increase. The UK saw a 228% surge and a 65% increase in never-seen-before malware.

8 Safety Solutions to Keep Your Business Secure

Business Info, SonicWall News: Network security devices are essential for any business. They establish a firewall that will protect internal networks from external threats, such as attacks from the internet. The SonicWall TZ270 uses Real-Time Deep Memory Inspection to prevent cyber-attacks.

Safe Homes: Security Tech for Remote Workers

Silicon, SonicWall News: Speaking to Silicon UK, Rick Meder, VP of Strategic Partnerships and Platform Architecture at SonicWall, commented: “With most employees no longer within the protected perimeter of a traditional corporate network, the basic secure access tools in place for remote access workers have become quickly inadequate. The potential attack surface expands exponentially, oversite by security staff is met with extreme challenges, and policy complexity reaches levels like never before. Efforts to uphold an adequate security posture while maintaining workforce productivity quickly become overwhelming.”

Finally, Ransomware Victims Are Refusing to Pay Up

The Register, SonicWall News: SonicWall in October 2022 said that it saw a 31 percent drop in ransomware attacks in the first nine months of the year, but that also was coming off record numbers recorded in 2021. CEO Robert VanKirk at the time told The Register there was an “unstable cyberthreat landscape” fed by expanded attack surfaces, growing numbers of threats, and a tense geopolitical environment that included the Russia’s attack on Ukraine. The CEO also noted that even those the numbers in 2022 were down, they were still higher than in any year but 2021.

Top 7 AI Trends to Watch Out for in 2023

Silicon, SonicWall News: Immanuel Chavoya, emerging threat expert at cybersecurity company SonicWall, believes new AI software will give threat actors the ability to quickly exploit vulnerabilities and reduce the technical expertise required “down to a five-year-old level.”

All You Need to Know About The ‘Godfather’ Malware Targeting This Country’s Financial System

AMB Crypto, SonicWall News: “The research titled “2022 SonicWall Cyber Threat Report” from cybersecurity company SonicWall claims that cryptojacking attacks have increased in the banking sector by 269% year-to-date. This figure is nearly five times higher than cyberattacks directed at the retail sector. According to the study from SonicWall, the total number of crypto-jacking incidents increased by 30% to 66.7 million in the first half of 2022.”

An Evolving Landscape: Top 10 Cybersecurity Predictions For 2023

Silicon Republic, SonicWall News: “Spencer Starkey, channel sales EMEA VP for SonicWall, predicts that healthcare and education will be among the sectors most targeted by cyberattacks in 2023. The cybersecurity company claims the healthcare sector saw a 328pc year-on-year increase in ransomware attacks last year.”

Royal Mail’s Export Service Hit with Major Cyber Incident and Is Experiencing ‘Severe Disruption’

City AM, SonicWall News: “Terry Greer-King, Head of EMEA at SonicWall, a cybersecurity firm, linked this cyber incident to declining cyber safety in the UK. Greene told City AM: “The cyber incident at the Royal Mail shows that the public sector, like all other industries, is still vulnerable to mass cyber attack. As legacy IT concerns become more apart across the UK’s public sector, the state of its cybersecurity is still a main topic that must be addressed, especially after 2021 brought a 94% increase in malware on the global government sector. As a service that people and businesses alike depend on day-to-day, ensuring its digital infrastructure remains secure must be a top priority. To truly safeguard national public-sector cybersecurity, the government must take real concerted action now,” he added.

Study Find One in Four SMES Hit by Ransomware Last Year

Technology Magazine, SonicWall News: “Today, cyberattacks continue to present an ever-changing threat to businesses across all sectors. NCC Group’s Annual Threat Monitor report, which indicated ransomware attacks almost doubled in 2021, rising 92.7% on the previous year, while research by SonicWall found that 66% of customers were more concerned about cyberattacks last year.”

All You Need to Know About The ‘Godfather’ Malware Targeting This Country’s Financial System

AMB Crypto, SonicWall News: “The research titled “2022 SonicWall Cyber Threat Report” from cybersecurity company SonicWall claims that cryptojacking attacks have increased in the banking sector by 269% year-to-date. This figure is nearly five times higher than cyberattacks directed at the retail sector. According to the study from SonicWall, the total number of crypto-jacking incidents increased by 30% to 66.7 million in the first half of 2022.”

Leading Cybersecurity Companies for The Food Industry

Just Food, SonicWall News: “Amongst the leading vendors of cybersecurity in food industry are Dragos, Eat IT Drink IT, NCR, Netskope, PDI Software, Preciate, Singtel, SonicWall, TitanHQ, VikingCloud, Auvesy-MDT, Cali Group, and Cardonet.”

