Posts

Cybersecurity News & Trends – 09-18-20

/0 Comments/in /by

Between legislation to protect government IoT devices, developments in the TikTok saga and Supreme Court arguments, what’s happening at the federal level this week could have far-reaching implications for cybersecurity.

SonicWall in the News

Politics in the Technology World Order — Verdict Magazine
SonicWall President and CEO Bill Conner weighs in on the future of the U.S. data privacy landscape.

Perimeter 81 Looks To Take Firewall Appliances Out — Security Boulevard
SonicWall, an investor in Perimeter 81’s recent funding round, has partnered with the firm on its firewall-as-a-service software.

Sectigo to Be Acquired by GI Partners — Sectigo Press Release
In a comment about the acquisition, SonicWall President, CEO and Sectigo Board Chairman Bill Conner said, “The future is bright for Sectigo as the company builds on its impressive position as a digital identity and web security solutions leader.”

Industry News

This security awareness training email is actually a phishing scam — Bleeping Computer
A creative phishing campaign spoofs a well-known security company in an email pretending to be a reminder to complete security awareness training.

Oracle-TikTok Deal to Undergo U.S. Security Review — The Wall Street Journal
The Treasury Department said it would review an agreement for Oracle and others to revamp TikTok’s U.S. operations, with the aim of avoiding a ban of the popular video-sharing app.

House approves bill to secure internet-connected federal devices against cyber threats — The Hill
The Internet of Things (IoT) Cybersecurity Improvement Act, passed unanimously by the House, would require all internet-connected devices purchased by the federal government to comply with minimum security recommendations.

Hackers are getting more hands-on with their attacks. That’s not a good sign — ZDNet
Both nation-state-backed hackers and cybercriminals are trying to take advantage of the rise in remote working — and getting more sophisticated in their approach.

LockBit ransomware launches data leak site to double-extort victims — Bleeping Computer
The LockBit ransomware gang has launched a new data leak site to be used as part of their double extortion strategy to scare victims into paying a ransom.

Zerologon attack lets hackers take over enterprise networks — ZDNet
If you’re managing enterprise Windows servers, don’t skip on the August 2020 Patch.

Security researchers slam Voatz brief to the Supreme Court on anti-hacking law — Cyberscoop
The Supreme Court is about to take up a case with major implications for computer research — and a group of high-profile cybersecurity specialists doesn’t want mobile voting firm Voatz to have the last word.

Don’t pay the ransom, mate. Don’t even fix a price, say Australia’s cyber security bods — The Register
Over the past 12 months, the Australian Cyber Security Centre has observed real-world impacts of ransomware incidents, which have typically originated from a user executing a file received as part of a spearphishing campaign.

Russian Intelligence Hackers Are Back, Microsoft Warns, Aiming at Officials of Both Parties — The New York Times
China is also growing more adept at targeting campaign workers, with Beijing mostly aiming at Biden campaign officials.

Iran Says US Vote Hack Allegation ‘Absurd’ — Security Week
Tehran on Friday hit back at allegations by Microsoft that Iran-based hackers had targeted the U.S. presidential campaigns.

Treasury Dept. sanctions Russian, Ukrainian individuals for election interference — The Hill
The Treasury Department has added four Russian and Ukrainian individuals to its specially designated nationals list, citing attempts by the individuals to interfere in U.S. elections.

In Case You Missed It

Cybersecurity News & Trends – 09-11-20

/0 Comments/in /by

This week, students are going back to school, cybersecurity is going into outer space, and Emotet is going through the roof.

SonicWall Spotlight

Cybersecurity for the post-COVID new normal of work — Managing the Future of Work podcast

  • SonicWall CEO Bill Conner discusses how COVID-19 and the 2020 election are creating unprecedented infrastructure challenges in cybersecurity, and how forces such as the cybersecurity business gap and the need for secure remote access will shape the cybersecurity landscape going forward.

