This week, it’s National Selfie Day, Facebook launches its cryptocurrency, and, as predicted by SonicWall, ransomware is all over the news.

SonicWall Spotlight

National Selfie Day

• June 21 is National Selfie Day and SonicWall staff around the world are taking part! Can you name all the locations?

Innovation Will Sharpen America’s Tech Edge, Federal Officials Say – NextGov

• SonicWall CEO Bill Conner appeared at a Chertoff Group Security Series Event this week. Next Gov quotes his insight as they cover the full discussion between him, Christopher Krebs, director of the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency, and Dimitri Kusnezov, Deputy Under Secretary for Artificial Intelligence & Technology, Department of Energy.

Latest Attack From TrickBot Malware Family Identified: SonicWall – CRN (India)

• CRN follow up on the SonicWall Capture Labs Threat Research Team’s identification of a new variant of Trickbot malware. The modular structure on this malware allows it to freely add new functionalities without modifying the core bot. This story was also covered in Var India, DataQuest, NCN Online, Tech Herald, and CSO Forum.

Cyber Security News

U.S. Lawmaker Calls for Facebook to Pause Cryptocurrency Project – Reuters

• Amid comments that Facebook is “already too big and too powerful,” House Representative Maxine Waters is calling for Facebook to halt development on the Libra cryptocurrency until Congress and regulators can review the issue.

Hit by Ransomware Attack, Florida City Agrees to Pay Hackers – New York Times

• The City Council of Riviera Beach unanimously agrees to have its insurance carrier pay 65 Bitcoin, about $592,000, to hackers after the city systems were caught by a ransomware attack three weeks previously.

Is AI Fundamental to the Future of Cybersecurity? – CSO Online

• While traditional cybersecurity tools require some level of human interaction to keep them running and up-to date, CSO Online investigate the development and advancement of AI which may be able to develop and improve with little to no human involvement. They also predict that passwords will become obsolete if AI proves to be the more secure option.

U.S. Cities Are Under Attack From Ransomware — and It’s Going to Get Much Worse – Vice News

• With Atlanta, Baltimore, and many smaller cities getting hurt by ransomware, Vice argues that ransomware attacks appear to be spiking right now due to increased focus on government targeting, and just how easy launching an attack has become.

Inside the FBI’s Fight Against Cybercrime – Dark Reading

• Dark Reading conducts an interview with a member of one of the small FBI teams that are dedicated to fighting cybercrime. The agent discusses the difficulties of being heavily outnumbered by criminal actors, but also the surprisingly high level of successes that they have achieved – including defeating the massive Mirai DDoS-for-hire attacks

Desjardins, Canada’s Largest Credit Union, Announces Security Breach – ZDNet

• Canada’s largest credit union announces that 2.9 million members had customer data – including names, date of birth, social insurance number, addresses and more – taken from its database by a now ex-employee. The Credit Union is currently working with law enforcement to investigate the breach.

Maryland Governor Signs Order to Boost Cybersecurity After Baltimore Ransomware Attack – The Hill

• Responding to Baltimore’s recent ransomware woes, Maryland Governor Larry Hogan signs an executive order establishing the “Maryland Cyber Defense Initiative” and creating a Chief Information Security Officer who will be charged with giving cybersecurity recommendations to the governor.

In Case You Missed It

• Defending Endpoints from Fast, Ferocious Ransomware Attacks – Brook Chelmo
• SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs – David Chamberlin
• The E-rate ‘Fear Less’ Solution – SonicWall Staff
• Navigating the E-rate Program: Forms, Filling Cycles & Rules – SonicWall Staff
• An Explanation of E-rate: How to Cost-Effectively Protect K12 Networks – SonicWall Staff
• Inside the Modern Phishing Campaigns of 2019 – Ganesh Umapathy

This week, there’s a new cybersecurity power couple as SonicWall and ADT announce a strategic partnership to protect SMBs, U.S. cities face a ransomware pandemic and the ‘invisible web’ is growing rapidly.

SonicWall Spotlight

ADT Selects SonicWall as Exclusive Provider of Managed Cybersecurity Service Offerings for SMBs – SonicWall

• SonicWall and ADT announce a strategic partnership that provides an exclusive cybersecurity offering to better protect small- and medium-sized businesses (SMB) from the growing volume of cyberattacks.

ADT Teams Up with SonicWall for SMB Security Services – Dark Reading

• SonicWall CEO Bill Conner explains why SonicWall was the logical choice for a new cybersecurity offering from ADT, a company best known or delivering physical security monitoring. The connection between the two companies dates back to ADT’s acquisition of Secure Designs, Inc (SDI), formerly an MSSP selling SonicWall SMB security products.

Cyber Security News

Hackers Won’t Let Up in Their Attack on U.S. Cities – The Wall Street Journal

• As Baltimore is still recovering a month after a devastating ransomware attack crippled the city’s infrastructure, the FBI is warning that this is not an isolated incident, calling the growing levels of ransomware attacks a “pandemic in the United States”.

Cyber-Thieves Turn to ‘Invisible Net’ to Set Up Attacks – BBC News

• Gated chat forums, invitation-only communities and encrypted apps are the new communication channels of choice for cybercriminals to evade law enforcement agencies.

Hackers Steal $9.5 Million from GateHub Cryptocurrency Wallets – ZD Net

• GateHub has released a preliminary statement confirming a security breach that has resulted in nearly $9.5 million stolen from the users of their cryptocurrency wallet service.

Hacking Diabetes: People Break into Insulin Pumps as an Alternative to Delayed Innovations – USA Today

• Diabetes patients are jailbreaking their own insulin pumps, using instructions found online, in order to give their pumps the ability to self-adjust and remove the need for constant blood sugar monitoring.

LabCorp Data Breach Exposes Information of 7.7 Million Consumers – USA Today

• A day after Quest Diagnostics announced 12 million patients were affected by a data breach, another medical testing company says its patients’ data was also compromised.

Hackers Can Now Bypass Two-Factor Authentication With a New Kind of Phishing Scam – Fortune

• Two-factor authentication, the added security step that requires people enter a code sent to their phone or email, has traditionally worked to keep usernames and passwords safe from phishing attacks.

Baltimore Ransomware Attack: NSA Faces Questions – BBC

• After a ransomware attack currently estimated to cost at least $18M Baltimore officials are questioning why the hacking vulnerability known as EternalBlue was not disclosed when discovered by the NSA years ago. The NSA are declining to comment on the issue.

New Zealand Budget Leak: ‘Hackers’ Had Simply Searched Treasury Website – The Guardian

• After the embargoed New Zealand budget was leaked to the opposition National Party days before it was due to be released, officials were quick to call it a hack. However, it has now been found that the documents were searchable on the New Zealand treasury website.

HawkEye Malware Campaign Upticks on Business Users – SC Magazine

• Hawkeye, a keylogger than has been around for six years, has seen a major increase in a campaign targeting business users worldwide.

Startups: Embrace Cybersecurity Priorities From Day One – Forbes

• Forbes argues that cybersecurity in startups should not be considered an add-on or a luxury product and provide four cybersecurity priorities that a startup needs to think about from day one.

Emotet Made up 61% of Malicious Payloads in Q1 – Dark Reading

• A new study has found that 61% of all malware payloads in the first quarter of 2019 contained the Emotet botnet.

Security Expert: Here’s How Driverless Cars Could Be Hacked – Yahoo! Finance

• As cars modernize and driverless cars are becoming a reality it is fair to say that they are becoming more and more like a series of interconnected computers. Yahoo! Finance looks at where the security weakpoint in these computers might be found, how it could be targeted by hackers, and how the car industry is struggling to keep up with security requirements.

Nation-State Security: Private Sector Necessity – SecurityWeek

• Attackers with the funding and technical support of nation-states are now targeting commercial entities and the obvious split between commercial and political cyberattacks is disappearing. SecurityWeek examine the current threat landscape, including the increasing number of organizations embracing “Zero Trust” security models where all environments are considered untrusted until proven otherwise. They then offer some advice on how to ensure your organization is ready for cyberattacks.

Microsoft Issues Second Warning About Patching BlueKeep as PoC Code Goes Public – ZDNet

• Microsoft again warned users to ensure their patches are up to date to protect against the Bluekeep vulnerability – described as similar to the EternalBlue exploit – after a proof-of-concept attack appeared online. SonicWall provides protection against this threat.

In Case You Missed It

• SonicWall, ADT Ink Partnership to Offer Managed Cybersecurity Solutions to SMBs – David Chamberlin
• Inside the Modern Phishing Campaigns of 2019 – Ganesh Umapathy
• The E-rate ‘Fear Less’ Solution – SonicWall Staff
• Navigating the E-rate Program: Forms, Filling Cycles & Rules – SonicWall Staff
• An Explanation of E-rate: How to Cost-Effectively Protect K12 Networks – SonicWall Staff
• 4 Ways the WhatsApp Exploit Could Use Employees to Infiltrate Your Network – Rob Krug

This week, the Zombieland vulnerability leads to a patching frenzy, a global cybercrime gang is shutdown, and a GDPR update.

SonicWall Spotlight

Intel MDS ‘Zombieload’ Vulnerability Software Patch List for MSSPs – MSSPAlert

• “Zombieload” is a recently discovered vulnerability open to side-channel attacks that affects all Intel processors manufactured since 2011. MSSPAlert quote SonicWall CEO Bill Conner on how it could be used to “pick locks” in highly secure data centers. SonicWall RTDMI technology can discover and block side channel attacks in real-time.

Creating a Culture of Resilience – New Statesman (UK)

• The New Statesman uses the 2019 SonicWall Cyber Threat Report to review the threat landscape and, noting how cybersecurity is often “bolted onto products as an afterthought,” explains how and why a culture of cyber resilience will have to be built.

Cyber Security News

Russian Government Sites Leak Passport and Personal Data for 2.25 Million Users – ZDNet

• An investigation into Russian government websites and user portals has found that over 2.25 million Russian citizens had their personal information, including insurance and passport details, left easily accessible online.

GDPR: Europe Counts 65,000 Data Breach Notifications so Far – BankInfoSecurity

• European privacy authorities have received nearly 65,000 data breach notifications since the EU’s new privacy law went into full effect, with over $63 million in fines issued so far.

Rattled by Cyberattacks, Hospitals Push Device Makers to Improve Security – Wall Street Journal

• Nervous U.S. hospitals are pressing medical-device makers to improve the cyberdefenses of internet-connected infusion pumps, biopsy imaging tables and other health-care products after being rattled by a rise in cyberattack reports in other hospitals.

Bluetooth Harvester Signals Hacking Group’s Growing Interest in Mobile – Ars Technica

• ScarCruft, a Korean-speaking advanced persistent threat group, has launched a malware that steals Bluetooth-device information. It is likely that the malware is targeting intelligence and diplomatic agencies for political purposes.

Microsoft Warns Wormable Windows Bug Could Lead to Another WannaCry – Ars Technica

• Microsoft is warning that the internet could see another exploit of the magnitude of WannaCry unless a high-severity vulnerability is patched. Such is the level of fear that patches for the no-longer supported Windows 2003 and XP have been issued. The vulnerability has not yet been exploited but, due to its low complexity, once the details are known an attack will likely be developed and launched very quickly.

Global Hackers Are Thwarted by FBI, Europe in $100 Million Heist – Bloomberg

• U.S. and European law enforcement officials have dismantled a “highly specialized and international criminal network” in an operation that has been ongoing since 2016. The members of the group pooled their technical skills together online to craft and circulate malware that attempted to steal around $100 million from thousands of businesses.

Microsoft Office 365: Change These Settings or Risk Getting Hacked, Warns US Govt – ZDNet

• The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has posted its advice for organizations using Microsoft Office 365. Its major request is that administrators at organizations turn on the many security features, like multi-factor authentication, that are not automatically enabled by default.

In Case You Missed It

• 4 Ways the WhatsApp Exploit Could Use Employees to Infiltrate Your Network – Rob Krug
• Non-Standard Ports Are Under Cyberattack – Brook Chelmo
• Cryptojacking Apocalypse: Defeating the Four Horsemen of Cryptomining – Brook Chelmo
• ‘Federal Tech Talk’ Hosts SonicWall CEO Bill Conner to Examine Cybercriminal Strategies that Threaten Federal Agencies – Geoff Blaine
• Dragonblood Vulnerability: Is your WiFi secure? – Srudi Dineshan
• What to Look for in a CASB Solution – Ganesh Umapathy
• New PDF Fraud Campaign Spotlights Shifting Cybercriminal Phishing Tactics – Dmitriy Ayrapetov

This week, SonicWall CEO Bill Conner is interviewed by on Federal Tech Talk, the potential of a 5G future is considered, and more details emerge about the Citrix data breach.

SonicWall Spotlight

Federal Tech Talk’ Hosts SonicWall CEO Bill Conner to Examine Cybercriminal Strategies that Threaten Federal Agencies – SonicWall Blog

• SonicWall CEO Bill Conner joins John Gilroy on Federal Tech Talk, a radio show and podcast on the Federal News Network. They discuss emerging cyber threats including attacks over non-standard ports, encrypted threats and malicious PDFs and Office files.

SonicWall Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019 – Tech Observer (India)

• With SonicWall Capture Labs researchers releasing details on the growth of fraudulent PDFs and Office files, SonicWall’s Debasish Mukherjee talks to Tech Observer about how Real-Time Deep Memory Inspection (RTDMI) can detect new malware almost instantly.

Cyber Security News

Cybersecurity: The Key Lessons of the Triton Malware Cyberattack You Need to Learn – ZDNet

• The Triton malware attack of 2017 was unsuccessful but still managed to shut down industrial operations at a critical infrastructure firm in the Middle East. ZDNet explore how real-world physical security problems intersected with cyber security problems and allowed a cyberattack to go very far before being caught.

P2P Weakness Exposes Millions of IoT Devices – Krebs on Security

• Peer-to-peer communications software iLnkP2P includes several critical security flaws that leaves millions of Webcams, baby monitors and more open to a cyberattack.

The Terrifying Potential of the 5G Network – The New Yorker

• While some claim 5G technology will usher in a fourth industrial revolution, there’s a worry that such a huge change could have disastrous effects and policymakers may not be taking the cyber security concerns seriously enough.

“Denial of Service” Attack Caused Grid Cyber Disruption: DOE – E&E News

• A “cyber event” interrupted power grid operations in the western United States on March 5 of this year. Initially details on what happened were scarce but it has now been confirmed that a denial-of-service (DDOS) attack occurred against an unnamed energy company.

Putin Signs Law to Isolate Russian Internet – Financial Times

• Russian president Vladimir Putin signed a law that will allow the Kremlin to disconnect Russia from the global internet. Critics are casting it as an attempt to curb free speech or internal dissent within Russia, but the Kremlin says the law is a cyber security safeguard that would allow the Russian internet to continue running in the event of a hostile cyberattack on its infrastructure.

DC Metro Vulnerable to Cybersecurity Attacks, Says Inspector General – The Hill

• The Washington D.C. Metro has vowed to hire experts to help with cyber security vulnerabilities present in its current systems.

Hackers Lurked in Citrix Systems for Six Months – ZDNet

• The FBI has become involved in an ongoing investigation into an “intermittent” but long-lasting data breach at Citrix. Information on what data was accessed by hackers is not yet known but it is possible that the data stolen includes names, Social Security numbers, and financial information.

Financial Data for Multiple Companies Dumped Online in Failed Extortion Bid – Dark Reading

• 516GBs of potentially sensitive stolen data was dumped online after German digital infrastructure service provider Citycopy refused to pay up in an attempted cyber-extortion attempt. The data dump has not been verified or fully examined yet, but the would-be extortionists claim it includes “financial and private information on all clients include VAG, Ericsson, Leica, MAN, Toshiba, UniCredit, and British Telecom (BT).”

Docker Hub Breach Hits 190,000 Accounts – SecurityWeek

• Docker Hub, the world’s largest library and community for container images, suffered a data breach with 5% of users affected. Usernames and hashed passwords were accessible. Docker says the company breach has now been sealed and that they are working to ensure it cannot happen again.

In Case You Missed It

• Dragonblood Vulnerability: Is your WiFi secure? – Srudi Dineshan
• What to Look for in a CASB Solution – Ganesh Umapathy
• New PDF Fraud Campaign Spotlights Shifting Cybercriminal Phishing Tactics – Dmitriy Ayrapetov
• Stopping PDF Attacks: 5 Ways Users & Organizations Can Work Together – Brook Chelmo
• ‘Chase & Capture’: The Chertoff Group Hosts SonicWall CEO Bill Conner on Latest Podcast – Geoff Blaine

This week, SonicWall CEO Bill Conner appears on the Chertoff Group podcast, our threat researchers release details on the dramatic rise in PDF-related cyberattacks, and there’s an ongoing legal fight over whether a cyberattack can be considered an act of war.

SonicWall Spotlight

SonicWall Detects, Reports Dramatic Rise in Fraudulent PDF Files in Q1 2019 – SonicWall Press Release

• SonicWall Capture Labs threat researchers are reporting a substantial increase of fraudulent PDF files. The fraud campaign takes advantage of recipients’ trust in PDF files as a “safe” file format that is widely used and relied upon for business operations.

‘Chase & Capture’: The Chertoff Group Hosts SonicWall CEO Bill Conner on Latest Podcast – Podcast

• SonicWall CEO Bill Conner speaks on the latest Chertoff Group Insights & Intelligence podcast, “Chase & Capture: Inside the Tactical Advances between Cybercriminals and the Security Industry.” He joins host Katie Montgomery to discuss the SonicWall 2019 Cyber Threat Report.

Of Billions and Trillions: Firewalls, Threats and Sonicwall’s Thriving Business – Sify Finance

• With around one billion malware attacks detected a week, AI and machine learning are just part of how SonicWall are raising the cybersecurity bar – SonicWall’s Bob Vankirk and Debashish Mukherjee are interviewed by Sify Finance.

Old-school cruel: Dodgy PDF email attachments enjoying a renaissance – The Register (UK)

• The Register investigates the findings of the SonicWall Capture Labs showing a substantial increase of fraudulent PDF files.

The State of Cyber Arms Race: Unmasking the Threats Coming in 2019 – SonicWall Webcast

• SonicWall’s John Gordineer presents a Webinar sharing the findings of the 2019 SonicWall Cyber Threat Report and discusses and analyses what this intelligence tells us about the Cyber Arms Race.

Mar-a-Lago Malware Event: A Study in What NOT to do With Unknown USB Keys    – SonicWall Blog

• Don’t plug it in. Critical advice from SonicWall’s Brook Chelmo on what to do, and what not to do, if you find a USB key lying around your workplace.

Cyber Security News

Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong. – New York Times

• Zurich Insurance have refused to pay out on a cyberattack insurance claim by Mondelez, citing a “war exemption.” Mondelez originally made the claim after losing business while infected by NotPetya ransomware but, after the United States government tied the NotPetya attack to the Kremlin, Zurich classified the cyberattack as collateral war damage. Mondelez are pursuing a case against Zurich Insurance in the courts.

Facebook Uploaded Email Contacts of 1.5m Users Without Consent – The Guardian

• Facebook admitted to “unintentionally” uploading the address books of 1.5 million users without their consent, blaming a legacy verification program. They say they will delete the data and notify those affected.

Data on Thousands of Law Enforcement Personnel Exposed in Breach – Dark Reading

• Hackers leaked personal information on the FBI, police officers, Secret Service and other federal employees after a breach of three websites associated with the FBI National Academy, a 501(c)(3) organization.

A Hacker Has Dumped Nearly One Billion User Records Over the Past Two Months – ZDNet

• A hacker calling themselves Gnosticplayers has stolen and published almost a billion user records over the past two months. ZDNet investigates the hacker community, finding that some hackers are not only motivated by money but by fame and a desire to be remembered.

In Case You Missed It

• New PDF Fraud Campaign Spotlights Shifting Cybercriminal Phishing Tactics – Dmitriy Ayrapetov
• Stopping PDF Attacks: 5 Ways Users & Organizations Can Work Together – Brook Chelmo
• ‘Chase & Capture’: The Chertoff Group Hosts SonicWall CEO Bill Conner on Latest Podcast – Geoff Blaine
• RTDMI Evolving with Machine Learning to Stop ‘Never-Before-Seen’ Cyberattacks – Brook Chelmo
• Webinar: The State of the Cyber Arms Race – Geoff Blaine