Goodbye 2022, Hello 2023: Experts Weigh in With Channel Expectations

MicroScope, SonicWall News: “Matt Brennan, vice-president of North America channel sales at SonicWall, believes the effects of supply chain disruption will continue to have an impact on 2023: “Supply chain challenges have wreaked havoc across most industries around the world. IT has been affected across the board. Because of these challenges, brand loyalty will fade. [Customers] won’t hesitate to make purchases they can get now rather than wait for a specific brand product later – fulfillment is critical, regardless of how long customers have been brand loyal.” Brennan adds that this will lead to a shift in the market as customers learn that “staying brand loyal is not necessary to run their businesses successfully”.

Industry News

ChatGPT Trips the Alarm Over Polymorphic Malware

Researchers at Cyberark recently warned that OpenAI’s ChatGPT, an online chatbot that has been stirring up noise in the media recently, could be used to create polymorphic malware. Dark Reading reports that polymorphic malware is a highly advanced type of malware that actually contains no malicious code. That makes it exceedingly difficult to detect.

Cyberark also warned that the AI could be used to generate injection code. ChatGPT is free to use and has a simple user interface. This makes ChatGPT something that Cybersecurity experts should be keeping in their peripheral vision. It may not be causing many problems just yet, but the potential for malicious use is most certainly there.

Exposed Database Leaks Personal Data Of 18,000 Nissan Customers

On Monday, Nissan began sending out notifications to customers that their data had been breached. Nissan said in the memo that they had received notification in June of 2022 that one of their third-party software developers had experienced a breach. Bleeping Computer reports that Nissan gave data to the vendor to develop and test software for them. The automaker placed the blame on the vendor’s database being poorly configured.

Nissan conducted an investigation and found that an unauthorized user likely had access to the data. NMAC numbers (Nissan finance account numbers), full names, and dates of birth were all included in the leak. Nissan noted that there was no evidence the data had been misused, but they did offer affected customers a one-year membership of Experian identity protection.

Hack Alert: Recently Patched Linux Tool Is the Newest Target Of Malicious Actors

A widely-used Linux tool, Control Web Panel, is being actively exploited by malicious actors after a vulnerability was patched. The bug, listed as CVE-2022-44877, gave elevated privileges and allowed for unauthenticated remote code execution on some servers according to Hacker News. All software versions before 0.9.8.1147 are impacted.

So far, exploitation of the bug has been minimal, with GreyNoise reporting four unique IP addresses attempting to abuse it. All frequent users of CWP are advised to apply the most up-to-date patches to avoid any issues.

Github CodeSpaces Vulnerability Causes Concerns About Easy Malware Delivery

GitHub CodeSpaces is a cloud-based integrated development environment that was fully released to the public in November 2022. A feature of this IDE that allows forwarded ports to be shared publicly could be exploited by malicious actors. It seems that these features could be used to create a malware file server with a legitimate GitHub account. GitHub would usually be alerted by a user using their tools in this way. Due to this vulnerability, a user could be serving malicious content directly under GitHub’s nose, and GitHub would be none the wiser.

Trend Micro reports that no abuse of this exploit has been witnessed thus far. The exploit was discovered during an internal security check on the platform.

Ransomware Attack on Ship Management Software Disrupts Servers On 1,000 Ships

A recognized maritime advisor, DNV, was the victim of a ransomware attack on its ShipManager system servers. The attack resulted in 1,000 ships being impacted globally. This attack comes a mere two weeks after the LockBit ransomware gang carried out an attack on Portugal’s Port of Lisbon. The European shipping industry has been the victim of multiple such attacks over the course of the past year.

On January 19th, DNV released a statement saying they are working to restore servers on the impacted ships. They made it clear that all of the impacted ships have maintained complete offline functionality throughout this ordeal.

SonicWall Blog

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

Cybersecurity News & Trends – 01-13-2022

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

SonicWall is leading this news cycle with more company mentions and stories featuring executives and cybersecurity experts like Spencer Starkey, Senior Director, Regional Sales-EMEA, and Terry Greer-King, Vice President, EMEA and APJ Sales.

In industry news, we run the full range of international hacks and highly developed phishing campaigns. The Record reports that a pro-Russian hacktivist group is going after NATO targets. This story has contributions from Sentinel Labs, Reuters, and Cyberscoop. From Cyberwire, a critical hack alert about phishers hitting Microsoft’s Dynamic 365 Customer voice services. Bleeping Computer alerted us about a breach at Norton LifeLock. Dark Reading reports that “sneaky” hackers are wooing corporate workers with fake Zoom downloads. So please watch what you click. CSO Online reports on a developing story about a ransomware group actively exploiting the Citrix (CVE-2022 27510) vulnerability. And Hacker News warns us that tainted VPN installers are spreading EyeSpy surveillance ware.

As always, watch the corners before you cross the road, and remember that cybersecurity is everyone’s business.