Tackle the Growing Number of IoT Ransomware Threats — TechTarget – IoT Agenda

  • Ransomware attacks have increased 20% worldwide in the first half of the year and 105% in the U.S., according to SonicWall’s latest cyberthreat report.

Cybersecurity News

FBI: Thousands of orgs targeted by RDoS extortion campaign — Bleeping Computer

  • The FBI has warned U.S. companies that thousands of organizations around the world, from various industry sectors, have been threatened with DDoS attacks within six days unless they pay a Bitcoin ransom.

Inter: a ‘low bar’ kit for Magecart credit card skimmer attacks on e-commerce websites — ZDNet

  • Researchers say that any attacker with “a little cash to burn” can join the attack trend.

 Website Crashes and Cyberattacks Welcome Students Back to School — The New York Times

  • With many districts across the country opting for online learning, a range of technical issues marred the first day of classes.

Phishing adds overlay on official company page to steal logins — Bleeping Computer

  • A phishing campaign deployed recently at various businesses uses the company’s home page to disguise the attack and trick potential victims into providing login credentials.

Money from bank hacks rarely gets laundered through cryptocurrencies — ZDNet

  • Despite being considered a cybercrime haven, cryptocurrencies play a very small role in laundering funds obtained from bank hacks, the SWIFT financial organization said.

White House issues cybersecurity space policy — SpaceNews

  • Space Policy Directive 5 is the first comprehensive government policy on cybersecurity for satellites and related systems, and outlines best practices to protect space systems from hacking and other cyber threats.

U.S. Department of Defense discloses critical and high severity bugs — Bleeping Computer

  • The U.S. Department of Defense has disclosed details about four security vulnerabilities on its infrastructure. Two of them have a high severity rating, while the other two received a critical score.

France, Japan, New Zealand warn of sudden spike in Emotet attacks — ZDNet

  • Emotet activity has ramped up to new levels in September 2020, alarming some cybersecurity agencies.

In Case You Missed It

Cybersecurity News & Trends – 09-04-20

/0 Comments/in /by

This week, teenage hackers and nation-state attackers made trouble worldwide.

SonicWall Spotlight

SonicWall TZ 600 POE — SC Magazine

  • SC Media takes a close look at the TZ 600 POE and awards it top marks.

Why Small Businesses Must Deal With Emerging Cybersecurity Threats — Entrepreneur

  • Cybercriminals are counting on small businesses to be less protected — and they’re often right.

Surging CMS attacks keep SQL Injections On The Radar During The Next Normal — Help Net Security

  • Cyberattacks have risen during the pandemic, leaving businesses to wonder whether things will settle down when COVID-19 begins to wane, or if the increase in attacks is here to stay.

Cybersecurity News

Teenager arrested in cyberattacks on Miami-Dade schools — The Washington Times

  • A 16-year-old student has been arrested for orchestrating a series of network outages and cyberattacks during the first week of school in Florida’s largest district.

Microsoft Defender can ironically be used to download malware — Bleeping Computer

  • A recent update to Windows 10’s Microsoft Defender antivirus solution ironically allows it to download malware and other files to a Windows computer.

Twitter Hack May Have Had Another Mastermind: A 16-Year-Old — The New York Times

  • A Massachusetts teenager appears to have played a significant role in the July 15 Twitter attack, investigators and fellow hackers said.

Chinese Hackers Targeted European Officials in Phishing Campaign — Bloomberg

  • Chinese nation-state hackers launched a phishing campaign against European government officials, diplomats, non-profits and other organizations to gather intelligence about global economies reeling from the pandemic.

Minister: New Zealand Enduring Wave of Cyberattacks — Security Week

  • According to the Associated Press, tracking down the perpetrators will be extremely difficult, as the distributed denial of service attacks are being routed through thousands of computers.

Federal agencies deny seeing attacks on voting infrastructure — The Hill

  • The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have denied seeing any reports of attacks on voting infrastructure, following the publication of a report on potential Russian election interference.

