Posts

Cyber Security News & Trends – 02-14-20

This week, SonicWall partners with Perimeter 81, Puerto Rico loses millions from a phishing attack, and new figures show how cryptocurrency losses boomed in 2019.


SonicWall Spotlight

2020 SonicWall Cyber Threat Report: Threat Actors Pivot Toward More Targeted Attacks, Evasive Exploits – SonicWall Press Release

  • This week saw the release of the always anticipated yearly SonicWall Cyber Threat Report! Key takeaways include a drop in malware and ransomware attack volumes but an increase in more targeted attacks, a continued rise in encrypted attacks, and a massive fall in cryptojacking.

Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report  – Geoff Blaine

  • SonicWall Vice President of Marketing Geoff Blaine digs into the 2020 Cyber Threat Report, laying out and analyzing the data SonicWall’s Cyber Threat Team have found over the past year.

The CyberWire Daily Briefing – Cyberwire

Vulnerability in Linear eMerge Access Controllers Exploited in the Wild – SecurityWeek

  • SecurityWeek picks up on SonicWall’s recent SonicAlert about a known vulnerability in Nortek Security & Control’s Linear Emerge E3 Access Controller actively being exploited. Despite this vulnerability being raised a year ago and considered critical, no fix has yet been implemented.

Cybersecurity News

Kobe Bryant Wallpaper Shows how Hackers Exploit Mourning Fans for Cryptocurrency Mining – The Independent (UK)

  • Cybercriminals have been detected attempting to profit from the death of Kobe Bryant by hiding malware within downloadable wallpapers of the basketball star.

Internet of Things: Smart Cities Pick Up the PaceFinancial Times

  • As 5G and the Internet of Things go from a future development to a reality, so do smart cities. The Financial Times investigates where smart cites are right now, how deep 5G and IoT penetration currently goes and what they are likely to look like in the future, including the prediction that up to 30% of smart city programs will be abandoned by 2023.

Magecart Group Jumps from Olympic Ticket Website to new Wave of E-Commerce Shops – ZDNet

  • Despite recent arrests of a major magecart group, a new wave of the malware has been detected spreading across a Russian hosting provider using a Chinese domain registrar, who suspended the domain when the malware was reported.

Watch Out for Coronavirus Phishing Scams – Wired

  • A number of phishing scams have been detected where attackers disseminate malicious links and PDFs that claim to contain information on how to protect yourself from the spread of the Coronavirus. SonicWall’s Cyber Threat team have also detected malicious executables being spread using fears of the virus as bait.

Feds are Lining up More Indictments Related to Chinese Cyber-Activity, Officials say – Cyberscoop

  • U.S. prosecutors are preparing to issue new charges against Chinese nationals related to alleged hacking and insider threats at U.S. organizations. U.S. officials have repeatedly accused China of breaking a 2015 agreement not to conduct “cyber-enabled” intellectual property theft and have ramped up pressure by announcing criminal charges against Chinese nationals. Strain over Huawei and the nascent 5G network may bring the whole thing to a head.

In Case You Missed It

Cyber Security News & Trends – 02-07-20

This week, the release of the 2020 SonicWall Cyber Threat Report!


SonicWall Spotlight

2020 SonicWall Cyber Threat Report: Threat Actors Pivot Toward More Targeted Attacks, Evasive Exploits – SonicWall Press Release

  • This week saw the release of the always anticipated yearly SonicWall Cyber Threat Report! Key takeaways include a drop in malware and ransomware attack volumes but an increase in more targeted attacks, a continued rise in encrypted attacks, and a massive fall in cryptojacking.

Inside Cybercriminal Inc.: SonicWall Exposes New Cyberattack Data, Threat Actor Behaviors in Latest Report  – Geoff Blaine

  • SonicWall Vice President of Marketing Geoff Blaine digs into the 2020 Cyber Threat Report, laying out and analyzing the data SonicWall’s Cyber Threat Team have found over the past year.

