Posts

Cybersecurity News & Trends – 01-06-2022

Every week SonicWall collects the most compelling, trending and important interviews, media and news stories affecting your cybersecurity — just for you.

Happy New Year! While everyone was enjoying the holidays, SonicWall kept going with global industry news about the partner program, more mentions for the Threat Reports, and expert commentary by SonicWall executives.

Cybersecurity didn’t take a break either. Health Care IT News and Toronto City News surprised everyone with a report about the LockBit ransomware gang apologizing for hacking a children’s hospital. Forbes and Wired Magazine reported on the sale of Twitter user data. Bleeping Computer discovered that Amazon S3 is now encrypting all new data using AES-256 – by default! SC Magazine reports on a JAMA study that shows healthcare disruptions from ransomware attacks are probably underreported. And Dark Reading has released its BOLD Cybersecurity predictions for 2023. We only dared to mention two of the “scary” ones.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Goodbye 2022, Hello 2023: Experts Weigh in With Channel Expectations

MicroScope, SonicWall News: “Matt Brennan, vice-president of North America channel sales at SonicWall, believes the effects of supply chain disruption will continue to have an impact on 2023: “Supply chain challenges have wreaked havoc across most industries around the world. IT has been affected across the board. Because of these challenges, brand loyalty will fade. [Customers] won’t hesitate to make purchases they can get now rather than wait for a specific brand product later – fulfilment is critical, regardless of how long customers have been brand loyal.” Brennan adds that this will lead to a shift in the market as customers learn that “staying brand loyal is not necessary to run their businesses successfully”.

Tips for Health Systems on Managing Legacy Systems to Strengthen Security

HealthTech, SonicWall News: A lack of support from the manufacturer generally means a lack of security patches. As a result, devices running a legacy OS are easy targets for attackers — in fact, malware attacks on internet-connected devices spiked 123 percent in the first half of 2022, according to research from SonicWall.

Cybersecurity for Investors: Why Digital Defenses Require Good Governance

Yahoo! Finance, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Remote Monitoring, AI Research and Data at Risk: Healthcare Tech Predictions For 2023

BetaNews, SonicWall News: Healthcare could come under threat from geopolitical attacks believes Immanuel Chavoya, threat detection and response strategist at SonicWall. “When it comes to protecting against threats of geopolitically motivated attacks, the present call to action is to be proactive, rather than reactive, to an assault. Attacks such as targeted malware or vulnerability exploitation could be used to inflict chaos on critical infrastructure such as healthcare, electric utilities, financial institutions, and oil and gas. These attacks tie up resources, cause financial damage, and send a signal. In 2023, organizations and governments will need to be prepared by ensuring that they don’t have any issues that could become low-hanging fruit for attacks and closely monitor their network activity for quick identification of and reaction to any attack.

Future Tech Role of Partners

CRN (India), SonicWall News: Security threats are becoming increasingly sophisticated, and organizations are looking for proactive ways to secure their IT environments. Whether their environment is in the Cloud, on-premises or a hybrid, organizations look to managed security services providers (MSSPs) to provide the best-in-class security to protect their business and mitigate future risk.

SonicWall CEO: Partner Program Revamp on Tap for Early 2023

CRN, SonicWall News: As other vendors are increasing their prices, we’re actually doing the opposite,” he said. If a customer and a partner commit to buying three years of services—services that go with our solutions—what they end up getting is the firewall hardware at no charge. That translates to a double-digit price decrease savings.

Guardian Hit by Suspected Ransomware Attack

The Financial Times, SonicWall News: But the number of attacks has fallen by almost a quarter in the first half of this year, according to US security company SonicWall, partly because more organizations have refused to pay cyber criminals.

The Non-Stop Journey Towards ‘Zero Trust’

Canales Sectoriales (Spain), SonicWall News: According to Sergio Martínez, Country Manager of SonicWall, currently, only 11% of companies consider that they have sufficient internal computer capacity to deal with any cyberattack. It is estimated that more than 50% of companies that suffer a major cyberattack take more than five hours to detect it and, a significant number of them live with it for a few weeks or months.

Ways Governments Can Better Protect Public Data

Cyber Security Intelligence, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.

Risks That Could Impact Retail In 2023

BizCommunity, SonicWall News: Figures from SonicWall’s Biannual Report revealed that e-commerce and online retail businesses saw a 264% surge in the past 12 months in ransomware attacks alone. These statistics are extremely worrying for retail companies, so unsurprisingly, websites and digital security are at the forefront of retailers’ minds.

SonicWall Achieves Sales Record with The Help of The Distribution Channel

InfoChannel (Mexico), SonicWall News: 2022 has been a year of growth for SonicWall, especially for business partners, as announced by Eustolio Villalobos, general manager for Mexico, Central America and the Caribbean. Villalobos said that the company reached a record of internal sales in generation 7, SD-WAN and Wi-Fi 6 firewall solutions.

Unifying Efforts with Its SonicWall Channels Gains Ground in Latin America

eSemenal (Mexico), SonicWall News: Today we have seen how companies are more aware of the cybersecurity challenges they face and have understood that it is not a separate issue. Expanding issues such as hybrid work and 5G will be some of the main challenges next year, and companies regardless of their size will have to be prepared,” said Arley Brogiato, Sales Leader for SonicWall in Latin America.