The FBI Botched Its DNC Hack Warning in 2016—but Says It Won’t Next Time — Wired

  • Facing looming election threats and a ransomware epidemic, the bureau says it has revamped its process for warning hacking victims.

The accidental notary: Apple approves notorious malware to run on Macs — Ars Technica

  • Newfangled malware protection gives users a false sense of security, critics say, making it potentially worse than nothing at all.

Attackers abuse Google DNS over HTTPS to download malware — Bleeping Computer

  • More details have emerged on a malware sample that uses Google DNS over HTTPS to retrieve the stage 2 malicious payload.

‘UltraRank’ Gang Sells Card Data It Steals — Bank Info Security

  • A cybercriminal gang that has spent five years planting malicious JavaScript code in order to steal payment card data from hundreds of e-commerce websites also takes the unusual step of selling the data on its own.

Hackers Attack Norway’s Parliament — Security Week

  • Norway’s parliament said Tuesday it had been the target of a “vast” cyberattack that allowed hackers to access the some lawmakers’ emails.

In Case You Missed It

Cybersecurity News & Trends – 08-21-20

/0 Comments/in /by

This week, U.S. national security was at the forefront, with authorities working to secure voting systems ahead of the November elections, FBI and CISA issuing warnings about Linux malware and the U.S. Army detailing North Korea’s cyberattack strategies.

SonicWall Spotlight

Interview: Bill Conner, President and CEO, SonicWall — Infosecurity

  • With remote working likely to be far more common going forward, businesses are considering what they should do to adequately secure themselves.

How to Negotiate with Cyber Terrorists During a Pandemic — Bloomberg (United Kingdom)

  • According to SonicWall’s mid-year Cyber Threat Report, the number of ransomware attacks climbed 20% in the first half of the year, to a total of 121.4 million.
    *Syndicated on Yahoo! Finance UK, Washington Post and The Star

D&H Expands Hosted Security Offerings for MSPs, SMBs — Channelnomics

  • D&H Distributing is giving MSPs and SMBend customers access to SonicWall’s security solutions through a subscription model that removes upfront costs and offers predictable monthly payments.

Cybersecurity News

Taiwan says China behind cyberattacks on government agencies, emails — Reuters

  • Taiwan said hacking groups linked to the Chinese government had attacked at least 10 government agencies and some 6,000 government email accounts to steal important data.

FritzFrog malware attacks Linux servers over SSH to mine Monero — Bleeping Computer

  • A sophisticated botnet campaign named FritzFrog has been discovered breaching SSH servers around the world.

Ongoing Campaign Uses HTML Smuggling for Malware Delivery — Security Week

  • Referred to as Duri, the campaign attempts to evade network security solutions, including proxies and sandboxes, to deliver malicious code.

IRS Granted Tens of Thousands of Devices Network Access Without Proper Authentication — Nextgov

  • Most devices accessing the Internal Revenue Service’s internal network using wireless connections and virtual private networks weren’t authenticated, according to an audit.

U.S. Army Report Describes North Korea’s Cyber Warfare Capabilities — Security Week

  • A 332-page report, titled “North Korean Tactics,” details North Korean forces and their actions, with one chapter focusing on electronic intelligence warfare.

How a new federal policy for telling election officials about cyber-intrusions got put to use — Cyberscoop

  • An unidentified hacker reportedly spoofed the email account of a voting-equipment vendor and sent a phishing email to a local election official in Missouri.

NSA and FBI warn that new Linux malware threatens national security — Ars Technica

  • The FBI and NSA have issued a joint warning that Russian state hackers are using a previously unknown piece of Linux malware to infiltrate sensitive networks, steal confidential information, and execute malicious commands.

CISA Warns of Phishing Emails Delivering KONNI Malware — Security Week

  • The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert providing information on attacks delivering the KONNI remote access Trojan (RAT).

