Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

New NIST Small Business Cybersecurity Act to Provide Guidance for Protecting SMBs – SonicWall eBook

• If you’re a small to medium-sized business (SMB) looking for guidance on the NIST Small Business Cybersecurity Act, get this eBook. It includes an explanation of the act and information on how best to protect yourself and your business.

Intel CPUs Fall to New Hyperthreading Exploit That Pilfers Crypto Keys – Ars Technica

• PortSmash is a new attack that exploits Intel’s Hyper-Threading architecture. SonicWall adds a layer of protection against this exploit and other similar side-channel attacks.

Cyber Security News

The Mad Dash to Find a Cybersecurity Force – The New York Times

• The need for skilled cybersecurity experts in the workplace is growing faster than the talent pool can provide with an estimated 3.5 million cybersecurity jobs available but unfilled by 2021.

Lazarus FASTCash ATM Attack Details Discovered – SC Magazine

• North Korean hacker group Lazarus has been using FASTCash trojan on obsolete AIX servers to hack ATMs and steal tens of millions of dollars.

Data of Nearly 700,000 Amex India Customers Exposed via Unsecured MongoDB Server – ZDNet

• American Express India has been caught with an unencrypted server accessible online without a password, exposing a huge amount of personal data.

HSBC Customers Hit by Data Breach in US Business – BBC News

• At least one customer in every U.S. state has been affected by a data breach that occurred between October 4 and 14 of this year. HSBC say it affected less than 1 percent of its U.S. customer base but the details include account numbers and transaction histories.

Cambodia’s ISPs Hit by Some of the Biggest DDoS Attacks in the Country’s History – ZDNet

• Someone is bombarding ISPs in Cambodia with DDoS attacks and ZDNet have a few theories on who it might be.

Private Messages From 81,000 Hacked Facebook Accounts for Sale – BBC

• Hackers who claim to have access to 120 million Facebook accounts have been attempting to sell private messages online for as little as 10 cents per account.

Ransomware Keeps Ringing in Profits for Cybercrime Rings – BankInfoSecurity

• If you’re confused by the many different types of ransomware in the news right now, BankInfoSecurity explain current trends and who is most at risk.

In Case You Missed It

• Cybersecurity for SMBs: Bundled Network Security Delivers Cost-Effective Protection – Steve Pataky
• Bypassing Government Security Controls with Customized Malware – Brook Chelmo
• 4 Ways SonicWall & ConnectWise Simplify Security Management for MSPs – Ken Dang           
• The libssh Vulnerability: What’s at Risk & How SonicWall Helps Prevent It – Rob Krug
• SonicWall Extends Next-Generation Firewalls to Public Cloud Deployments, Including AWS and Azure – Srudi Dineshan          
• 3 Elements of a Successful Managed Security Services (MSS) Bundle – Joe Velderman

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Privacy Problems for FANG Companies Might Beget M&A Action in Cybersecurity – The Street

• SonicWall CEO Bill Conner predicts that large tech companies and social media giants will look to mergers and acquisitions (M&A) to address the shortage of available cyber security talent and stave off further punishment and damages caused by breaches and other cyber security incidents.

WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors – Dark Reading

• Lawrence Pingree offers his perspective on the most recent Facebook breach revelations.

Cyber Security News

Apple CEO Condemns ‘Data-Industrial Complex’ – The Wall Street Journal

• Apple CEO Tim Cook is calling for new digital privacy laws in the United States to be drawn up, warning that the collection of huge amounts of private and everyday information is being “weaponized against us with military efficiency.”

EU Takes Step Toward Cyberattack Sanctions – Dark Reading

• The European Union has approved a proposal to place further sanctions on nations proven to have carried out a cyberattack.

Cathay Pacific Says Data of 9.4 Million Passengers Stolen in Hack – The Telegraph (UK)

• Hong Kong airline Cathay Pacific has suffered a breach affecting up to 9.4 million passengers, including over three quarters of a million passport numbers.

Super Micro to Review Hardware for Malicious Chips – Reuters

• Super Micro is agreeing to review their hardware in the wake of reports that the Chinese authorities are placing spying chips in their hardware. They deny all the allegations.

Who Is Agent Tesla? – Krebs on Security

• Openly available for commercial license, Agent Tesla is classified by many as password-stealing malware. Krebs on Security investigates the not-so-well-hidden identity of Agent Tesla’s creator following a 100 percent usage increase of the program in August 2018.

Yahoo to Pay $50M, Other Costs for Massive Security Breach – Associated Press

• The fallout from the biggest security breach of all time looks to be finally drawing to a close.

Magecart Cybergang Targets 0days in Third-Party Magento Extensions – Threat Post

• Magecart, the malware behind the Ticketmaster and British Airways breaches, continues to be updated and reconfigured, now targeting unpatched vulnerabilities in third-party plugins used in the Magento e-commerce platform.

In Case You Missed It

• Bypassing Government Security Controls with Customized Malware – Brook Chelmo
• 4 Ways SonicWall & ConnectWise Simplify Security Management for MSPs – Ken Dang           
• The libssh Vulnerability: What’s at Risk & How SonicWall Helps Prevent It – Rob Krug
• SonicWall Extends Next-Generation Firewalls to Public Cloud Deployments, Including AWS and Azure – Srudi Dineshan          
• 3 Elements of a Successful Managed Security Services (MSS) Bundle – Joe Velderman
• September 2018 Cyber Threat Data: Ransomware Threats Double Monthly, Encrypted Threats Still Growing – John Lynch

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

“A leader has to be passionate about their work be able to motivate their teams to be equally passionate” With Bill Conner – Authority Magazine

• Bill Conner, CEO of SonicWall, is interviewed about his career, from his days loading shipping containers all the way to his current role.

Cryptomining Malware Steals Fortnite Gamers’ Bitcoins and Personal Data – SC Magazine (UK)

• As malware continues to target Fortnite players, SonicWall’s Lawrence Pingree talks about the probable future of kinetic ransomware.

Chart of the Day: Google Plus Never Got off the Ground – Real Money

• SonicWall CEO Bill Conner weighs in with his thoughts on the importance, or not, of the Google Plus breach.

Cyber Security News

Pentagon Struggling to Meet Cyber Challenges, as Modern Warfare Goes High Tech – The Washington Times

• The Pentagon wants to avoid another “Beast of Kandahar” situation but is struggling to keep its cybersecurity stronger than its attackers.

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom – Bloomberg

• Accusations that China are inserting spying chips into US companies’ hardware are still being made and are spreading to other companies.

Medtronic Disables Pacemaker Programmer Updates Over Hack Concern – Reuters

• There have been no documented reports of the vulnerability being exploited but the company are taking no chances with peoples’ hearts.

Vietnam Cyber Law Set for Tough Enforcement Despite Google, Facebook Pleas – Reuters

• Companies will be required to store a wide range of user data and set up offices inside the country.

Heathrow Airport Fined £120,000 Over USB Data Breach Debacle – ZDNet

• A memory stick with unencrypted private data of airport employees was found by a member of public last year.

Payment-Card-Skimming Magecart Strikes Again: Zero out of Five for Infecting E-Retail Sites – The Register (UK)

• The British Airways and Ticketmaster attacking toolkit Magecart isn’t going away, this time turning up in a plugin called Shopper Approved that is used by hundreds of e-commerce sites.

This Cryptojacking Mining Malware Pretends to Be a Flash Update – ZDNet

• The much-maligned Flash software now has the added problem of an imposter program that uses a victim’s computer to mine for the Monero cryptocurrency.

In Case You Missed It

• 2 Smart Reasons to Upgrade to SonicWall Secure Mobile Access (SMA) – Ganesh Umapathy
• How to Stop Malware-Created Backdoors – Brook Chelmo
• Tips for Getting a Job in Cybersecurity – Geoff Blaine
• Top 7 Cybersecurity Tips Anyone Can Use at Home – Terri O’Leary
• Protecting What’s Important: How to Keep Your Family Safe from Online Threats – Geoff Blaine

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

SonicWall Firewalls Named A 2018 Gartner Peer Insights Customers’ Choice – SonicWall Blog

• With 122 reviews and a 4.3 rating, SonicWall is recognized as a 2018 Gartner Peer Insights Customers’ Choice for Unified Threat Management, reflecting commitment to partners and customers in providing top-tier cyber security solutions, along with an exceptional customer experience to support it.

SonicWall NSa Series Wins Cybersecurity Breakthrough Award as Best Firewall Solution – SonicWall Blog

• This recognition brings SonicWall to a total of 42 industry honors so far in 2018.

SonicWall CEO Bill Conner On Cybersecurity Trends CEOs Should Know – Chief Executive Magazine

• SonicWall CEO Bill Conner talks about the cybersecurity trends that CEOs should be paying attention to in this profile by Chief Executive Magazine.

ChannelPro Weekly Podcast: Episode #089 – Mimeographs Are Extinct. Are You? – Channelpro Podcast

• SonicWall TZ500 Wireless-AC Gen 6 Firewall is the tech pick of the week.

Cyber Security News

Uber Settles Data Breach Investigation for $148 Million – NYTimes

• In 2016, not wanting to expose a leak, Uber paid big money to a hacker who had gained access to 600,000 driver’s names and license numbers.

Pennsylvania Senate Democrats paid $700,000 to recover from ransomware attack – ZDNet

After falling victim to a ransomware attack, Pennsylvania Senate Democrats refused to pay the $30,000 ransomware demand, opting instead to pay over $700,000 to Microsoft to rebuild its IT infrastructure.

President Trump Unveils America’s First Cybersecurity Strategy in 15 Years – The White House

• The White House has announced a new National Cyber Strategy that they are calling the first Cybersecurity Strategy in 15 years.

Some Credential-Stuffing Botnets Don’t Care About Being Noticed Any More – The Register (UK)

• The “low and slow” covert method of malicious logins previously employed has been replaced by some bots with pure volume; one US credit union saw almost 9 thousand attempts per hour.

Qualcomm Accuses Apple of Stealing Its Secrets to Help Intel – Reuters

• It’s a long-running patent drama but Qualcomm have filed papers against Apple saying they used Qualcomm software and log files without permission to “improve the sub-par performance of Intel’s chipsets.”

In Case You Missed It

• The Evolution of Next-Generation Antivirus for Stronger Malware Defense – Lawrence Pingree
• How MSSPs & Artificial Intelligence Can Mitigate Zero-Day Threats – James Whewell
• August 2018 Cyber Threat Data: Monthly Attacks Slow, Yearly Volume Up Across the Board – Geoff Blaine
• How Everyone Can Implement SSL Decryption & Inspection  – Beau Beamesderfer
• Infographic: Ransomware’s Devasting Impact on Real-World Businesses – Geoff Blaine

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Cybersecurity and the future of work: How much can we predict? – Silicon Republic (Ireland)

• SonicWall CEO Bill Conner, talking to Silicon Republic, shares his thoughts on battling the growth areas of cybercrime over the coming years.

US Indicts North Korean Over Sony, Bank and WannaCry Attacks – Infosecurity magazine

• The U.S. Justice Department has formally charged a hacker in connection with cybercrimes that they are directly connecting to the North Korean government. SonicWall’s Bill Conner is featured as a security expert on the issue.

Cyber Security News

British Airways boss apologises for ‘malicious’ data breach – BBC

• A week after the Air Canada security leak another major security breach in an Airline, this time British Airways, has been dominating news headlines. Names, email address and credit card information from over 380,000 transactions have been compromised.

Nope, the NSA isn’t sitting in front of a supercomputer hooked up to a terrorist’s hard drive – The Register

• The Register talks about what exactly Government intelligence services want versus what it’s likely they will be able to get in the current digital climate.

The Case for a National Cybersecurity Agency – Politico

• Gen. David Petraeus argues in Politico that national cybersecurity is in need of a complete overhaul with the creation of an independent National Cybersecurity Agency that reports directly to the President.

FIN6 returns to attack retailer point of sale systems in US, Europe – ZDNet

• Point of Sale (POS) malware is really gathering steam. ZDNet have a report on a new campaign by a cybercriminal group called FIN6 who were previously known for selling credit card numbers on the Dark Web.

More U.S. Cities Brace for ‘Inevitable’ Hackers – The Wall Street Journal

• After the city of Atlanta paid millions of dollars to ransomware attackers this year other U.S. Cities are considering their options on how to handle cyberattacks.

Obama-Themed Ransomware Also Mines for Monero – BankInfoSecurity

• They’re calling it Barack Obama’s Everlasting Blue Blackmail Virus and it doubles as a cryptocurrency miner on top of being ransomware.

In Case You Missed It

• 4 Ways to Protect Your Virtualized Infrastructure  – Beau Beamesderfer
• Advancing Beyond Hygiene to Next-Gen Email Protection Services – Scott McCrady and Ganesh Umapathy
• New NIST Cybersecurity Policy Provides Guidance, Opportunities for SMBs – Geoff Blaine
• Report: Business Email Compromise (BEC) Now A $12.5 Billion Scam – Ganesh Umapathy
• Foreshadow Vulnerability (L1TF) Introduces New Risks to Intel Processors – Lawrence Pingree
• Upgrade Your SonicWall Next-Generation Firewall with ‘3 & Free’ Program – Steve Pataky