The CyberWire Daily Briefing – Cyberwire

Vulnerability in Linear eMerge Access Controllers Exploited in the Wild – SecurityWeek

  • SecurityWeek picks up on SonicWall’s recent SonicAlert about a known vulnerability in Nortek Security & Control’s Linear Emerge E3 Access Controller actively being exploited. Despite this vulnerability being raised a year ago and considered critical, no fix has yet been implemented.

Cybersecurity News

Kobe Bryant Wallpaper Shows how Hackers Exploit Mourning Fans for Cryptocurrency Mining – The Independent (UK)

  • Cybercriminals have been detected attempting to profit from the death of Kobe Bryant by hiding malware within downloadable wallpapers of the basketball star.

Internet of Things: Smart Cities Pick Up the PaceFinancial Times

  • As 5G and the Internet of Things go from a future development to a reality, so do smart cities. The Financial Times investigates where smart cites are right now, how deep 5G and IoT penetration currently goes and what they are likely to look like in the future, including the prediction that up to 30% of smart city programs will be abandoned by 2023.

Magecart Group Jumps from Olympic Ticket Website to new Wave of E-Commerce Shops – ZDNet

  • Despite recent arrests of a major magecart group, a new wave of the malware has been detected spreading across a Russian hosting provider using a Chinese domain registrar, who suspended the domain when the malware was reported.

Watch Out for Coronavirus Phishing Scams – Wired

  • A number of phishing scams have been detected where attackers disseminate malicious links and PDFs that claim to contain information on how to protect yourself from the spread of the Coronavirus. SonicWall’s Cyber Threat team have also detected malicious executables being spread using fears of the virus as bait.

Feds are Lining up More Indictments Related to Chinese Cyber-Activity, Officials say – Cyberscoop

  • U.S. prosecutors are preparing to issue new charges against Chinese nationals related to alleged hacking and insider threats at U.S. organizations. U.S. officials have repeatedly accused China of breaking a 2015 agreement not to conduct “cyber-enabled” intellectual property theft and have ramped up pressure by announcing criminal charges against Chinese nationals. Strain over Huawei and the nascent 5G network may bring the whole thing to a head.

In Case You Missed It

Cyber Security News & Trends – 01-31-20

This week, SonicWall experts explain the accuracy and reach of data tracking, cyber-insurance court cases continue to heat up, and government drones are grounded for cybersecurity reasons.


SonicWall Spotlight

How Do I Love Thee, Data Privacy? Let Me Count the Ways – Forbes

  • SonicWall’s Dmitriy Ayrapeto talks data privacy with Forbes on Data Privacy Day 2020, explaining just how large, sophisticated, and accurate data tracking methods are, even for people not signed up for social media accounts.

A Glimpse Into what Cyber Security Has in Store in 2020 – VarIndia

  • What’s coming from SonicWall in India in 2020? SonicWall’s Debasish Mukherjee reflects on the current cybersecurity and threat landscape, noting a general downtick in ransomware in India as hackers choose more targeted attacks on larger corporations instead of scattergun approaches.

Cybersecurity News

Leaked Report Shows United Nations Suffered Hack – Washington Times

  • Hackers managed to get into the U.N. networks in Geneva last year, compromising dozens of servers and accessing domain administrator accounts. It is unknown how much damage was done but espionage has been put forward as a likely reason. The U.N. say nothing confidential was compromised.

AIG Must Cover Client’s $5.9 Million in Cyber-Related Losses, Judge Rules – Cyber Scoop

  • In the latest cyber-insurance development, a judge has decided that AIG must pay out for a $5.9 million claim it had previously denied after its clients lost money through a business email compromise scam.

US Space Industry to Launch Cybersecurity Portal – InfoSecurity Magazine

  • The Space Information Sharing and Analysis Center (ISAC) is setting up an unclassified portal where companies can share and analyze information on cybersecurity threats, with the aim of protecting the space industry.