CactusPete hackers go on European rampage with Bisonal backdoor upgrade — ZDNet

  • The APT is attacking banks and military organizations throughout Eastern Europe.

Lawmakers introduce bill to help election officials address cyber vulnerabilities — The Hill

  • Reps. John Katko (R-N.Y.) and Kathleen Rice (D-N.Y.) introduced legislation to provide election officials with enhanced cybersecurity resources, as authorities ramp up warnings of foreign interference in the upcoming U.S. elections.

In Case You Missed It

Cybersecurity News & Trends – 08-14-20

/0 Comments/in /by

This week marks one of the biggest launches in SonicWall history, bringing with it a comprehensive set of new solutions designed to increase security, simplify management and meet the challenges of today’s cybersecurity reality.

SonicWall Spotlight

SonicWall’s Biggest Launch To-Date Delivers Future-Proof Security, Remotely — CRN TV

  • CRN’s video discusses SonicWall CEO Bill Conner’s leadership and showcases the importance of SonicWall to the channel and the industry overall.

SonicWall Leads SMB Market To Resolve Stretched Security Budgets And Risks For Newly Extended Remote Workforces — Source Security

  • SonicWall is introducing new zero-touch enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console.

SonicWall Refreshes High End Both Enterprise and SMB Firewalls — ChannelBuzz

  • ChannelBuzz highlights the new versions of SonicWall’s firewalls and includes commentary from Bill Conner on the importance of the launch.

SonicWall Sounds Off On Next-Gen Security Line Up  — SDxCentral

  • SDxCentral explains how SonicWall’s Gen 7 offerings expand the company’s enterprise capabilities and strengthen its current portfolio of products.

SonicWall Ships High-Speed Firewalls for SMB and Branch Office Environments — The ChannelPro Network

  • In a feature on SonicWall’s Gen 7 launch, the ChannelPro Network discusses SonicWall’s new firewall appliances.

Cybersecurity News

Israel Says It Thwarted Cyber Attack Targeting Defense Industry — Bloomberg

  • Israel has announced it foiled a cyberattack targeting its defense industry by a shadowy group that the U.S. has linked to North Korea. .

Agent Tesla Spyware Adds Fresh Tricks to Its Arsenal — Threat Post

  • The RAT is surging in 2020, becoming more prevalent than even the infamous TrickBot or Emotet malware.

Trump Moves on China Apps May Create New Internet ‘Firewall’ — Security Week

  • A Trump administration ban on apps such as TikTok and WeChat risks fragmenting an already fragile global internet and creating an American version of China’s “Great Firewall.

Avaddon ransomware launches data leak site to extort victims — Bleeping Computer

  • The Avaddon ransomware operators’ site will be used to publish the stolen data of victims who do not pay a ransom demand.

Hacked government, college sites push malware via fake hacking tools — Bleeping Computer

  • A large scale hacking campaign appears to offer articles on hacking social network accounts, but instead delivers malware and scams.

UN reports sharp increase in cybercrime during pandemic — The Washington Times

  • A 350% increase in phishing websites was reported in Q1 2020, many targeting hospitals and health care systems responding to the COVID-19 pandemic

Magecart group uses homoglyph attacks to fool you into visiting malicious websites — ZDNet

  • A new campaign is utilizing the Inter kit and favicons to hide skimming activities.

Maryland officials warn gun dealers about phishing scams — The Washington Times

  • Authorities in Maryland have issued an advisory about an apparent email phishing scam targeting firearms dealers in the state.

In Case You Missed It

Cybersecurity News & Trends – 08-07-20

/0 Comments/in /by

This week, hackers dominated the headlines. But from financial firms, to voting machines, to entire countries, many are beginning to mount a stronger defense.

SonicWall Spotlight

AT&T Cybersecurity: Do Secure VPNs, Don’t Pay Ransoms — SDxCentral

  • The author notes that, per SonicWall’s mid-year update to the 2020 Cyber Threat Report, there was a 20% jump in ransomware globally in the first half of 2020 compared to mid-year 2019, including a staggering 109% spike in the U.S.

