Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.
It’s Valentine’s week, and SonicWall is getting love from media outlets once again. SiliconRepublic talked to our own Spencer Starkey about his predictions for 2023 and quoted Immanuel Chavoya’s thoughts on artificial intelligence.
In industry news, Bleeping Computer has the low-down on Apple and Microsoft’s zero-day issues and has informed us of another zero-day exploit that was used to breach 130 organizations. Dark Reading reported on a former cybersecurity entrepreneur from Russia being convicted of a hack-to-trade scheme. Hacker News warns of a North Korean threat actor targeting South Korean systems as well as a flurry of attacks from the notorious SideWinder group.
Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.
SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of SonicWall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.
SiliconRepublic, SonicWall News: In recent AI predictions for 2023, experts such as Immanuel Chavoya of SonicWall said new software will give threat actors the ability to quickly exploit vulnerabilities and reduce the technical expertise required “down to a five-year-old level.”
SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of Sonicwall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.
ITPro, SonicWall News: In 2020 – the third year of it being considered a major strain – security firm SonicWall revealed it was behind a third of ransomware attacks worldwide for the year.
GQ Brasil, SonicWall News: Arley Brogiato, director for Latin America and the Caribbean of the multinational security company SonicWall, does not exclude the possibility of these attacks reaching Brazilian companies, but says he is surprised by the alerts and the dissemination of the news, which on the morning of last Monday (6) competed with football game calendars and the price of cooking gas in Manaus the most sought after Google Trends.
SonicWall Blog, SonicWall News: SonicWall Chief Revenue Officer (CRO) Jason Carter and Vice President Americas Channel Sales Matt Brennan have been named to CRN’s 2023 Channel Chiefs list. Every year, CRN honors the IT channel executives who drive the channel success and evangelize the importance of channel partnerships within the IT industry.
TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.
Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.
Ask by Geeks, SonicWall News: One of the best small business firewalls is the SonicWall TZ400 Security Firewall. The SonicWall TZ400 NGFW Premium is considered a little more expensive than other firewall options, but its security, reliability, ease of use, and unique features justify its price.
ITPro, SonicWall News: A study last year by SonicWall found that the retail sector saw a 264% surge in ransomware attacks between February 2021 and 2022. The widespread consumer shift to online shopping during the pandemic prompted hackers to escalate attacks against online retailers.
Networking+, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.
CyberSecurityInsiders, SonicWall News: 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.
MedTechDive, SonicWall News: Ransomware attacks in which cybercriminals attempt to extort money declined by 23% overall during the first half of 2022 but increased 328% in healthcare, according to data from cybersecurity company SonicWall.
SideWinder Group Responsible for Over 60 Attacks According to Researchers
The notorious threat actor group known as SideWinder has been linked to 61 attacks across Sri Lanka, Bhutan, Nepal, Afghanistan and Myanmar. According to Hacker News, the groups targets include government, finance, military and other organizations. Their typical attacks start with a spear-phishing email that includes a bogus URL. The URL directs victims to a site where the main malware is dropped onto their computer. It was also stated that SideWinder has added new tools to its threat arsenal. The ability to reload and retool so frequently suggests that SideWinder has considerable financial backing – perhaps even from a nation-state.
CISA Warns of Zero-days Being Exploited On iOS and Windows
Four new exploits were added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) list of exploits found in the wild this week. Three of them affected Microsoft products, and Microsoft patched all three on Tuesday as part of their February 2022 patch. The fourth affected WebKit on Apple devices and was acknowledged by Apple on Monday. Apple released emergency security updates to address the issues. According to Bleeping Computer, CISA has now given U.S. federal agencies until March 7th to patch all four exploits.
Clop Ransomware Gang Uses Zero-Day to Breach 130 Organizations
GoAnywhere MFT secure file transfer tool has been exploited for a zero-day vulnerability. The exploit allowed the attackers to execute code remotely on the compromised systems. According to Bleeping Computer, the ransomware gang known as Clop reached out last week to inform BleepingComputer that they had used this vulnerability to breach 130 organizations already. They refused to go into details on whether they had already begun demanding ransoms from their victims or not. Reporter Brian Krebs reported that GoAnywhere MFT had warned of this exploit last week. Fortra, the developer of GoAnywhere MFT, said, “We are working directly with customers to assess their individual potential impact, apply mitigations and restore systems.” The full impact of the breaches is still unknown.
Tesla, Roku Hacker from Russia Faces Decades in Prison
Vladislav Klyushin has been found guilty by a U.S. district court for crimes involving information theft from U.S. networks. Klyushin is a former cybersecurity businessman from Russia. According to a release from the United States Justice Department, Klyushin was arrested in Sion, Switzerland, in 2021 before being sent to the U.S. to stand trial. U.S. attorney Rachael S. Rollins said, “For nearly three years, he and his co-conspirators repeatedly hacked into U.S. computer networks to obtain tomorrow’s headlines today.” Klyushin and his co-conspirators used the stolen information to gain money through insider trading. According to Dark Reading, the charges of security fraud and wire fraud could each put him behind bars for 20 years. Klyushin will face sentencing on May 4th.
North Korean Threat Actor Targeting South Korea with Malware
A threat actor who has been linked to North Korea has been caught targeting South Korea with a new malware. They’re calling the new malware M2RAT, and the threat actor is being tracked as APT37. According to Hacker News, this cybercriminal is also tracked under the monikers ScarCruft, Ricochet Chollima, Red Eyes and Reaper. The new malware was observed in January 2023, and it uses a now-patched vulnerability in the South Korean word processor Hangul. This same vulnerability was exploited in 2017 but the North Korean Lazarus group to target South Korean cryptocurrency exchanges.
Celebrating 2023 With Expanded “3 & Free” – Matt Brennan
The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman
SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald
A New Era of Partnering to Win – Robert (Bob) VanKirk
Multiply Your Security with Multifactor Authentication – Amber Wolff