The Space Race For Secure Access Service Edge (SASE) – Forbes Technology Council

  • SonicWall partners Perimeter 81 talk about the rise of and race for Secure Access Service Edge (SASE), a security solution created to fit the modern challenges of nomad and digital workforce, cloud adoption and 5G networks.

Dept. of Interior Grounds its Drones Amid Cybersecurity Concerns TechCrunch

  • The U.S. Department of the Interior released a statement confirming that non-emergency drones were being temporarily grounded for a cybersecurity review, admitting that concerns from “foreign entities, organizations, and governments” are driving the decision.

Malware Tries to Trump Security Software With POTUS Impeachment – Bleeping Computer

  • New research has found malware using text from President Trump’s impeachment as cover in an attempt to pass itself off as “goodware.“

Dozens of Companies Have Data Dumped Online by Ransomware Ring Seeking Leverage – Ars Technica

  • The Maze ransomware ring has begun to post data from companies caught by their malware, threatening to dump huge amounts of the information if their ransom demands are not met.
And Finally

Hacker Snoops on Art Sale and Walks Away with $3.1m, Victims Fight Each Other in Court ZDNet

  • Hackers who managed to intercept talks between an art dealer and a Dutch museum spoofed the dealer’s email account and convinced the museum to send $3.1 million to a bank account in Hong Kong. Both the art dealer and the museum are now blaming the other side for the mistake.

In Case You Missed It

Cyber Security News & Trends – 01-24-20

This week, SonicWall talks protecting non-profits, new cybercrime laws are proposed, and old cybercrime laws are criticized.


SonicWall Spotlight

Don’t Let Cyber Hygiene Become an Afterthought – Nonprofit Technology News

  • With most of the big headlines concentrating on breaches and cyberattacks on large companies, SonicWall CEO Bill Conner, writing in Nonprofit Technology News, reminds us that cybercriminals know that SMBs and smaller non-profits often do not budget adequately for cybersecurity and can leave themselves open.

The Big Picture: SonicWall Sets Sights on the Enterprise Market – Tahawultech

  • SonicWall’s Terry Greer-King sits down with Security Advisor ME to discuss the history of SonicWall, personal highlights in the company so far, and what the future holds.

Cybersecurity News

Cyberattack on a Major Bank Would Have Ripple Effect: Study – BankInfoSecurity

  • A new study, Cyber Risk and the U.S. Financial System: A Pre-Mortem Analysis, has found that if a cyberattack disrupting money transfers was successfully carried out on any of the five most active U.S. banks, there would be huge, rippling damage to the financial network in general.

Analysis Ties Hacking of Bezos’ Phone to Saudi Leader’s Account New York Times

  • A forensic analysis of Jeff Bezos’ cellphone has found with “medium to high confidence” that the Amazon chief’s device was hacked after he received a video from a WhatsApp account reportedly belonging to Crown Prince Mohammed bin Salman of Saudi Arabia.

Secret Service to Launch Private-Sector Cybercrime Council – Cyberscoop

  • The United States Secret Service has recently hand-picked a small group of private-sector cybersecurity experts to advise the agency’s investigations team on how it can better take down cybercriminals. Members were selected to represent a wide array of experiences including law enforcement, computer scientists, network security, malware, ransomware, identity theft and more.

Cybercrime Laws Need Urgent Reform to Protect UK, Says Report – The Guardian

  • A new report in the UK has found that the current cybercrime laws, dating back to 1990, are not fit for purpose and “crying out for reform.” As it stands, the act exposes cybersecurity professionals to prosecution for carrying out intelligence research against cybercriminals and foreign state actors.

US Could Appoint a Cybersecurity Leader for Each State – InfoSecurity Magazine

  • US Legislators are proposing the Cybersecurity State Coordinator Act of 2020, which would improve intelligence sharing between state and federal governments and appoint an employee in each state to serve as cybersecurity state coordinator.