3 Tips For Improving Your Cybersecurity Program This School Year — EdTech Magazine

  • As schools prepare to reopen, EdTech Magazine offers three ways districts can improve their cybersecurity programs.

Covid-19 pandemic: Russian hackers target UK, US and Canadian research — Pharmaceutical Technology

  • Security services in the UK, US and Canada have determined that Russian cyber hacking group APT29 has attempted to illicitly access Covid-19 research. SonicWall CEO Bill Conner discusses how state-sponsored espionage groups are targeting medical data.

Cybersecurity News

Insecure satellite Internet is threatening ship and plane safety — Ars Technica

  • At the Black Hat security conference, researcher James Pavur presented findings that show that satellite-based Internet is putting millions at risk despite safeguards implemented by providers.

How the US Can Prevent the Next ‘Cyber 9/11’ — Wired

  • In an interview with WIRED, former national intelligence official Sue Gordon discusses Russian election interference and other digital threats to democracy.

U.S. Government Launches Cyber Career Path Tool — Security Week

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week announced the launch of a free tool designed to help users identify and navigate a potential career path.

U.S. coronavirus fraud losses near $100 million as COVID scams double — Reuters

  • U.S. losses from coronavirus-related fraud and identity theft have reached nearly $100 million, while complaints of COVID-19 scams have at least doubled in most states.

Financial Firms’ Cybersecurity Spending Jumps 15%, Survey Finds — Bloomberg

  • Big banks and other financial firms are spending 15% more this year to defend computer networks from cyber criminals, and the pandemic and work-from-home arrangements are probably spurring further increases.

Hackers Get Green Light to Test U.S. Voting Systems — The Wall Street Journal

  • Election Systems & Software, the top U.S. seller of voting-machine technology, is calling a truce in its feud with computer security researchers over the ways they probe for vulnerabilities of the company’s systems.

Hackers can abuse Microsoft Teams updater to install malware — Bleeping Computer

  • Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.

Robots Running the Industrial World Are Open to Cyber Attacks — Bloomberg

  • According to a new report titled “Rogue Automation,” some robots have flaws that could make them vulnerable to advanced hackers, who could steal data or alter a robot’s movements remotely.

Interpol Warns of ‘Alarming’ Cybercrime Rate During Pandemic — Security Week

  • Global police body Interpol has warned of an “alarming” rate of cybercrime during the coronavirus pandemic.

CISA, DOD, FBI expose new versions of Chinese malware strain named Taidoor — ZDNet

  • U.S. government agencies say the Taidoor remote access trojan (RAT) has been used as far back as 2008.

Exclusive: China-backed hackers ‘targeted COVID-19 vaccine firm Moderna’ — Reuters

  • Chinese government-linked hackers targeted biotech company Moderna Inc., a U.S.-based coronavirus vaccine research developer, this year in a bid to steal data, according to a U.S. security official.

Hackers Are Targeting the Remote Workers Who Keep Your Lights On — Bloomberg

  • With many of the people who help keep the grid running now working from home, cyberattacks targeting the power sector have surged.

Hackers Broke Into Real News Sites to Plant Fake Stories — Wired

  • A disinformation operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO.

In Case You Missed It

Cybersecurity News & Trends – 07-31-20

/0 Comments/in /by

This week, ransomware attacks on U.S. governments, the energy sector, sports teams and smartwatch maker Garmin made headlines — and with cryptocurrency on the rise, more may be in store.

SonicWall Spotlight

Malware is Down, But IoT and Ransomware Attacks Are Up — TechRepublic

  • Malicious attacks disguised as Microsoft Office files increased 176%, according to SonicWall’s midyear threat report.

Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers — ThreatPost

  • COVID-19 has changed the face of cybercrime, as the latest malware statistics show.