SonicWall News

All You Need to Know About The ‘Godfather’ Malware Targeting This Country’s Financial System

AMB Crypto, SonicWall News: “The research titled “2022 SonicWall Cyber Threat Report” from cybersecurity company SonicWall claims that cryptojacking attacks have increased in the banking sector by 269% year-to-date. This figure is nearly five times higher than cyberattacks directed at the retail sector. According to the study from SonicWall, the total number of crypto-jacking incidents increased by 30% to 66.7 million in the first half of 2022.”

An Evolving Landscape: Top 10 Cybersecurity Predictions For 2023

Silicon Republic, SonicWall News: “Spencer Starkey, channel sales EMEA VP for SonicWall, predicts that healthcare and education will be among the sectors most targeted by cyberattacks in 2023. The cybersecurity company claims the healthcare sector saw a 328pc year-on-year increase in ransomware attacks last year.”

Royal Mail’s Export Service Hit with Major Cyber Incident And Is Experiencing ‘Severe Disruption’

City AM, SonicWall News: “Terry Greer-King, Head of EMEA at SonicWall, a cybersecurity firm, linked this cyber incident to declining cyber safety in the UK. Greene told City Am : “The cyber incident at the Royal Mail shows that the public sector, like all other industries, is still vulnerable to mass cyber attack. As legacy IT concerns become more apart across the UK’s public sector, the state of its cybersecurity is still a main topic that must be addressed, especially after 2021 brought a 94% increase in malware on the global government sector. As a service that people and businesses alike depend on day-to-day, ensuring its digital infrastructure remains secure must be a top priority. To truly safeguard national public-sector cybersecurity, the government must take real concerted action now,” he added.

Study Find One in Four SMES Hit By Ransomware Last Year

Technology Magazine, SonicWall News: “Today, cyberattacks continue to present an ever-changing threat to businesses across all sectors. NCC Group’s Annual Threat Monitor report, which indicated ransomware attacks almost doubled in 2021, rising 92.7% on the previous year, while research by SonicWall found that 66% of customers were more concerned about cyberattacks last year.”

All You Need to Know About The ‘Godfather’ Malware Targeting This Country’s Financial System

AMB Crypto, SonicWall News: “The research titled “2022 SonicWall Cyber Threat Report” from cybersecurity company SonicWall claims that cryptojacking attacks have increased in the banking sector by 269% year-to-date. This figure is nearly five times higher than cyberattacks directed at the retail sector. According to the study from SonicWall, the total number of crypto-jacking incidents increased by 30% to 66.7 million in the first half of 2022.”

Leading Cybersecurity Companies for The Food Industry

Just Food, SonicWall News: “Amongst the leading vendors of cybersecurity in food industry are Dragos, Eat IT Drink IT, NCR, Netskope, PDI Software, Preciate, Singtel, SonicWall, TitanHQ, VikingCloud, Auvesy-MDT, Cali Group, and Cardonet.”

Goodbye 2022, Hello 2023: Experts Weigh in With Channel Expectations

MicroScope, SonicWall News: “Matt Brennan, vice-president of North America channel sales at SonicWall, believes the effects of supply chain disruption will continue to have an impact on 2023: “Supply chain challenges have wreaked havoc across most industries around the world. IT has been affected across the board. Because of these challenges, brand loyalty will fade. [Customers] won’t hesitate to make purchases they can get now rather than wait for a specific brand product later – fulfilment is critical, regardless of how long customers have been brand loyal.” Brennan adds that this will lead to a shift in the market as customers learn that “staying brand loyal is not necessary to run their businesses successfully”.

Tips for Health Systems on Managing Legacy Systems to Strengthen Security

HealthTech, SonicWall News: A lack of support from the manufacturer generally means a lack of security patches. As a result, devices running a legacy OS are easy targets for attackers — in fact, malware attacks on internet-connected devices spiked 123 percent in the first half of 2022, according to research from SonicWall.

Cybersecurity for Investors: Why Digital Defenses Require Good Governance

Yahoo! Finance, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Remote Monitoring, AI Research and Data at Risk: Healthcare Tech Predictions For 2023

BetaNews, SonicWall News: Healthcare could come under threat from geopolitical attacks believes Immanuel Chavoya, threat detection and response strategist at SonicWall. “When it comes to protecting against threats of geopolitically motivated attacks, the present call to action is to be proactive, rather than reactive, to an assault. Attacks such as targeted malware or vulnerability exploitation could be used to inflict chaos on critical infrastructure such as healthcare, electric utilities, financial institutions, and oil and gas. These attacks tie up resources, cause financial damage, and send a signal. In 2023, organizations and governments will need to be prepared by ensuring that they don’t have any issues that could become low-hanging fruit for attacks and closely monitor their network activity for quick identification of and reaction to any attack.