GDPR: 160,000 Data Breaches Reported Already, so Expect the Big Fines to Follow – ZDNet

  • It has been 18 months since GDPR regulation came into force but there’s no sign of breach notifications slowing, in fact they are currently rising with an average of 278 per day.
And Finally

Euro Cup and Olympics Ticket Reseller Hit by MageCart – Bleeping Computer

  • Magecart continues its reign of terror as an Olympics and Euro Cup ticketing reseller site is the latest to be infected by the card skimmer.

In Case You Missed It

Cyber Security News & Trends – 01-17-20

This week, SonicWall experts explain why the Dustman attack likely originates from Iran, the NSA publishes a major exploit in Microsoft ECC Certs, and Emotet makes a return after a holiday-season break.


SonicWall Spotlight

Security Advisor January 2020 – Tahulwheltech

  • SonicWall’s VP for EMEA Sales, Terry Greer-King, sits down with Security Advisor Middle East, and sheds some light on how SonicWall has become a major cybersecurity player in the Enterprise space with a “direct touch” approach and unrivaled security innovations.

The US is Worried about Iran Retaliating with a Cyberattack – Vox

  • As tensions between the US and Iran simmered in recent days, eyes have turned to Iran’s arsenal of cyberattack capabilities. Speaking to Vox SonicWall CEO Bill Conner stresses that American businesses must use the situation to bolster their cyberdefenses.

Dustman Attack Underscores Iran’s Cyber Capabilities – Dark Reading

  • A malware known as Dustman attacked Bahrain’s national oil company in a cyberattack in late December. SonicWall’s Dmitiry Ayrapetov explains to Dark Reading why an Iran-backed group is likely the likely source of the attack as they investigate the attack.

Landry’s Malware Attack Highlights Need for Stronger Data Security – Channel Futures

  • SonicWall CEO Bill Conner explains to Channel Futures that the recent attack on Landry’s is just one of several attacks that should not even be happening because large companies have the budget to afford the best in cybersecurity.

Cybersecurity News

Cybersecurity Threats Call for a Global Response – IMF Blog

  • The International Monetary Fund calls for a unified worldwide response to cyberthreats, listing four areas where the international community can come together to work better – understanding of the risks; improving collaboration; consistent regulatory approaches, and being ready for cyberattacks when they do happen.

60% of US politicians haven’t upgraded their cybersecurity since 2016 – MIT Technology Review

  • Despite controversy over alleged cyberattacks in the 2016 US Presidential campaign, a new poll of 500 high-risk users found that 60% of them have not upgraded their cybersecurity in the intervening years.

Proof-of-Concept Exploits Published for the Microsoft-NSA Crypto bug – ZDNet

  • Microsoft released a security update this week that includes a fix to a dangerous bug discovered and reported to them by the NSA. With the bug being described as “seriously, seriously bad” it only took 48 hours for two proof-of-concept exploits for the vulnerability to be published.

Unprotected Medical Systems Expose Data on Millions of Patients – SecurityWeek

  • New research and analysis has found that hundreds of internet-connected and unprotected medical imaging systems worldwide are exposing data of millions of patients. The most badly affected country is the USA where over 800 institutions have been exposed.

Renewed Emotet Phishing Activity Targets UN, Government and Military Users – SC Magazine

  • After a massive drop in attacks in December 2019, the Emotet botnet and banking trojan renewed attacks in January 2019, launching a massive phishing campaign targeting high profile organizations like the United Nations.

In Case You Missed It

Cyber Security News & Trends – 12-20-19

This week, SonicWall warnings about school districts under cyberattack prove prophetic as a new bill to protect K-12 districts is introduced, and do you know that the first ransomware attack was 30 years ago?