Inactive wear! Smartwatch maker Garmin suffers widespread outages after ‘ransomware attack’ – leaving thousands unable to track their workouts — Daily Mail

  • According to Bill Conner, the combination of remote internet connections and less secure personal computers has increased organizations’ risk of being compromised.

Smartwatch maker Garmin suffers outage after ransomware attack — The Telegraph

  • SonicWall found that there had been a 20% increase in the number of ransomware attacks in the first half of the year, to more than 120 million.

HoJin Kim Named as part of CRN‘s Top 100 Executives Of 2020 list, we highlight 25 sales executives leading the channel charge — CRN Award

  • Kim has revolutionized pricing for MSSPs, with a pay-as-you-go model for SonicWall’s software products that delivers a cost savings of 20% over buying an annual license.

Cybersecurity News

FBI warns of Netwalker ransomware targeting US government and orgs — Bleeping Computer

  • The FBI has issued a security alert about Netwalker ransomware operators, advising victims not to pay the ransom and to report incidents to their local FBI field offices.

Russia’s GRU Hackers Hit US Government and Energy Targets — Wired

  • A previously unreported Fancy Bear campaign persisted for well over a year — suggesting the notorious group behind the attacks has broadened its focus.

UK govt warns of ransomware, BEC attacks against sports sector — Bleeping Computer

  • The UK National Cyber Security Centre has highlighted the increasing number of ransomware, phishing and BEC schemes targeting sports organizations.

Bitcoin rises above $10,000 for first time since early June — Reuters

  • After several weeks of trading in narrow ranges, Bitcoin has breached $10,000 for the first time since early June.

Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux — Bleeping Computer

  • Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP.

CISO concern grows as ransomware plague hits close to home — ZDNet

  • An increasing wave of cybercrime targeting Fortune 500 companies is starting to ring alarm bells.

BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows — Bleeping Computer

  • When properly exploited, a severe vulnerability in almost all signed versions of GRUB2 bootloader could enable compromise of an operating system’s booting process even if the Secure Boot verification mechanism is active.

OkCupid: Hackers want your data, not a relationship — ZDNet

  • Researchers have discovered a way to steal the personal and sensitive data of users on the popular dating app.

US defense contractors targeted by North Korean phishing attacks — Bleeping Computer

  • Employees of U.S. defense and aerospace contractors were targeted in a large-scale spearphishing campaign designed to infect their devices and to exfiltrate defense tech intelligence.

In Case You Missed It

Cybersecurity News & Trends – 07-24-20

/0 Comments/in /by

This week, SonicWall reveals what the “new business normal” looks like for cybercriminals in the mid-year update to the 2020 Cyber Threat Report.

SonicWall Spotlight

SonicWall Report: COVID-19 Has Created ‘Boon’ For Criminals — ZDNet

  • In an article on SonicWall’s Mid-Year Threat Report, ZDNet highlights findings that hackers have shifted their strategies due to COVID-19.

The 2020 Rising Female Stars Of The IT Channel — CRN

  • SonicWall is proud to announce one of its own, Tiffany Haselhorst, has joined other leaders within the IT channel community on CRN’s esteemed 2020 list of 100 Rising Female Stars.

Cyberthreat landscape changes to meet new business normal of Work From Home: SonicWall — Channelbuzz.ca

  • In an article on SonicWall’s Mid-Year Threat Report, Channelbuzz highlights how cybercriminals have evolved their tactics to better exploit remote work environments during the pandemic.

Malware Attacks Down As Ransomware Increases — BetaNews

  • In an article on SonicWall’s Mid-Year Threat Report, BetaNews highlights findings that malware has dropped 24% and ransomware has increased 20% globally and 109% in the U.S.

Cybersecurity News

Using Robust Tools, Cybercriminals Accelerate Their Own Digital Transformation — SiliconANGLE

  • In the online underground, crime not only pays, but attackers are rapidly developing tools and networks that rival those of legitimate enterprises today.