Future Tech Role of Partners

CRN (India), SonicWall News: Security threats are becoming increasingly sophisticated, and organizations are looking for proactive ways to secure their IT environments. Whether their environment is in the Cloud, on-premises or a hybrid, organizations look to managed security services providers (MSSPs) to provide the best-in-class security to protect their business and mitigate future risk.

SonicWall CEO: Partner Program Revamp on Tap for Early 2023

CRN, SonicWall News: As other vendors are increasing their prices, we’re actually doing the opposite,” he said. If a customer and a partner commit to buying three years of services—services that go with our solutions—what they end up getting is the firewall hardware at no charge. That translates to a double-digit price decrease savings.

Industry News

Pro-Russian Hacktivists Go After NATO

A pro-Russian hacktivist group has been going after targets in NATO countries since the war against Ukraine started. The Record report that group NoName057(16) 

used Telegram and GitHub to launch distributed denial-of-service attacks against Ukraine and several NATO countries.

According to researchers at Sentinel Labs, the group targeted candidate websites in the 2023 Czech presidential election and businesses and organizations across Poland and Lithuania. According to Reuters, the group is also responsible for disrupting Denmark’s financial sector earlier this week.

The gang also used GitHub to host their distributed denial of service tools. Cyberscoop reports that GitHub disabled the group’s accounts this Tuesday. 

Hack Alert: Microsoft’s Dynamic 365 customer voice service

Threat actors are busy developing new methods to attack companies that use Microsoft’s Dynamic 365 customer voice service.

According to Cyberwire, hackers use Microsoft Customer Voice to send phishing messages to victims in the form of a service notification to the end user. Hackers harvest the password when the victim logs in to view the document. In another attack variant, the end user is enticed to click on the link in the email to print a document. An easy defensive fix is to hover over URLs to validate the sender before clicking links in emails or text messages.

Norton LifeLock Warns That Hackers Breached Password Manager Accounts

Bleeping Computer reports that Gen Digital, previously Symantec Corporation and NortonLifeLock, is now sending customers data breach notifications informing them of hackers’ successful breach of Norton Password Manager accounts through a credential-stuffing attack.

A letter sample was shared with the Office of the Vermont attorney general. It appears that the attackers did not cause a breach at the company but rather account compromises on other platforms. According to the company, their systems were not compromised. However, they claim that an unauthorized third party has used the username and password of user accounts.

Sneaky Hackers Woos Corporate Workers With Fake Zoom Downloads

According to Dark Reading, a sneaky new info stealer is sliding onto user machines via website redirects from Google Ads that pose as download sites for popular remote workforce software, such as Zoom and AnyDesk.

Researchers from Cyble have revealed that the threat actors behind the new malware “Rhadamanthysstealer,” which is available on the Dark Web as a malware-as-a-service model, are using two delivery methods to spread their payload, as disclosed by researchers at Cyble.

Researchers detected several phishing domains that the threat actors created to spread Rhadamanthys, most of which appear to be legitimate installer links for the software above brands. Some of the malicious links they identified include: bluestacks-install[.]com, zoomus-install[.]com, install-zoom[.]com, install-anydesk[.]com, and zoom-meetings-install[.]com.

Ransomware Group Actively Exploiting Citrix Vulnerability

A ransomware group known as Royal is believed to be actively exploiting a critical security flaw affecting Citrix systems, according to the cyber research team at cyber insurance provider At-Bay. Announced by Citrix on November 8, 2022, the vulnerability, identified as CVE-2022-27510, allows for the potential bypass of authentication measures on two Citrix products: the Application Delivery Controller (ADC) and Gateway.

There were no known instances of the vulnerability being exploited in the wild at the time of disclosure. However, as of the first week of 2023, At-Bay’s cyber researchers claimed new information suggests the Royal ransomware group is now actively exploiting it. Royal, considered one of the more sophisticated ransomware groups, emerged in January 2022 and was particularly active in the second half of last year.

Beware: Tainted VPNs Spreading EyeSpy Surveillanceware

Hackers know how we use VPN services to protect ourselves from… them. According to Hacker News, hackers have created tainted VPN installers to deliver a piece of surveillance ware dubbed EyeSpy as part of a malware campaign that started in May 2022. It uses “components of SecondEye – a legitimate monitoring application – to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanized installers,” Bitdefender said in an analysis.

A majority of the infections are said to originate in Iran, with smaller detections in Germany and the U.S., the Romanian cybersecurity firm added.

It has many features, including taking screenshots, activating microphones, logging keystrokes, gathering files and saved passwords from web browsers, and remotely controlling the machines to run arbitrary commands.

SecondEye previously came under the radar in August 2022, when Blackpoint Cyber revealed the threat actors’ use of its spyware modules and infrastructure for data and payload storage.

SonicWall Blog

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi