Posts

Cyber Security News & Trends – 01-18-19

This week, one city is back to using pen and paper after a ransomware attack, cybercriminals utilize popular video game Fortnite in a money laundering scam and construction industry cranes are alarmingly vulnerable to being hacked.


SonicWall Spotlight

SSL, TLS Certificates Expiring on US Government Sites During Federal Shutdown – SonicWall Blog

  • SonicWall’s Brook Chelmo explains why US Government websites are starting to suffer during the ongoing Government Shutdown, explaining that security certificates are not being updated and what kind of messages you might be seeing as a result.

Cyber Security News

Hack Brief: An Astonishing 773 Million Records Exposed in Monster Breach – Wired

  • Wired details the mega-breach where at least 773 million emails and 21 million unique passwords have been released in a folder called “Collection #1.” Some are calling this the largest collection of breached data ever found, although it should be noted that Collection #1 is a compilation of both old and new leaked details.

Fortnite Is Being Used by Criminals to Launder Cash Through V-Bucks – ZDNet

  • Criminals have been using the in-game currency in Fortnite for laundering money from stolen cards. It is not known exactly how much profit the cybercriminals have made, but Fortnite coins sold on eBay alone have grossed over $250,000 in two months.

Defense Department Continuously Challenged on Cybersecurity – Security Week

  • A report has revealed that while the U.S. Department of Defense has been making strides to improve their cybersecurity stance, they are still struggling. In September of last year there were 266 open cybersecurity‑related recommendations, some dating as far back as 2008.

NotPetya Victim Mondelez Sues Zurich Insurance for $100 Million

  • Zurich insurance rejected a $100 million claim by Mondelez saying that since the NotPetya ransomware attack has been seen by some, including the UK government, as a Russian military attack it is not covered by standard insurance against malware. Mondelez are taking legal action in response.

Oklahoma Gov Data Leak Exposes FBI Investigation Records, Millions of Department Files – ZDNet

  • A storage server belonging to the Oklahoma Department of Securities was found with terabytes of confidential data exposed and accessible to the public.

Yes, You Can Remotely Hack Factory, Building Site Cranes. Wait, What? – The Register

  • Cybersecurity protection on cranes, drilling rigs, and other heavy machinery has been found to be severely lacking with a report into the area finding that none of the radio remote controllers investigated had “implemented any protection mechanism to prevent unattended reprogramming.”

WEF: Cyber-Attacks a Major Global Risk for Next Decade – Infosecurity Magazine

  • The World Economic Forum released a reporting stating that cyberattacks remain as one of the risks facing the world today with 82 percent of those queried stating they expect data and monetary theft attacks to increase.

Ransomware Attack Sends City of Del Rio Back to the Days of Pen and Paper – ZDNet

  • Officials at Del Rio, Texas, had to abandon their computers and switch to pen and paper after a ransomware attack last week. It has not been revealed who is behind the ransomware but the FBI have been informed and are investigating.

Emotet Malware Returns to Work After Holiday Break – BankInfoSecurity

  • Whether coincidence or a sign that the criminals were actually on holidays, a number of malware strains including Emotet have returned in 2019 after falling out of use towards the end of the year. BankInfoSecurity trace the history and usage of Emotet, including information on where in the world it has and has not been striking.

In Case You Missed It

Cyber Security News & Trends – 01-11-19

Adware apps downloaded by millions, German politicians have their data leaked, and how is the government shutdown affecting cybersecurity? SonicWall has collected this week’s best cybersecurity stories, just for you.


SonicWall Spotlight

What Is Driving the Workforce of the Future? – IT News Africa

  • SonicWall threat data is used to examine the potential dangers of a workforce dependent on the Internet of Things and 5G mobile connection.

Cyber Security News

German Man Confesses to Hacking Politicians’ Data, Officials Say – New York Times

  • The December leak of the personal information of German politicians was carried out by a young German student who used very basic techniques like guessing the passwords. The authorities are treating him as a juvenile and he has been released while the investigation is ongoing.