Blackbaud Hack: Universities lose data to ransomware attack — BBC

  • At least seven universities in the UK and Canada have had student data stolen after hackers attacked a cloud computing provider.

Ongoing Meow attack has nuked >1,000 databases without telling anyone why — Ars Technica

  • Just hours after a world-readable database exposed a wealth of sensitive user information, UFO made the news again, this time because a database that stored user details was destroyed in an attack.

Apple’s Hackable iPhones Are Finally Here — Wired

  • Last year, Apple announced a special device just for hackers. The phone — for approved researchers only — will soon go into circulation.

New cryptojacking botnet uses SMB exploit to spread to Windows systems — Bleeping Computer

  • A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol.

Ransomware attack locked a football club’s turnstiles — ZDNet

  • Cyber criminals are targeting sports teams, leagues and organizational bodies — and in many cases, their attacks are successful, warns the NCSC.

Lazarus hackers deploy ransomware, steal data using MATA malware — Bleeping Computer

  • A recently discovered malware framework, known as MATA and linked to the North Korean-backed Lazarus hacking group, was used in attacks targeting corporate entities from multiple countries.

House-passed defense spending bill includes provision establishing White House cyber czar — The Hill

  • The House version of the annual National Defense Authorization Act included a provision establishing a national cyber director, a role that would help coordinate federal cybersecurity efforts.

Hackers use recycled backdoor to keep a hold on hacked e-commerce server — Ars Technica

  • Easy-to-miss script can give attackers new access should they ever be booted out.

Twitter Hack Revives Concerns Over Its Data Security — The Wall Street Journal

  • The alleged perpetrator, who called himself ‘Kirk,’ was part of a subculture where hackers trade in coveted social-media accounts.

In Case You Missed It

Cybersecurity News & Trends – 07-17-20

/0 Comments/in /by

This week, between breaches at Twitter, compromise at Citrix and cyberattacks against COVID-19 vaccine manufacturers, the case for a U.S. national cyber director got even stronger.

SonicWall Spotlight

Russian Cyber Espionage Group is Trying to Steal U.S. COVID-19 Vaccine Research — Newsweek International

  • SonicWall CEO and GCHQ advisor Bill Conner said, “Russia happens to be the first country placed in the spotlight, but it was only a matter of time before a nation state resorted to cybercrime to influence or control global healthcare during a time of great need. … [Cyber] criminals tend to follow the money trail, thus putting a massive bounty on anything vaccine-related.”

Cybersecurity News

Honeywell Sees Rise in USB-Borne Malware That Can Cause Major ICS Disruption — Security Week

  • Honeywell says it has seen a significant increase over the past year in USB-borne malware that can cause disruption to industrial control systems.

Malware adds online sandbox detection to evade analysis — Bleeping Computer

  • Malware developers are now using Any.Run malware analysis service in an attempt to prevent their malware from being easily analyzed by researchers.

This botnet has surged back into action spreading a new ransomware campaign via phishing emails — ZDNet

  • There’s been a big jump in Phorpiex botnet activity – but it’s a trojan malware attack that was the most common malware campaign in June.

New AgeLocker Ransomware uses Googler’s utility to encrypt files — Bleeping Computer

  • A new and targeted ransomware named AgeLocker utilizes the ‘Age’ encryption tool created by a Google employee to encrypt victims’ files.

The case for a National Cyber Director — Cyberscoop

  • Although the effects of COVID-19 will last for years, it’s already clear that shifting more activity online has increased our society’s digital dependence even faster than expected.

‘DdoS-For-Hire’ Is Fueling a New Wave of Attacks — Wired

  • Turf wars are heating up over routers that fuel distributed DDoS attacks.

New Mirai Variant Surfaces with Exploits for 9 Vulnerabilities Products — Dark Reading

  • Impacted products include routers, IP cameras, DVRs, and smart TVs.

TrickBot malware mistakenly warns victims that they are infected — Bleeping Computer

  • The notorious TrickBot malware accidentally included a test module that’s warning victims that they are infected and should contact their administrator.

Russian Hackers Blamed for Attacks on Vaccine-Related Targets — The Wall Street Journal

  • U.S. and U.K. government officials said a prominent state-backed Russian hacking group is responsible for ongoing cyberattacks against organizations involved in the development of coronavirus vaccines and other healthcare-related work.

A Brazen Online Attack Targets V.I.P. Twitter Users in a Bitcoin Scam — The New York Times

  • In a major show of force, hackers breached some of the site’s most prominent accounts, a Who’s Who of Americans in politics, entertainment and tech.

Citrix: No breach, hacker stole business info from third party — Bleeping Computer

  • Citrix has published an official statement to deny claims that the company’s network was breached by a malicious actor who says that he was also able to steal customer information.

In Case You Missed It

Cybersecurity News & Trends – 07-10-20

/0 Comments/in /by

This week, phishing dominated the headlines, as threat actors targeted Office 365 users and senior executives.

SonicWall Spotlight

Contact tracing apps: “It’s better to do it right than quick” — Verdict

  • This podcast on contact tracing technology includes commentary from Bill Conner, who discusses different types of security policies and why security and privacy are of paramount importance.

‘Our direct-touch approach is disrupting the market’ – SonicWall’s new Ireland boss on becoming more than just a firewall vendor — Channel Partner Insight (UK)

  • Ireland Country Manager Tristan Bateup said SonicWall’s channel team in Ireland has been restructured to bring more roles into the country. “We’ve now got people in place in country from a sales and marketing, sales and engineering and obviously a country lead perspective.”

Cybersecurity News

Over 5 Billion Unique Credentials Offered on Cybercrime Marketplaces — Security Week

  • More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials.

Researchers connect Evilnum hacking group to cyberattacks against Fintech firms — The Register

  • New report puts a microscope on Evilnum, including its tools, techniques and potential ties to other cyberattackers.

Conti ransomware uses 32 simultaneous CPU threads for blazing-fast encryption — ZDNet

  • The Conti ransomware also abuses the Windows Restart Manager component to unlock apps and free up their data for encryption.

Persuasive Office 365 phishing uses fake Zoom suspension alerts — Bleeping Computer

  • A new phishing campaign targets Microsoft Office 365 corporate users with notices that their Zoom accounts have been suspended, with the end goal of stealing Office 365 logins.

Citrix tells everyone not to worry too much over its latest security patches. NSA’s former top hacker disagrees — The Register

  • Rob Joyce, former head of the NSA’s Tailored Access Operations elite hacking team, warns it’s time for admins to get busy to ensure protection from several exploitable issues, including unauthenticated access and RCE.

Vast Phishing Campaign Hits Microsoft Users in 62 Countries — Bloomberg

  • Microsoft Corp. customers were targeted in a massive phishing campaign that has sought to defraud users in 62 countries since December, with recent emails attempting to exploit the pandemic.

North Korean hackers linked to web skimming (Magecart) attacks, report says — ZDNet

  • After hacking banks and cryptocurrency exchanges, orchestrating ATM cash-outs, and deploying ransomware, North Korean hackers have now set their sights on online stores.

Cerberus Banking Trojan Unleashed on Google Play — Threat Post

  • The Cerberus malware can steal banking credentials, bypass security measures and access text messages.

Looks Like Russian Hackers Are on an Email Scam Spree — Wired

  • A group dubbed “Cosmic Lynx” uses surprisingly sophisticated methods — and targets big game.

Hackers are trying to steal admin passwords from F5 BIG-IP devices — ZDNet

  • Threat actors have already started exploiting the F5 BIG-IP mega-bug, attempting to steal administrator passwords from the hacked devices

New Mac ransomware is even more sinister than it appears – Ars Technica

  • ThiefQuest or EvilQuest can grab passwords and credit card numbers.

In Case You Missed It