SonicWall Spotlight

US Senators Introduce Bill to Protect Schools Against Cyber-Threats – Infosecurity Magazine

  • SonicWall CEO Bill Conner weighs in on the importance of cybersecurity in school districts, commenting on a new bill introduced to the US House of Representatives this week. The bill is designed to enhance the cybersecurity of K–12 schools in a year where they have suffered heavily under cyberattacks.

Cybersecurity News

Hackers Steal Data for 15 Million Patients, Then Sell It Back to Lab That Lost It – Ars Technica

  • Canada’s biggest provider of lab testing services has confirmed it suffered a data breach, with info as old as 2016 accessed. It has also admitted that it made “a payment” to the hackers to retrieve the data, without disclosing exactly how much was paid.

Oil and Gas Industry Risks Escalate, Cybersecurity Should Be Prioritized – HelpNetSecurity

  • A new in-depth report draws on a decade’s worth of cyberattack data in the oil and gas industries, calling for a strengthening of cybersecurity as the risks continue to escalate.

Mobile Devices Account for 41% of DDoS Attack Traffic – Dark Reading

  • While the image DDoS attacks conjure up might be one of racks of computers all being harnessed, the reality right now is that around half of the traffic is now coming from mobile and IoT devices. A newly released report on DDoS attacks looking deeply into the current DDoS threat landscape also finds that China, Turkey, the US, and South Korea are the main sources of the attacks.

WhatsApp Updated to Patch Bug That Allows Attacker to Crash Group Chats – Washington Times

  • Another WhatsApp bug has been discovered and patched. This particular vulnerability allowed a user to send a malicious message to a group chat that would cause the app on every participant’s mobile device to continuously crash.

Maze Ransomware Gang Dumps Purported Victim List – BankInfoSecurity

  • In the latest escalation of ransomware attacks, the gang behind the Maze ransomware is threatening to name and shame victims if they do not pay the ransom. Proving they can make good on their threat, last month the gang published data stolen from a security services firm who did not pay.

10 Cybersecurity Stories in 2019 That Make Us Feel Less Secure – Tech Republic

  • Before looking to the future, we have to look to the past. Tech Republic lists the top 10 2019 cybersecurity stories that worry them the most, including the Capital One breach, juice jacking, and the number of adware attacks like xHelper and Joker in the Android ecosystem.
And Finally

30 Years of Ransomware: How One Bizarre Attack Laid the Foundations for the Malware Taking Over the World – ZDNet

  • Thirty years ago, the first ransomware attack was launched… on a floppy disk… with a PO Box to pay the ransom by postal order or check.

In Case You Missed It

Cybersecurity News & Trends – 12-13-19

This week, SonicWall Capture Threat Labs releases data on cyberattacks over the Black Friday and Cyber Monday holiday period, and the cybercriminals involved in the attacks put the stolen data up for sale.


SonicWall Spotlight

Veiled Threats: The Growing Cyberattack Vectors Few People Talk About – Forbes

  • While many people are aware that malware attacks like ransomware can happen through a phishing email or an infected USB key, less well known are the attacks that use encryption or launch using non-standard ports. SonicWall CEO Bill Conner discusses the growth of these veiled threats, and how SonicWall protects from them, in his latest Forbes Technology Council post.

Black Friday Cyberattacks: Businesses Face Surge of Malware, Ransomware on U.S. Shopping Holiday – SonicWall Blog

  • The SonicWall Capture Threat Labs threat researchers releases data on cyberattacks across the 2019 Black Friday and Cyber Monday holiday period. In general, there was as much as a 63% surge in malware attacks over the shopping window, with attackers concentrating more on Black Friday than on Cyber Monday.

SonicWall and Veeam Enhance Managed Service Support – Computer Weekly

  • SonicWall’s recently launched My Workspace is covered by Computer Weekly, including SonicWall’s Terry Greer-King explaining why the technology is needed as more customers plan to move to a shared model or fully MSSP mode.

Cybersecurity News

The FBI Is Warning That Your Smart Home Devices Aren’t Secure. Here’s What You Should Do About It – Inc

  • Despite a recent FBI warning about cyberthreats attacking via the Internet of Things, the truth is that most smart devices currently have almost no cybersecurity. With this in mind, Inc takes a look how to protect your network from cyberattacks, with reference to SonicWall firewalls.

A $200,000 Internet Fraud: Will Anyone Investigate? – BankInfoSecurity

  • The story of a $200,000 phony bank scam exposes the difficulty in getting law enforcement agencies to investigate all but the highest profile internet fraud.

The Case for Cyber Insurance – Security Week

  • As the ongoing case between Mondelez and Zurich American Insurance highlights the complexities in deciding whether or not a cyberattack can be defined as a nation state attack, Security Week makes the case for specifically buying cyber insurance.

TrickBot Gang Is Now a Malware Supplier for North Korean Hackers – ZDNet

  • A newly published report finds that he authors of Trickbot, one of today’s top three malware botnets, has been linked to a North Korea state-sponsored hacking group known as Lazarus.

Cost of Data Breaches in 2019: The 4 Worst Hits on the Corporate Wallet – Security Boulevard

  • British Airways, Capital One, Marriott… some of the biggest breaches in recent times only started to affect the companies involved in 2019. These are not the biggest data breaches by volume, but by cost.
And Finally

Joker’s Stash Celebrates Turkey Day With Stolen Card Data – BankInfoSecurity

  • This week, a huge batch of card details stolen over the Thanksgiving shopping period appeared for sale online, with a price tag of half a million dollars. Successful use of Magecart card-skimming software is the most likely to blame.

In Case You Missed It

Cyber Security News & Trends – 12-06-19

This week, SonicWall strengthens MSSP security offerings, cyberthreats to the upcoming census, and the end of decade lists begin.


SonicWall Spotlight

SonicWall Strengthens MSSP Security Offerings, Simplifies Account Management, Product Registration, Licensing Control. – SonicWall Press Release

553: Opening a Spin-off’s Liberated Growth Chapter – CFO Thought Leader podcast

  • How do you take a business unit, extract it, and set it up to be a running company on its own, all within one year? SonicWall CFO Ravi Chopra sits down with the CFO Thought Leader podcast and explains exactly how he did it with SonicWall. He also discusses his career path, his experiences in the dot com crash, and how he learns from his mentors.

Cybersecurity Should Be the Core Pillar of Any Modern Digital Hospital: Dmitriy Ayrapetov – The Economic Times of India

  • SonicWall’s Dmitriy Ayapetov is interviewed talking about the impact of cyberattacks on the health industry – with ransomware attacks growing and the rise of the Cloud and Internet of Things devices leading to potentially many new entry points for a cybercriminal, he stresses the need for greater cybersecurity awareness.

Cybersecurity News

Black Friday UK: Just One in 20 Discounts Are Genuine, Research Finds – The Guardian (UK)

  • Research by consumer group Which? Has found that the majority of Black Friday deals are sold at the same price or cheaper throughout the year. SonicWall figures on ransomware are also referred to, highlighting the increase in cyberattacks around the Black Friday period.

Special Report: 2020 U.S. Census Plagued by Hacking Threats, Cost Overruns – Reuters

  • An in-depth investigation into the upcoming 2020 US census has found that despite a major technology overhaul, fears of hacking attempts are running high and a lack of adequate training and understanding of cybersecurity risks internally is not helping.

Report Highlights Nation-State Cyberthreats Facing SMBs in 2020 – Tech Republic

  • A new survey of over 1000 cybersecurity officials working at SMBs has found that more than 60% of respondents intend to increase their cybersecurity budgets next year due to growing fears of cyberattacks from both at home and abroad, especially during the upcoming elections.

India Plans Security Audit of WhatsApp After Hacking Attempt – Reuters

  • The Indian government is pushing for a security audit of WhatsApp after revelations emerged last month that spyware inserted by surveillance groups allowed access to the phones of roughly 1400 users.

44 Million Microsoft Users Reused Passwords in the First Three Months of 2019 – ZDNet

  • Microsoft has completed an audit of their accounts and found that 44 million people are still using usernames and passwords that were leaked online in 2019. A forced password reset has been enacted to help solve the problem.

FBI Issues Smart TV Cybersecurity Warning – Infosecurity Magazine

  • The Federal Bureau of Investigation has issued a warning to holiday shoppers over the cyber-risks an unsecured smart TV might pose to a household. Default passwords should be changed, and a familiarization of all connection options is recommended at a bare minimum.
And Finally

A Decade of Malware: Top Botnets of the 2010s – ZDNet

  • It’s the end of a decade, and with it comes the lists! ZDNet round up some of the biggest, in both size and infamy, botnets that hit throughout the 2010s, including those old favorites, Emotet, Trickbot, and Dridex.

In Case You Missed It

Cyber Security News & Trends – 11-22-19

This week, SonicWall is looking for Beta Testers for the SonicWall Community, Ransomware-as-a-Service is put under the spotlight, and Disney+ accounts are hacked only hours after going live.


SonicWall Spotlight

SonicWall Leads Series a Round Funding in Zero-Trust Security Provider Perimeter 81 – SonicWall Press Release

  • SonicWall has signed a commercial agreement for the development of joint solutions with Perimeter 81. This agreement means that we are able to provide a wide range of businesses, from SMBs to Fortune 500s and governments, with SonicWall’s award-winning Capture Cloud Platform and real-time breach detection and prevention solutions, while also allowing them to adopt a zero-trust security architecture that delivers tremendous efficacy in securing the modern organization.

Call for Beta Testers – The SonicWall Community

  • SonicWall is delighted to announce that it will be launching the SonicWall Community in 2020. The community will be a place where our customers, partners and product experts can collaborate to share knowledge, experiences, resources and opinions. Do register your interest if you are want to be a beta tester for our pilot community.

The CyberWire Daily Podcast – The Cyberwire

  • The CyberWire Daily Podcast rounds up the cybersecurity news each day and SonicWall CEO Bill Conner makes an appearance on Thursday 21st of November, discussing the Q3 threat intelligence data from SonicWall Capture Labs.

Ransomware-as-a-Service: SaaS for Cyber Criminals – SC Magazine (UK)

  • Ransomware’s simplicity and lucrativeness as a form of cyberattack has led to a growth in what is known as Ransomware-as-a-Service – a user-friendly version of ransomware that can easily be deployed with minimal technical knowledge. SonicWall CEO Bill Conner explains how it works, why it is so popular, and how to fight it in SC Magazine.

Cybersecurity News

1.2 Billion Records Found Exposed Online in a Single Server – Wired

  • A researcher has found a database containing over a billion records on an easily accessed, unsecured server. The data does not contain passwords or financial information, but does contain phone numbers, social profiles, and work histories of the huge number of those affected.

Thousands of Hacked Disney+ Accounts Are Already for Sale on Hacking Forums – ZDNet

  • Hackers hijacked Disney+ accounts and put them up for sale within hours of the service launching this week. Prices for the details of account vary from $3 to $11 on online forums, in comparison to a legitimate subscription that costs a user $7 a month.

WhatsApp Remote Code Execution Triggered by Videos – Threat Post

  • A newly discovered vulnerability in WhatsApp was discovered and quietly patched this week. The flaw would allow an attacker to target a user simply by sending them an MP4 file by WhatsApp. There is no evidence that the vulnerability had been exploited in the wild before the patch was sent out.

Attacks on Healthcare Jump 60% in 2019 – so Far – Dark Reading

  • A new report has named the healthcare system as the seventh-most targeted industry by malware, but also an industry that is still dragging its heels when it comes to preparedness, with a large number of legacy hardware and software systems still in use.