Google Removes 85 Adware Apps That Were Installed by Millions of Users – ZDNet

  • Google removed 85 apps from the Play Store after complaints that they were blatantly adware where every page on the apps triggered a full screen advert. At the time of removal one of the apps had already been downloaded over five million times.

Class-Action Lawsuit Filed Over Marriott Data Breach Washington Times

  • 76 plaintiffs from all 50 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands are suing Marriott International Inc. in federal court over the data breach in 2018 that saw millions of people’s data released.

Who Should Be Responsible for Protecting Our Personal Data?World Economic Forum

  • The World Economic Forum explores the growing cybersecurity challenges that are presented by the fact that 89% of Americans and 70% of Europeans use the internet daily, and half the world’s population is online in some way. They ask if governments are reacting fast enough to the changes and if cybersecurity is a personal or public responsibility.

Zeroday Exploit Prices Are Higher Than Ever, Especially for iOS and Messaging Apps – ArsTechnica

  • The going rate for a zero-day jailbreak for Apple’s iOS is currently as high as $2 million. That’s the highest end of the scale but the market for exploits has been going higher and higher with no sign of leveling off.

U.S. Initiative Warns Firms of Hacking by China, Other Countries – Reuters

  • A new initiative by The National Counter-Intelligence and Security Center (NCSC) has been launched, aimed with improving cybersecurity in U.S. companies. Videos, brochures, and online informational materials have all been made available in an attempt to address ongoing concerns that many companies are not currently doing enough to protect themselves from cyberthreats.

Cybersecurity May Suffer as Shutdown Persists – Roll Call

  • The partial government shutdown may be leaving departments open to cybersecurity risks since many of the shutdown departments are on the “hit-list for hackers.” As more time passes there is a fear that minor setbacks may become irreversible.

This Old Ransomware Is Using an Unpleasant New Trick to Try and Make You Pay Up – ZDNet

  • First spotted in 2016, Cryptomix is a ransomware that seemed to have disappeared until it was rediscovered recently with a new distasteful trick; using information scraped from children’s charity organizations to make it seem like the ransom payment will be used to help people in need.

  The Cybersecurity Skills Shortage Is Getting Worse – CSO Online

  • With 53 percent of respondents of one survey reporting a problematic shortage of people with the right skills, the cybersecurity job situation is seen by some as actively getting worse rather than better. CSO Online recommend massive federal leadership, a more thorough public/private partnership and an integrated industry effort to solve the problem.

In Case You Missed It

Cyber Security News & Trends – 01-04-19

How long did it take before 2019’s first cyberattack took place? Find out this and more. SonicWall has collected this week’s best cybersecurity stories, just for you.


SonicWall Spotlight

SonicWall Celebrates Key EMEA Milestones  – Enterprise Channels MEA

  • SonicWall’s Michael Berg comments on SonicWall’s boosted presence in EMEA, crediting channel expertise and commitment to speaking the local language as key factors in growth.

Ransomware Attacks Hit Legal System – Today’s General Counsel Magazine

  • An investigation into the growing threat of ransomware in the legal world uses SonicWall 2018 data as its jumping off point.

Cyber Security News

The Elite Intel Team Still Fighting Meltdown and Spectre – Wired

  • The Spectre and Meltdown vulnerabilities were first announced a year ago and made major waves in the news cycle due to their scope and impact. Wired follow up on the story with an in-depth look at how STORM, Intel’s strategic offensive research and mitigation hacker group, have been dealing with the problem.

Town of Salem Breach Affects 7 Million Accounts – SC Magazine

  • Some payment information was exposed in the breach, but the main leak was of usernames, email addresses, hashed passwords, IP addresses, game and forum activity. The developers have stressed that no card numbers were leaked.

What We Still Don’t Know About the Cyberattack on Tribune Newspapers – Washington Post

  • A cyberattack seriously hampered printing several papers owned by Tribune Publishing, including The L.A. Times. While the Tribune group say they suspect the cyberattack originated from abroad, they have given little other information and the identity and motive of attackers remain unclear.

Dublin’s Luas Tram System Threatened With Private Data Leak – ZDNet

  • Dublin’s tram system is hit with what looks like a ransomware attack that threatens to expose online users unless a ransom of one bitcoin is paid.

Your Data Was Probably Stolen in Cyberattack in 2018 – and You Should Care – USA Today

  • Marriott, Quora, Facebook, Dunkin’ Donuts; USA today summarize the biggest hacks of 2018 and come to the conclusion that very few people have escaped unscathed.

German Politicians Targeted in Mass Data Attack  – BBC

  • Hundreds of German politicians, including Chancellor Angela Merkel, had personal details stolen and published on Twitter throughout December. No one has publicly taken responsibility for the attack yet but all parties except those on the far right were affected.

This Data-Stealing Android Malware Infiltrated the Google Play Store, Infecting Users in 196 Countries – ZDNet

  • When an App is first uploaded into the Google Play Store it is subject to tough reviews to ensure it is safe for users, but some malware developers have been taking advantage of less stringent checks later down the line and injecting malware as an update.

2019’s First Data Breach: It Took Less than 24 Hours – CBR Online

  • The first data breach of 2019 was reported less than 24 hours into the New Year when an estimated 30,000 Australian civil servants had work emails, phone numbers and job titles leaked. Thankfully, no financial information is said to have been affected.

In Case You Missed It

Cyber Security News & Trends – 12-21-18

Quantum Cryptography, Malware spreading through the cloud, and Fortnite making teenagers a lot of money; SonicWall has collected and compiled this week’s best cybersecurity stories, just for you.


SonicWall Spotlight

CEO Outlook: Five Questions on 2019  – CRN.com

  • SonicWall CEO Bill Conner gives his five predictions for 2019; from the biggest market opportunities to his thoughts on why staying up-to-date will be key for Channel Partners. He also predicts that 2019 will be the year of the SonicWall Capture Cloud Platform.

SonicWall Increasing Local Partner Support Across EMEA – Computer Weekly

  • SonicWall celebrates key EMEA milestones including the hiring of industry-leading talent and the opening of three new offices in the UK, Spain, and the UAE.

Quantum Cryptography: The Next-Generation of Secure Data Transmission – Information-Age

  • With SonicWall Threat Data showing an increase in encrypted threats throughout 2018, Information Age speculate that quantum cryptography could be the future in encryption.

Cyber Security News

Public Clouds: Fertile Ground to Spread Malware – Security Boulevard

  • A general trust in cloud services is leaving an easy entry point open for threat actors to spread malware. Researchers have already found browser hijacker adware Linkury making its way across Microsoft Azure.

Hackers Have Earned $1.7 Million so Far From Trading Data Stolen From US Gov Payment Portals – ZDNet

  • Click2Gov, a US government self-service payment system owned by Superion, was hit by a data breach in September 2017. Security researchers are estimating that the hackers have earned at least $1.7 million to date selling the information on the Dark Web.

Google Finds Internet Explorer Zero-Day Exploited in Targeted Attacks – Security Week

  • Microsoft released a patch for Internet Explorer fixing a dangerous zero-day bug. SonicWall Captures Labs also issued a signature to provide protection.

Fortnite Teen Hackers ‘Earning Thousands of Pounds a Week’ – BBC

  • With Fortnite estimated to have earned more than £1 billion through selling in-game “skins” there is a growing black-market, often run both by and for very young teenagers.

Irish Data Authority Probes Facebook Photo Breach – Security Week

  • A GDPR investigation has been launched in Ireland after it was revealed that up to 6.8 million users may have had their photos exposed to third party apps. A fine of up to four percent of annual global turnover can be issued to a corporation if they are found to be in breach of GDPR.

New Malware Pulls Its Instructions From Code Hidden in Memes Posted to Twitter – Tech Crunch

  • Researchers have found a type of malware that appears to be activated by memes on Twitter. The good news for those who can’t resist a link to a laugh is that it still looks to be in a testing stage and may never be released.

NASA Discloses Data Breach – ZDNet

  • NASA confirmed a data breach in October 2018 where a third party gained access to personal data, including Social Security Numbers, of current and former employees. No missions are believed to jeopardized by the hack but the investigation into the incident will “take time.”

The Nightmare Before Christmas: Cybersecurity Risks for Children’s Toys – EURACTIV (Europe)

  • As the Internet of Things enters toy manufacturing a host of problems are coming with it; open Bluetooth connections, cheap manufacturing standards, and cybersecurity laws that cannot yet be effectively applied.

In Case You Missed It

Cyber Security News & Trends – 12-14-18

A history of data breaches, SonicWall expands in Dubai and India, and the reappearance of Shamoon. It’s your cybersecurity news roundup for the week.


SonicWall Spotlight

NetSecOPEN Names Founding Members, Board of Directors – Dark Reading

  • SonicWall is amongst the founding members of NetSecOPEN, an organization that aims to create open network security testing standards. Atul Dhablania’s testimonial confirms SonicWall’s dedication.

The 10 Coolest New Cybersecurity Tools of 2018 – CRN

  • SonicWall Capture Cloud Platform is included on CRN’s coolest tool list for its advanced capabilities at analyzing, classifying and blocking malware.

SonicWall Strengthens Regional Presence With New Dubai HQ – Tahawultech (India)

  • SonicWall executive director Michael Berg is interviewed on video talking about the opening of SonicWall’s new office in Dubai.

India, a Key High Growth Market for SonicWall – CRN India

  • Debasish Mukherjee talks SonicWall’s expansion in India, explaining how it’s strong technology that allows SonicWall to stand out from the crowd.

Cyber Security News

The Wired Guide to Data Breaches – Wired

  • Wired trace the history of electronic data breaches, from a 1984 credit agency leak all the way up to present-day, and look at the future of the cyber arms race.

Is Tech Too Easy to Use? – The New York Times

  • The increase in frictionless tech experiences means end users often don’t think about how their data is being collected and used. This can have devastating effects down the line if a data breach occurs.

Google to Shut Down Google+ Early Due to Bug That Leaked Data of 52.5 Million Users – NPR

  • After inadvertently giving app developers access to information on over 52 million users in November of this year, Google is shutting down Google+ in April rather than August 2019.

Super Micro Finds No Malicious Hardware in Motherboards  – The Wall Street Journal

  • After headline reports earlier this year claimed that the Chinese government had secretly planted spying chips into computers assembled in China, Super Micro Computers Inc. this week told customers that they can find no evidence of hardware tampering.

Poll: Cyber Crime Has Affected One in Four Americans – The Hill

  • Gallup asked the American public if they or a close family member had been affected by cybercrime and 23 percent say they had.

Fortune 500 Cybersecurity Is Better and Worse Than You’d Think – Axios

  • Rapid7 released their first Industry Cyber-Exposure Report and found huge problems with email security at more than half of Fortune 500 companies. However, it also found that most are doing a good job at reducing entry points.

Over Half of Brazil’s Population Exposed in Security Incident – ZDNet

  • As many as 120 million Brazilian citizens had their ID numbers publicly accessible for weeks in the early months of 2018.

Shamoon Reappears, Poised for a New Wiper Attack – Threat Post

  • Shamoon is a data-wiping malware that can completely cripple an infected PC that previously made world news targeting energy firms. It first emerged in 2012, made a comeback in 2016 and is now being detected again, leading experts to predict that another attack may be imminent.

In Case You Missed It

Cyber Security News & Trends – 12-07-18

This week SonicWall has taken to the airwaves as CEO Bill Conner is profiled by KRLD Radio, and in industry news, more new breaches revealed but impacted companies like Quora are saying that Marriott International has it far worse.


SonicWall Spotlight

New Law Aids SMBs in Combating Cybersecurity Risks – The Channel Pro Network

CRN’s 2018 Products of the YearCRN

  • The SonicWall Capture Cloud Platform was announced as a finalist in CRN’s 2018 Products of the Year in the security-cloud category.

CEO Spotlight: Bill Conner, CEO, SonicWall – KRLD Radio (US)

  • SonicWall CEO Bill Conner is featured on KRLD’s CEO Spotlight radio segment discussing SonicWall’s holiday cyber threat data.

Cyber Security News

Cyber-espionage group uses Chrome extension to infect victims – ZD Net

  • Netscout researchers have released a report revealing details of a nation-state-backed hacking group’s efforts to target the academic sector by pushing a malicious Google Chrome extension through a spear-phishing email campaign.

DHS Says SamSam Ransomware is Targeting Critical Infrastructure Entities – Security Week

  • The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) issue an alert on activity related to SamSam, the malware which has supposedly cost private enterprises and organizations over $5.9 million in the last two years.

U.S. Financial Firms to Further Increase Cybersecurity Spending – Bloomberg

  • U.S. banks and other financial firms are projecting higher spending on cybersecurity as they face bigger threats and more attacks.

Marriott looking at China in data breach: report – The Hill

  • Investigators looking into the recent Marriott breach, which saw personal data belonging to over 500 million hotel guests exposed, are looking to China as the most likely source of the attack.

Quora reports data breach affecting 100 million users – Phys Org

  • Quora has notified users of a data breach involving the email addresses and encrypted passwords of about 100 million users. The question-and-answer website is downplaying the incident, claiming that it “is nothing like” the sustained breach suffered by Marriott International over the last four years.

Why Cyber Monday Is Just the Beginning of the Festive Hacking Season – ZDNet

  • Cyberattacks reach a peak around the holiday season but ZDNet argue that understaffing over Christmas leaves many companies open to further attacks.

Huawei Said to Plan $2 Billion Cybersecurity Reboot – Industry Week

  • Small companies often do not have the resources to be able to meet the strictest cybersecurity standards. Two academics argue that they should not be financially penalized in the same way as larger corporations can be.

In Case You Missed It

Cyber Security News & Trends – 11-30-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cyber Monday, Black Friday Targeted by Spike in Ransomware Attacks – SonicWall

  • SonicWall researchers have completed a special analysis of cyber threat data and attacks for the busiest online shopping period of the year. SonicWall CMO David Chamberlin explains the newest cyberattack trends to have emerged over the Black Friday and Cyber Monday weekend.

Best in Biz Awards 2018 Winners – Best in Biz

  • SonicWall win two awards with a Gold for Most Innovative Product of the Year – SMB for our Capture Cloud Platform, and a Silver for Support Department of the Year.

SonicWall Aims to Be an All-Round Player in Security Solutions: COO Atul Dhablania – Tech Circle (India)

  • Atul Dhablania is interviewed by Tech Circle about SonicWall’s presence in the region, the Internet of Things, and the current cybersecurity landscape.

Cyber Security News

A Plan to Turn New York Into a Capital of Cybersecurity – New York Times

  • They’re calling it “Cyber NYC” and it’s an ambitious plan to turn New York City into a global leader of cybersecurity innovation and job creation.

ThreatList: Cryptominers Dominate Malware Growth in 2018 – Threat Post

  • Kaspersky Lab figures say cryptomining botnets have jumped from 2.9 percent of botnets in 2017 to 4.6 percent in 2018. It’s a problem SonicWall has noticed as well.

Buckle Up: A Closer Look at Airline Security Breaches  – Dark Reading

  • An in-depth look at how and why there has been so many Airline security breaches recently and the big question, could a cybercriminal take a plane down from the sky?

Half of All Phishing Sites Now Have the Padlock – Krebs on Security

  • Once upon a time the security padlock was enough to tell you if a website was legitimate, this is no longer the case.

Uber Fined £385,000 for Losing UK Customer Data – BBC

  • Having previously settled in the US, Uber received a fine in Europe for not sufficiently disclosing their 2016 data breach.

Why Cyber Monday Is Just the Beginning of the Festive Hacking Season – ZDNet

  • Cyberattacks reach a peak around the holiday season but ZDNet argue that understaffing over Christmas leaves many companies open to further attacks.

The Case for Protecting Small Firms From Cyber Lawsuits – Wall Street Journal

  • Small companies often do not have the resources to be able to meet the strictest cybersecurity standards. Two academics argue that they should not be financially penalized in the same way as larger corporations can be.

In Case You Missed It

Cyber Security News & Trends – 11-23-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Two Cybersecurity Policies, One Clear New Objective – The Hill

  • SonicWall CEO Bill Conner has written an op-ed with his three policy prescriptions for the U.S. government following the National Institute of Standards and Technology (NIST) Small Business Cybersecurity Act and The National Cyber Strategy being signed into law.

Historic Black Friday, Cyber Monday Threat Data Prepares Businesses, Shoppers for Holiday Cyberattacks – SonicWall Blog

  • With Black Friday and Cyber Monday upon us cybercriminals are working overtime to find a gap in your cyber defense. We look at last year’s leap in malware attacks and advise on how to protect your business.

SonicWall Launches SD-WAN, Risk Metrics and New UTM Hardware – eWEEK

  • Sean Michael Kerner, senior editor at eWEEK, speaks to SonicWall’s Lawrence Pingree about SonicWall’s recent product expansion.

5 Key Skills for Next-Gen Communicators – Commpro

  • SonicWall’s David Chamberlin was recently featured on a panel discussion, How To Stay Relevant as a Communications Executive in 2020. Commpro has pulled the discussion together into a handy infographic.

Cyber Security News

Amazon Data Breach Reveals Private Details of Customers Ahead of Black Friday – The Telegraph (UK)

  • On the eve of some of the busiest shopping days of the year, Amazon confirmed a leak of customer names and emails.

VisionDirect Blindsided by Magecart in Data Breach – Threat Post

  • After VisionDirect confirmed a data breach exposing full names, addresses, telephone numbers, email addresses, passwords and payment card data, security researchers are saying this is the latest case of the ever-prolific Magecart threat group.

Security Warning: UK Critical Infrastructure Still at Risk From Devastating Cyber Attack – ZDNet

  • With the head of the UK National Cyber Security Centre previously stating that a major cybersecurity attack is a matter of “when, not if”, a new report from the UK’s Joint Committee on the National Security Strategy says the UK is still not facing up to cybersecurity threats.

Nine Cyber Security Predictions for 2019 – CSO Online

  • Ransomware, regulation, cyberwarfare and more; CSO Online tries to predict where cybersecurity will go over the next 12 months.

Facebook Appeals Against Cambridge Analytica Fine – BBC (UK)

  • Facebook is appealing their £500,000 fine, arguing that there is no evidence that any UK citizens had their data shared with Cambridge Analytica.

L0rdix Becomes the New Swiss Army Knife of Windows Hacking – ZDNet

  • A new malware called L0rdix has been found by researchers. It still looks to be in the development stages but it already manages to combine cryptocurrency mining, data theft and the ability to avoid malware analysis.

Report Reveals Struggles of SMBs Navigating Cyber Threat Landscape – SC Magazine

  • A recent study of Small and Medium Sized Businesses found over half of those surveyed have suffered from a data breach in the past year. Most respondents blame insufficient staff or cash, and a general lack of understanding of the threat landscape. SonicWall’s Charles Ho has some suggestions.

In Case You Missed It

Cyber Security News & Trends – 11-16-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

SonicWall Secures Hybrid Clouds by Simplifying, Enhancing Deployment for Enterprises, SMBs – SonicWall Press Release

  • This week SonicWall announced a major expansion of their Capture Cloud Platform including secure SD-WAN, Zero-Touch Deployment, and personalized cyber threat intelligence.

Congress Passes Bill Creating Cybersecurity Agency at DHS – Security Week

  • SonicWall CEO Bill Conner talks to Security Week with his thoughts on why the Cybersecurity and Infrastructure Security Agency (CISA) Act is paramount for securing critical digital infrastructure.

Free SD-WAN Capability Highlights New SonicWall Capture Cloud Platform Announcements – Channel Buzz (Canada)

  • SonicWall’s Lawrence Pingree talks to Channel Buzz about SonicWall’s recent product expansion announcement and how he sees SonicWall’s position now compared to 12 months ago.

13 Tech Experts Share What Facebook Should Do Post-Data Breach

  • Bill Conner, CEO of SonicWall, is featured as a member of the Forbes Tech Council highlighting why good policy is important for a company like Facebook if they want to be able to recover from a data breach.

Cyber Security News

Researchers Discover Seven New Meltdown and Spectre Attacks – ZDNet

  • A team of researchers have found that new variants of Meltdown and Spectre are being released. SonicWall confirmed that Capture ATP cloud sandbox with Real-Time Deep Memory Inspection will stop them.

Nordstrom Blames Breach of Employee Data on Contractor – BankInfoSecurity

  • US department store Nordstrom suffered from an internal breach of employee data in October and have pinned the problem on a contractor.

Scare Force: Pakistan Military Hit by Operation Shaheen Malware – The Register (UK)

  • The Pakistan Air Force and Government have been hit with a concentrated phishing and malware campaign according to new research by Cylance.

Mozilla: Firefox Will Start Alerting You to Recently Breached Sites – ZDNet

  • Firefox Monitor, previously a separate website, is being expanded and integrated into the Firefox web browser and will inform users with an alert if a website being visited has had a breach reported in the previous 12 months.

2018 on Track to Be One of the Worst Ever for Data Breaches – Dark Reading

  • A new report says that 2018 is currently only behind 2005 when it comes to data breaches, with up to 3.6 billion records compromised so far.

Ahead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers – Threat Post

  • As many as fourteen types of malware are found to be readying themselves to take advantage of unsuspecting online shoppers.

A Leaky Database of SMS Text Messages Exposed Password Resets and Two-Factor Codes – Tech Crunch

  • An exposed server was found with tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more all easily accessible.

In Case You Missed It

Cyber Security News & Trends – 11-09-18

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New NIST Small Business Cybersecurity Act to Provide Guidance for Protecting SMBs – SonicWall eBook

  • If you’re a small to medium-sized business (SMB) looking for guidance on the NIST Small Business Cybersecurity Act, get this eBook. It includes an explanation of the act and information on how best to protect yourself and your business.

Intel CPUs Fall to New Hyperthreading Exploit That Pilfers Crypto Keys – Ars Technica

  • PortSmash is a new attack that exploits Intel’s Hyper-Threading architecture. SonicWall adds a layer of protection against this exploit and other similar side-channel attacks.

Cyber Security News

The Mad Dash to Find a Cybersecurity Force – The New York Times

  • The need for skilled cybersecurity experts in the workplace is growing faster than the talent pool can provide with an estimated 3.5 million cybersecurity jobs available but unfilled by 2021.

Lazarus FASTCash ATM Attack Details Discovered – SC Magazine

  • North Korean hacker group Lazarus has been using FASTCash trojan on obsolete AIX servers to hack ATMs and steal tens of millions of dollars.

Data of Nearly 700,000 Amex India Customers Exposed via Unsecured MongoDB Server – ZDNet

  • American Express India has been caught with an unencrypted server accessible online without a password, exposing a huge amount of personal data.

HSBC Customers Hit by Data Breach in US Business – BBC News

  • At least one customer in every U.S. state has been affected by a data breach that occurred between October 4 and 14 of this year. HSBC say it affected less than 1 percent of its U.S. customer base but the details include account numbers and transaction histories.

Cambodia’s ISPs Hit by Some of the Biggest DDoS Attacks in the Country’s History – ZDNet

  • Someone is bombarding ISPs in Cambodia with DDoS attacks and ZDNet have a few theories on who it might be.

Private Messages From 81,000 Hacked Facebook Accounts for Sale – BBC

  • Hackers who claim to have access to 120 million Facebook accounts have been attempting to sell private messages online for as little as 10 cents per account.

Ransomware Keeps Ringing in Profits for Cybercrime Rings – BankInfoSecurity

  • If you’re confused by the many different types of ransomware in the news right now, BankInfoSecurity explain current trends and who is most at risk.

In Case You Missed It