Financial Advisors Need to Put Cybersecurity Plans to the Test – CNBC

  • The U.S. Securities and Exchange Commission has released cybersecurity guidance for financial advisory firms. The simple message of this notice is that no firm is too small to have cybersecurity protections in place, and no firm should be so confident in their systems that they do not regularly test them.
And Finally

Influencer Marketing Comes to Cybersecurity – Axios

  • Perhaps it was only a matter of time, but the popular culture world of influencers has finally caught up with the usually more scientific world of cybersecurity. Eagle-eyed watchers of social-media have noticed an uptick in follower-rich cybersecurity Twitter accounts running individualized adverts. Other popular accounts have since come out and denounced accepting payments for adverts as unethical in the world of cybersecurity.

In Case You Missed It

Cyber Security News & Trends – 11-15-19

This week, SonicWall meets a Russian ransomware cell, the first 2020 cyber-predictions are coming in, and cybersecurity has a color.


SonicWall Spotlight

Mindhunter: Meeting a Russian Ransomware Cell – SonicWall Webinar

  • On November 19, SonicWall will proudly present Mindhunter: my two-week conversation with a ransomware cell. Join SonicWall security expert Brook Chelmo as he gives you an inside look into the human-side of a modern ransomware cell, their advice on how to stop them from infiltrating your organization, encrypting your endpoints, and spreading to other drives and segments of your network.

Retail’s Weakness Is Cyber Crime’s Opportunity – Retail Technology Review

  • The festive shopping season is about to kick off with Black Friday 2019. Writing in Retail Technology Review, SonicWall CEO Bill Conner details the size and scale of cyberattacks over the same period last year and offers advice on to retailers on how to best protect themselves.

Attack on Labour Shows Need for DDoS Defence but Should Alarm Few – Computer Weekly (UK)

  • The UK Labour party’s website suffered a DDoS attack this week. While Cloudflare successfully prevented any major damage from occurring, the attack acts as a reminder that modern election campaigns need to ensure that their cybersecurity is prepared for anything. SonicWall’s Terry Greer-King provides commentary.

Cybersecurity News

Predictions 2020: This Time, Cyberattacks Get Personal – ZDNet

  • The first cyber predictions for 2020 have started rolling in. Initial contenders include the weaponizing of mergers and acquisitions data, deepfake scams, and the closing off of AI and Machine Learning data from outsiders.

Breach Affecting 1 Million Was Caught Only After Hacker Maxed out Target’s Storage – Ars Technica

  • A hacker breached an IT provider in May 2014, stealing data and creating a data archive on their server that went unnoticed for almost two years. The hack was only noticed in 2016 when the hackers archive grew so big the server ran out of disk space. The company have now been fined for failing to detect the breach.

Cybersecurity: Why More Needs to Be Done to Help Older People Stay Safe Online – ZDNet

  • Internet users are no longer just the young or most technologically up-to date. ZDNet argues that not enough is being done to protect less tech-savvy elderly people online.

As 5G Rolls out, Troubling New Security Flaws Emerge – Wired

  • 5G is entering use in major urban domains worldwide, and its uptake is likely only to increase rapidly. Despite this, major security vulnerabilities continue to be found, including 11 design flaws in a single recent study.

Cybersecurity Is an Asset, Not a Nuisance – Forbes

  • Forbes argues that a good way to think about cybersecurity is not as a nuisance but like the braking system on a race car. Without it, the potential top speed of the car would be considered reckless.

The Time to Tackle Cybersecurity in Self-Driving Cars is Now – Newsweek

  • Upcoming self-driving cars contain a myriad of computers connected both to each other and to many external networks. With cyberattacks a constant threat to systems worldwide, Newsweek argues that cybersecurity should be integral to the very design of cars from the ground up, not as an add-on at a later point.
And Finally

What Color Is Cybersecurity? – Forbes

  • A new large-scale study into how cybersecurity is talked about and advertised online has found the color code #235594 to be dominant in imagery.

In Case You Missed It