According to the executive, sales of security solutions this year exceeded the company’s expectations globally, achieving higher growth than the prospect and a double-digit increase in its market shares.

Industry News

Lockbit Ransomware Group ‘Apologizes’ For Children’s Hospital Cyberattack

Health Care IT News hit us with a rather surprising story about a ransomware group that apologized for hitting a Toronto-based children’s hospital affiliated with the University of Toronto. For a bit of background, we went to Toronto City News and learned that on December 18, 2022, SickKids was hit with ransomware. Administrators reported delays with retrieving lab and imaging results. Other affected systems included employee timekeeping and pharmacy submissions. About ten days later, the hospital said that nearly half of the affected systems had been restored. Then an unexpected update.

LockBit ransomware group that provides affiliates access to malware for a cut of the ransom profits then issued an apology on the dark web on the last day of the year, which was then posted to Twitter. In the statement, the ransomware organization allegedly blamed a partner and offered a free decryptor for the hospital to unlock its data. Even with a ransomware group’s decryptor, healthcare organizations only recover about two-thirds of their files on average.

Twitter Data for Sale

Reported by ForbesWired, and posted on Twitter by @SonicWall, the close of 2022 saw hackers selling data stolen from 400 million Twitter users. The source, researchers say, is a widely circulated trove of email addresses linked to about 200 million users that were hacked out between June 2021 and January 2022, exploiting a bug in a Twitter application. The list on sale is likely a refined version of the larger batch with duplicate entries removed. According to the Forbes reporter, the hacker demanded $200,000 from Twitter for an “exclusive” sale of the data and warned that the social media platform could face a massive GDPR fine for failing to protect user data.

Twitter has not yet commented on the massive exposure. However, the cache of data clarifies the severity of the leak and who may be most at risk because of it.

Amazon S3 To Encrypt All New Data With AES-256

Bleeping Computer reported that Amazon Simple Storage Service (S3) would automatically encrypt all new objects added on buckets on the server side, using AES-256 by default.

While the server-side encryption system has been available on AWS for over a decade, the tech giant has enabled it by default to bolster security. As a result, administrators will not have to take any actions for the new encryption system to affect their buckets. In addition, Amazon promises it won’t have any negative performance impact.

The move follows two notable breaches related to Amazon S3 storage buckets, one in December 2017, leaked data from 123 million households and another in April 2019 of 540 million records of Facebook users. The reporter comments that had the data been encrypted, the leaks wouldn’t have had nearly as dire consequences for the exposed individuals. Amazon’s move to make server-side encryption a “zero-click” process is a fundamental step towards better security. It is bound to lessen the impact of upcoming data incidents that will inevitably happen.

JAMA: Underreported Healthcare Disruptions from Ransomware Attacks

SC Magazine reported on the findings from a new study published by the Journal of the American Medical Association (JAMA) that ransomware attacks on healthcare delivery organizations doubled between 2016 and 2021, from 43 reported attacks to 91. However, the study concludes that these numbers and impacts are likely underreported due to limited data from the incidents.

Across all sectors in the last year, security researchers struggled to gauge whether ransomware attacks were on the rise or stagnating. What’s clear is that attackers are getting smarter, and the cost to recover from these attacks is drastically increasing across all sectors — impacting cyber insurance coverage in the process.

In healthcare, the impacts of ransomware are readily seen in each hospital attack, confirming the patient safety risks posed by this extended network downtime. At least three global health systems are currently down after ransomware incidents which have led to care diversion, appointment cancellations and delays.

But as noted in JAMA, there’s not enough data to fully understand the minutiae of hospital impacts after ransomware. While the researchers noted the study’s limits, the data does shine a light on incident response and care disruptions.

The Boldest Cybersecurity Predictions for 2023

Dark Reading posted their “Predictions,” and as expected, they’re bold. Among the notable predictions “Automation is Finally Ready for Prime Time.” There’s been quite a lot of coverage on this issue, and predictions represent both boon and bane for network security teams. Automation could mean eliminating lower-level cybersecurity jobs, but industry observers also believe that more data always means more demand for higher-level analysts and engineers.

We thought this prediction paired nicely with another: “Scary AI & Machine Learning Gets Scarier.” Indeed, we saw evidence last year that shows cybercrime is using AI automation to weaponize deep fakes. Although we haven’t seen it in full practice yet, there’s good reason to believe it’ll be the go-to method for attackers in 2023 and beyond. Imagine seeing videos from people we know telling us it’s cool to share passwords (and other private information) with random callers. If that wasn’t scary enough, imagine ransomware teams using spoofed biometrics, fraudulent identity documents and synthetic identities.

And that’s just two of several they have that deserve a careful read.

SonicWall Blog

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Cybersecurity News & Trends – 12-16-2022

SonicWall curates important news stories and trends from all over the world to help you understand the state of cybersecurity.

SonicWall is on a roll with news from partners in Latin America and the big news that its next-generation firewalls won CRN’s prestigious 2022 Products of the Year Awards.

Industry news reveals that law enforcement from the US, Netherlands and the UK have ‘powered down’ a major DDoS service provider. This report has contributions from the US Department of Justice, the UK National Crime Agency, Tech Crunch, Hacker News, and Krebs on Security.

Reuters reported that a former Twitter employee earned 3-1/2 years of prison for spying for Saudi Arabia.

According to Bleeping Computer, Social Blade, a data analytics provider, was breached, and hackers are selling the data on a hacking forum.

Then from Hacker News, another large Australian company was hacked. This time, it’s TPG Telecom’s turn.

According to Dark Reading, the Iranian state-sponsored cyber-attack APT group known as ‘Charming Kitten’ is including murder for hire and kidnapping as part of its operations.

And finally, SCMagazine reports that Microsoft is blocking threat actors that obtained signed drivers to deploy ransomware. The story also advises that all Windows administrators and even home users install critical security updates as soon as possible.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Risks That Could Impact Retail In 2023

BizCommunity, SonicWall News: Figures from SonicWall’s Biannual Report revealed that e-commerce and online retail businesses saw a 264% surge in the past 12 months in ransomware attacks alone. These statistics are extremely worrying for retail companies, so unsurprisingly, websites and digital security are at the forefront of retailers’ minds.

SonicWall Achieves Sales Record with The Help of The Distribution Channel

InfoChannel (Mexico), SonicWall News: 2022 has been a year of growth for SonicWall, especially for business partners, as announced by Eustolio Villalobos, general manager for Mexico, Central America and the Caribbean. Villalobos said that the company reached a record of internal sales in generation 7, SD-WAN and Wi-Fi 6 firewall solutions.

Unifying Efforts with Its SonicWall Channels Gains Ground in Latin America

eSemenal (Mexico), SonicWall News: Today we have seen how companies are more aware of the cybersecurity challenges they face and have understood that it is not a separate issue. Expanding issues such as hybrid work and 5G will be some of the main challenges next year, and companies regardless of their size will have to be prepared,” said Arley Brogiato, Sales Leader for SonicWall in Latin America.

According to the executive, sales of security solutions this year exceeded the company’s expectations globally, achieving higher growth than the prospect and a double-digit increase in its market shares.

SonicWall Earns Multiple Channel Awards, Delivers More Value and Savings to Global Partner Community

PR Newswire, SonicWall News: SonicWall today announced that its next generation firewalls were a winner in CRN’s prestigious 2022 Products of the Year Awards, notching yet another award in an impressive run for the company that is diligently driving new and innovative strategies to its partners offset rising costs industry-wide.

2022 Cybersecurity Challenges and 2023 Predictions

Total Security Advisor, SonicWall News: Ransomware will continue to be a leading way for bad actors to leverage control and data to monetize hacking organizations. According to the SonicWall Cyber Threat Report, the global volume of ransomware is increasing by 98%. Although this number is down from a 105% increase in 2021, the frequency and dollars spent continue to grow. Globally, healthcare, financial services, manufacturing, and state and local governments continue to see a rise in the frequency of attacks. Interestingly, a growing trend in this game of cat and mouse is that you may pay the ransom and still not be set free from the hacker’s control.

The Art of Cyberwarfare: Sun Tzu and Cybersecurity

Solutions Numeriques (FR), Reprint from SonicWall Blog: SonicWall is organizing an event on this theme of the Art of War: December 15, presented by Guillaume Sevrin, SonicWall EMEA pre-sales manager.

Ransomware Gang Makes $100 Million

Cyber Security Intelligence, SonicWall News: The retail sector is a specific target for Hive ransom attacks and this confirmed by an authoritative threat report by SonicWall, which found that retailers saw a 90% increase in ransomware attacks in 2022, whereby hackers attempt to cripple their day-to-day infrastructure.

Why The Race to Deliver Products Faster Could Be Hampering Product Security

Business Reporter, SonicWall News: Combining these factors with the avalanche of cyber-attacks on connected devices makes the challenge even more insurmountable. According to SonicWall, the total number of malware attacks on IoT-enabled devices rose by 77 per cent in the first half of 2022 to an alarming 57 million. The number of “never-before-seen” malware variants, that are the hardest to defend against, also rose by 45 per cent in the period.

Infinigate To ‘Take Breath’ Before Shifting M&A Focus to Bolt-On Deals, UK Boss Reveals

CRN UK, SonicWall News: “Looking at the enlarged UK business, Griffiths said that Nuvias hands it “scale and power”. While Infinigate’s largest vendors were Progress Software and SonicWall, Nuvias held bigger partnerships with the likes of Juniper Networks.”

Chartered Status and Aligned Standards Are Crucial for The UK’s Cyber Sector

Computer Weekly, SonicWall News: SonicWall’s 2022 Cyber threat report states that ransomware incidents on governments across the globe increased by 1,885% last year, with the healthcare industry alone suffering a 755% increase.

Benefits Of VPN For Small Businesses

GIS User, SonicWall News: We recommend using a reliable VPN service that uses military-grade encryption, such as SonicWall VPN. It has a wide range of features and is very affordable. It is important to note that not all VPN services are created equal, so it is essential to do your research before choosing one.

Cyber Predictions for 2023

Cyber Magazine, SonicWall News: We can expect smaller scale attacks, for lower amounts of money, but which target a much broader base. The trend will probably hit education providers hard: education is already the sector most likely to be targeted by a malware, cryptojacking or encrypted attack, according to SonicWall’s 2022 Cyber Threat Report.

Industry News

Operation PowerOFF: Major DDoS Service Providers Hit Hard

The FBI working with law enforcement in California, Alaska, the Netherlands and the UK National Crime Agency, has shut down 50 domains involved in selling denial-of-service-for-hire tools to the public. In addition, six people in California and Alaska were charged with directing what are known as “booter” and “stressor” services. They are joined by one other individual from the UK whom authorities identified as a site administrator.

A booter service allows anyone to order DDoS attacks for a minimal monthly fee. They may have a simple front end and Web interface, email support, and detailed tutorials. The services often provide the user with a set of attack vectors and the ability to select a target and its IP address. The attacker can then use the service’s attack infrastructure to launch a DDoS attack. The service operators often prefer to use bitcoins as a payment method. Most of the booter services are run by teenagers or young adults. The service typically offers a variety of membership options and may include email support, detailed tutorials, and YouTube instructional exercises.

The sites seized were among the most extensive DDoS-for-hire services in the market. They had a six-month lifecycle and were typically located in North America, Israel, or Europe.

This summary is a compilation of contributions from the US Department of Justice, the UK National Crime AgencyTech CrunchHacker News, and Krebs on Security.

Ex-Twitter worker gets 3-1/2-year US prison term for spying for Saudi Arabia

From Reuters, a California judge sentenced an ex-Twitter employee to three and a half years in prison for spying for Saudi Arabia and sharing user data several years ago and potentially exposing users to persecution. According to a US Dept of Justice press release, Ahmad Abouammo was accused of being paid to obtain information about Twitter users who were critics and dissidents of the kingdom. One of the bribes was a Hublot watch that the man offered for sale on Craigslist for $42,000. Prosecutors also said that he received another $200,000.

Social Blade confirms breach after hacker posts stole user data

According to a report from Bleeping Computer, a data analytics tool known as Social Blade suffered a data breach after its database was stolen and up for sale on a hacking forum. Social Blade provides statistical graphs for YouTube, Twitter, Twitch, Daily Motion, Mixer, and Instagram, allowing customers to see estimated earnings and projects. According to Bleeping Computer, the attacker found a security gap to gain access. The data stolen includes usernames, email addresses, and password hashes. The company clarified that the security incident did not expose any credit card information.

Hackers Breach TPG Telecom Email Host

From HackRead, another large Australian company was hacked. This time, it’s TPG Telecom’s turn. According to a TPG Telecom letter, hackers breached their Microsoft Exchange server. Around 15,000 email accounts were affected, and these seemed to be owned by business users. The company also reported that hackers appeared to be searching for customers’ cryptocurrency and financial information. Neither the company nor other reports offered further details, but an investigation into the attack continues. Recent targets were also Optus telecom and Medibank private health services.

Iran-Backed Charming Kitten APT Eyes Kinetic Ops, Kidnapping

More information is trickling in about an Iranian-based cyber-attack group called TA453, but other researchers refer to it as Charming Kitten or Phosphorous. According to Dark Reading, this group is classified as a state-sponsored advanced persistent threat (APT). The group usually targets academics, researchers and journalists with sometimes deadly expertise. Attacks can begin with benign email conversations that last for weeks before the victim receives a message with malicious links or documents. For example, one victim was the press secretary for an American government official. A second target, an American academic, was sent a suspicious message by a hacked email account of a reporter. But the truly chilling thing about this group is that in the latest campaigns, researchers have observed more aggressive activity, which agents could use to support attempted “kinetic operations,” including murder for hire and kidnapping.

Microsoft blocks threat actors that obtained signed drivers to deploy ransomware

From SCMagazine’s threat intelligence reporters, Microsoft disclosed Tuesday that it suspended several developer program accounts that obtained drivers certified by its Windows Hardware Developer Program. The accounts, the report claims, likely deployed ransomware on telecommunications, outsourcing companies, MSSPs and financial services.

Certificates for the impacted files were revoked in Microsoft’s latest patch Tuesday on Dec. 13, and the seller accounts were suspended. In addition, Microsoft said it also implemented blocking detections against legitimately signed drivers being used maliciously for post-exploit activity. The Dec. 13’s Patch also includes fixes for 48 vulnerabilities found in its products, six of which were listed as critical.

This leads us to a general advisory for Windows administrators and users at home: install the Windows security updates released in September and now December as soon as possible.

SonicWall Blog

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Cybersecurity News & Trends – 12-09-2022

Bringing you curated cybersecurity news and trends from leading news outlets and bloggers that monitor IT security worldwide.

It’s the end of the year, and SonicWall still manages to produce headlines, including big news that its next-generation firewalls were a winner in CRN’s prestigious 2022 Products of the Year Awards.

From industry news, Dark Reading reports three ways attackers bypass cloud security. Then, Hacker News published a report about a new ‘Truebot’ malware variant that leverages the Netwrix auditor bug and the Raspberry Robin worm. From SC Magazine, we learned that most US defense contractors are failing basic cybersecurity requirements. Bleeping Computer reports that Rackspace confirms a ransomware attack caused the outage they experienced earlier this week. Krebs on Security lays out a new and devious attack strategy that targets executives of telemedicine companies. Finally, CyberNews reveals the weakest (and worst) passwords of 2022, with a retrospect from a report from Forbes. Despite all the news and the warnings, people are still using simple and very hackable passwords. Read these lists to see if your password is one of them.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

The Art of Cyberwarfare: Sun Tzu and Cybersecurity

Solutions Numeriques (FR), Reprint from SonicWall Blog: SonicWall is organizing an event on this theme of the Art of War: December 15, presented by Guillaume Sevrin, SonicWall EMEA pre-sales manager.

Ransomware Gang Makes $100 Million

Cyber Security Intelligence, SonicWall News: The retail sector is a specific target for Hive ransom attacks and this confirmed by an authoritative threat report by SonicWall, which found that retailers saw a 90% increase in ransomware attacks in 2022, whereby hackers attempt to cripple their day-to-day infrastructure.

Why The Race to Deliver Products Faster Could Be Hampering Product Security

Business Reporter, SonicWall News: Combining these factors with the avalanche of cyber-attacks on connected devices makes the challenge even more insurmountable. According to SonicWall, the total number of malware attacks on IoT-enabled devices rose by 77 per cent in the first half of 2022 to an alarming 57 million. The number of “never-before-seen” malware variants, that are the hardest to defend against, also rose by 45 per cent in the period.

SonicWall Earns Multiple Channel Awards, Delivers More Value and Savings to Global Partner Community

PR Newswire, SonicWall News: SonicWall today announced that its next generation firewalls were a winner in CRN’s prestigious 2022 Products of the Year Awards, notching yet another award in an impressive run for the company that is diligently driving new and innovative strategies to its partners offset rising costs industry-wide.

Infinigate To ‘Take Breath’ Before Shifting M&A Focus to Bolt-On Deals, UK Boss Reveals

CRN UK, SonicWall News: “Looking at the enlarged UK business, Griffiths said that Nuvias hands it “scale and power”. While Infinigate’s largest vendors were Progress Software and SonicWall, Nuvias held bigger partnerships with the likes of Juniper Networks.”

Chartered Status and Aligned Standards Are Crucial for The UK’s Cyber Sector

Computer Weekly, SonicWall News: SonicWall’s 2022 Cyber threat report states that ransomware incidents on governments across the globe increased by 1,885% last year, with the healthcare industry alone suffering a 755% increase.

Benefits Of VPN For Small Businesses

GIS User, SonicWall News: We recommend using a reliable VPN service that uses military-grade encryption, such as SonicWall VPN. It has a wide range of features and is very affordable. It is important to note that not all VPN services are created equal, so it is essential to do your research before choosing one.

Cyber Predictions for 2023

Cyber Magazine, SonicWall News: We can expect smaller scale attacks, for lower amounts of money, but which target a much broader base. The trend will probably hit education providers hard: education is already the sector most likely to be targeted by a malware, cryptojacking or encrypted attack, according to SonicWall’s 2022 Cyber Threat Report.

7 Steps to Future-Proof Your MSP Business and Stay Relevant

G2, SonicWall News: In 2021, SonicWall recorded 623.2 million ransomware attempts globally, an increase of 105% year-over-year. Just ransomware attacks.

Firewall Cybersecurity Providers You Should Know

Channel Futures, SonicWall News: Montenegro said SonicWall is a top NGFW provider. In March, SonicWall announced that 2021 was its best year on record. Propelled by the delivery of high-demand products, including the evolution of its Generation 7 NGFWs and a focus on its customers, SonicWall delivered record levels of sales and profitability in 2021.

How Remote Working Impacts Security Incident Reporting

CSO Online, SonicWall News: System- and endpoint-based security incident reporting and response can be negatively impacted by remote working too, says Immanuel Chavoya, emerging threat detection expert at SonicWall. “For instance, if the system flagged a user’s machine for a malware intrusion, there may be some delay in the security team being able to make any necessary updates, whereas, in person, the security engineer can immediately access the device and take any necessary action.

Malware, Spyware, and Ransomware: How They Differ and How to Respond

JD Supra, SonicWall News: Data from SonicWall Capture Labs revealed that the first half of 2022 saw an 11% increase in malware attacks compared to 2021, totaling around 2.8 billion attacks globally. Furthermore, over 2022, 35% of respondents have stated that poor preparedness was to blame when they experienced business-disrupting cyberattacks. Therefore, it is essential to take the necessary precautions to secure your device by installing the appropriate malware protection and recognizing the signs of an infected system.

Cybersecurity For Investors – Why Digital Defenses Require Good Governance

Seeking Alpha, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Study Shows the Worrying Human Cost of Cyber Attacks

Technology Magazine, SonicWall News: Research by SonicWall recently found there is growing concern regarding cyberattacks. Amongst 66% of organizations surveyed; ransomware leads the distress as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Ransomware Is the Biggest Concern for Most Organizations

HelpNetSecurity, SonicWall News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Industry News

3 Ways Attackers Bypass Cloud Security

Dark Reading reporting from the “Black Hat Europe” conference held in London this year focused on one presentation that discusses how recent cloud-focused malware campaigns demonstrate that adversary groups have intimate knowledge of cloud technologies and their security mechanisms. And not only that, but they are also using that knowledge to their advantage. Attackers, being very opportunistic, are capitalizing on mistakes committed by the cloud customer. So, the article proposes that successful attacks in the cloud have more to do with the user than the [cloud] service provider, per se. Perhaps the most interesting development with these attacks is that they target serverless computing and containers. The ease with which hackers can compromise cloud resources makes many people very uneasy.

New TrueBot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm

According to Hacker News, cybersecurity researchers reported an increase in TrueBot infections. These attacks primarily target Mexico, Brazil and Pakistan. Cisco Talos says the attackers behind the operation have moved from using malicious emails to alternative delivery methods, such as the exploitation of a now-patched remote code execution (RCE) flaw in Netwrix auditor that was exploited by the Raspberry Robin worm. Data theft and Clop ransomware execution were some of the significant aspects of the monitored activities. TrueBot is a Windows malware downloader. It’s been attributed to a threat actor identified by Group-IB Silence; a Russian-speaking crew believed to share an association with Evil Corp (aka DEV-0443) and T505.

Most US defense contractors fail basic cybersecurity requirements.

SC Magazine reports that nearly nine out of ten US defense contractors fail to meet bare cybersecurity minimums. The new stats are the product of a study conducted by CyberSheath where they surveyed 300 US-based Department of Defense (DoD) contractors. The survey found that just 13% of respondents score 70 or above in the Supplier Performance Risk System (SPRS), the Department of Defense’s primary system for assessing supplier and product risk for contractors who handle unclassified information. According to the Defense Federal Acquisition Regulation Supplement (DFARS), a score of 110 is required for full compliance.

Rackspace confirms outage was caused by ransomware attack

Bleeping Computer reports that the cloud computing provider Rackspace Technology, Inc. (NASDAQ: RXT) confirmed that a ransomware attack is behind an ongoing Hosted Exchange outage described as an “isolated disruption.” Rackspace says that the investigation, led by a cyber defense firm and its internal security team, is in its early stages with no info on “what, if any, data was affected.”

The cloud service provider says it will notify customers if it finds evidence that the attackers gained access to their sensitive information. The company also revealed during a press release and in their public 8-K SEC filing that it expects a loss of revenue due to the ransomware attack’s impact on its $30 million Hosted Exchange business.

New Ransom Payment Schemes Target Executives, Telemedicine

Ransomware groups constantly invent new ways to attack victims and convince them to pay. Krebs on Security reports that the new crop of strategies that have surfaced recently is particularly devious.

First, the ransomware group targets healthcare providers that offer online consultations and sends them booby-trapped records. The second one involves carefully editing executives’ emails at public companies to make it appear they were involved in insider trading.

The US Department of Health and Human Services (HHS) warned last month that Venus ransomware attacks had been detected against several US healthcare providers. Venus was first discovered in mid-August 2022. The group is also well-known for hacking into victims’ Remote Desktop services to encrypt Windows computers.

Venus group members have demonstrated a high-level ability to access victim agencies. However, the group has had difficulty getting paid. That’s why the change in strategies, Krebs believes, has led to attempted blackmail to frame public company executives for insider trading. Venus said it had recently succeeded in using a method that involved carefully editing email inboxes at victim firms to insert messages discussing plans for trading large volumes of company stock based on non-public information.

The Weakest (and worst) Passwords of 2022

We learned that despite growing cybersecurity awareness, old habits die hard. CyberNews reports that people still use weak passwords. They examined 56 million breached and leaked passwords in 2022 and discovered the password “123456” was used in 111,417 cases. Forbes ran a similar report in 2020 and found that the top two passwords on their list was found in 6,452,650 accounts. They also reported that many of these passwords take less than one second to crack. We recommend you click through to see if you use any of these passwords. If you are, then it is worth worrying about.

While most hacks are the product of phishing or ransomware attacks, a weak password opens you to a brute force attack that breaks into your account by guessing your password. Every password on both lists appears in a common database shared by hackers on the open web. That means the database is so common that a teenager with little knowledge can use automated software to probe thousands of accounts until they find yours.

Of the passwords scrutinized by the CyberNews report, around half (28 million) were ‘specific’ – consisting of a single simple name or word such as “dell.” About 5.5 million of these unique or specific passwords occurred multiple times. For instance, some use names of capital cities like “lima” (17,466) and “Rome” (17,407) and animal species such as “cat” (122,392) and “rat” (103,284). Again, whether these were chosen because of any personal significance to users or merely selected for their simplicity is unclear. These passwords can be just as easily hacked as well.

What’s clear from these two reports is that – despite all the terrible news about cyber threats and ransomware – there’s still a legion of ‘culprits’ out there who can’t be bothered to use password-managing apps or spend more time and effort creating complex combinations. And with this lack of attention or concern, cybersecurity takes a hit. These passwords not only spell bad news for users who abuse their cybersecurity but everyone else they associate with and communicate with.

SonicWall Blog

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Cybersecurity News & Trends – 12-02-2022

Each week SonicWall curates the cybersecurity industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall is on a roll with cyber news reporters and bloggers. Check out the line-up, and you’ll see a steady pace of SonicWall in the news with our marketing initiatives, the Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey.

Speaking of steady paces, the news from the industry hasn’t slowed either. Dark Reading reports that the cybersecurity forecast for 2023 is more disruption. Security Magazine reports on the realization that hackers are getting behind the psychological effect of their attacks. Krebs on Security explains how ConnectWise quietly patched a flow that helped phishers. According to Hacker News, hackers sign android malware apps with compromised platform certificates. The Record reports that several major car brands have begun fixing vulnerabilities that would have allowed hackers to remotely control the locks, engine, horn, headlights, and trunk of certain cars made after 2012. SC Magazine tells us that most US defense contractors fail basic cybersecurity requirements. And finally, Dark Reading offers details on how CISA’s strategic plan is ushering in a new era for cybersecurity.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Chartered Status and Aligned Standards Are Crucial For The UK’s Cyber Sector

Computer Weekly, SonicWall News: SonicWall’s 2022 Cyber threat report states that ransomware incidents on governments across the globe increased by 1,885% last year, with the healthcare industry alone suffering a 755% increase.

Benefits Of VPN For Small Businesses

GIS User, SonicWall News: We recommend using a reliable VPN service that uses military-grade encryption, such as SonicWall VPN. It has a wide range of features and is very affordable. It is important to note that not all VPN services are created equal, so it is essential to do your research before choosing one.

Cyber Predictions for 2023

Cyber Magazine, SonicWall News: We can expect smaller scale attacks, for lower amounts of money, but which target a much broader base. The trend will probably hit education providers hard: education is already the sector most likely to be targeted by a malware, cryptojacking or encrypted attack, according to SonicWall’s 2022 Cyber Threat Report.

7 Steps to Future-Proof Your MSP Business and Stay Relevant

G2, SonicWall News: In 2021, SonicWall recorded 623.2 million ransomware attempts globally, an increase of 105% year-over-year. Just ransomware attacks.

Firewall Cybersecurity Providers You Should Know

Channel Futures, SonicWall News: Montenegro said SonicWall is a top NGFW provider. In March, SonicWall announced that 2021 was its best year on record. Propelled by the delivery of high-demand products, including the evolution of its Generation 7 NGFWs and a focus on its customers, SonicWall delivered record levels of sales and profitability in 2021.

How Remote Working Impacts Security Incident Reporting

CSO Online, SonicWall News: System- and endpoint-based security incident reporting and response can be negatively impacted by remote working too, says Immanuel Chavoya, emerging threat detection expert at SonicWall. “For instance, if the system flagged a user’s machine for a malware intrusion, there may be some delay in the security team being able to make any necessary updates, whereas, in person, the security engineer can immediately access the device and take any necessary action.”

Malware, Spyware, and Ransomware: How They Differ and How to Respond

JD Supra, SonicWall News: Data from SonicWall Capture Labs revealed that the first half of 2022 saw an 11% increase in malware attacks compared to 2021, totaling around 2.8 billion attacks globally. Furthermore, over 2022, 35% of respondents have stated that poor preparedness was to blame when they experienced business-disrupting cyberattacks. Therefore, it is essential to take the necessary precautions to secure your device by installing the appropriate malware protection and recognizing the signs of an infected system.

Cybersecurity For Investors – Why Digital Defenses Require Good Governance

Seeking Alpha, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Study Shows the Worrying Human Cost of Cyber Attacks

Technology Magazine, SonicWall News: Research by SonicWall recently found there is growing concern regarding cyberattacks. Amongst 66% of organizations surveyed; ransomware leads the distress as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Ransomware Is the Biggest Concern for Most Organizations

HelpNetSecurity, SonicWall News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

The Four Biggest Security Risks Facing Retailers in The Next Five Years

Retail Week, SonicWall News: Research shows the retail sector has been one of the top targets among cybercriminals, with a surge of more than 200% in ransomware attacks over the past year, according to SonicWall. Many retailers went through a digital transformation during the pandemic to allow customers to switch from in-store to online purchasing, which created more vulnerabilities and avenues for cybercrime.

Weekly Roundup

Channel Pro Network, SonicWall News: The recent 2022 SonicWall Cyber Threat Mindset Survey, including third quarter information, reported that customers saw an average of 1,014 ransomware attempts, a flood even though the total dropped 31% below attempts in 2021. 91% reported they were most concerned about ransomware attacks, a rising source of anxiety for security professionals. Ransomware-as-a-Service offerings make it easy to attack, and perpetrators are increasingly targeting financial firms with cryptojacking attempts, which were up 35% in the quarter. SonicWall’s Real-Time Deep Memory Inspection tools identified 375,756 malware variants never seen before during the first three quarters of 2022.

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape

European Business, SonicWall News: Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.”

Industry News

Cybersecurity Forecast: More Disruption

SonicWall reported an 11% increase in malware attacks in the first half of 2022 compared to 2021. This equates to around 2.8 billion global attacks. This report by Dark Reading predicts that 2023 will witness more of the same. Cyberattacks highlight one of the changes in advanced persistent threat attacks (APTs) in the last year. In 2022, geopolitical tensions escalated, and cyber operations entered the fray as a tactical tool. Experts say that while Russia and other countries have used cyberattacks to support military operations, the current war is the longest-running cyber operation and will continue to do so.

The Microsoft Threat Intelligence Centre reports that military conflict will become a driving force behind APT group formations in the next year.

The Psychological Warfare of Ransomware Attacks

Sun Tzu correctly stated that military leaders should choose easy battles they know they can win. In a report from Security Magazine, cyberwar experts talk about how hackers know their capabilities and keep improving their techniques to pull off sophisticated attacks with little brute force. IBM data shows that ransomware has been the most common form of attack over three years and accounted for 21% of all attacks. Not only are businesses with large pockets targeted, but so are other organizations. Hackers also target less well-known victims.

The Los Angeles School District, one of the largest in the country, recently fell victim to a ransomware attack. Following the attack, US law enforcement warned Americans school districts could see a rise in attacks due to the sensitive nature of student data.

Hackers understand how to weaponize attacks. They know that few people will shed tears when corporate entities are the victim. By targeting delicate information about a loved one, people are more easily coerced. Simply put, hackers are waging psychological warfare to get the money they seek, and technology alone isn’t enough to stop them from accomplishing their end goal.

ConnectWise Patches a Flaw That Helped Phishers

ConnectWise offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs). According to Krebs on Security, the vendor is warning of a sophisticated phishing attack that could allow attackers to take remote control of user systems if recipients click the link. This warning comes weeks after the company patched a vulnerability that made it easier for hackers to launch these attacks. According to a researcher, the ConnectWise client executable files are generated using client-controlled parameters. An attacker could create a ConnectWise client download link to bounce or proxy remote connections from MSP’s servers to a server the attacker controls.

Hackers Sign Android Malware Apps with Compromised Platform Certificates

Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be linked to malicious apps. According to The Hacker News, researchers discovered that Android apps run with a highly-privileged user ID – android.uid.system. This user ID has system permissions, including access to user data. A rogue app can be signed with the same certificate to gain access to all the privileges of the Android operating system. This allows it to steal sensitive information from any compromised device. The platform certificate is used to sign an application with system images.

Big Bugs Under the Hood

Several major car brands have begun fixing vulnerabilities that would have allowed hackers to remotely control the locks, engine, horn, headlights, and trunk of certain cars made after 2012, according to report from The Record.

In some cases, an attacker may scan the vehicle’s VIN number to compromise the apps. VINs are easily found through the windshield on a dashboard. As a result, Hyundai has updated its app. Sirius, which offers wireless broadcasting services to car owners, also updated its mobile application.

Although the vulnerability has been fixed, the root issue is an access control vulnerability that affects the app’s user accounts. If you had their email address, you could log in to any account and remotely locate their vehicle. Security experts stated that attacks could literally happen “from anywhere.”

Most US Defense Contractors Fail Basic Cybersecurity Requirements

According to SC Magazine, nearly nine out of ten US defense contractors fail to meet basic cybersecurity minimums, according to research commissioned by CyberSheath. According to the research, 13% of the 300 US-based Department of Defense contractors scored 70 or higher in the Supplier Performance Risk System. This is the primary system used by the Department of Defense to assess supplier and product risk. Contractors who work with unclassified information are not subject to this score. A score of 110 is required to comply with the Defense Federal Acquisition Regulation Supplement (DFARS).

CISA’s Strategic Plan Is Ushering in a New Cybersecurity Era

Today’s cyber environment requires less emphasis on detection and perimeter defenses and more focus on bolstering security with resilience, according to a report from Dark Reading. The federal government once again indicated that the traditional cybersecurity approach, based on perimeter defenses and prevention, is failing. In the last two years, ransomware has been used to attack 76% of organizations, while 66% were affected by at least one supply chain attack. The Cybersecurity and Infrastructure Security Agency (CISA) is now the latest federal entity to overhaul cybersecurity best practices. This underscores the need for drastic changes to withstand today’s dynamic threat landscape.

SonicWall Blog

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority – Amber Wolff

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Cybersecurity News & Trends – 11-18-2022

Approaching the year’s close, SonicWall is still surging among news organizations and bloggers. We see numerous mentions of our marketing initiatives, the Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey.

And it’s also quite a week for Cybersecurity news. For our big read, we focus on renewed warnings from CISA about the Log4j2 vulnerability compiled from reports by CISA, MSSP Alert, and Hacker News. Next up, Krebs on Security reports on the Disneyland Team, a financial cybercrime group that spoofs bank brands with a dab of Punycode. According to Dark Reading, thousands of RDS snapshots are getting leaked to the public, possibly exposing personal information. Now we have poisoned Google search results to worry about? Bleeping Computer reveals that threat actors are using a new tactic to boost search results for illicit websites. And finally, as Twitter troubles mount, TechCrunch and NBC News speculate that it may not be safe to use the platform anymore.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Malware, Spyware, and Ransomware: How They Differ and How to Respond

JD Supra, SonicWall News: Data from SonicWall Capture Labs revealed that the first half of 2022 saw an 11% increase in malware attacks compared to 2021, totaling around 2.8 billion attacks globally. Furthermore, over 2022, 35% of respondents have stated that poor preparedness was to blame when they experienced business-disrupting cyberattacks. Therefore, it is essential to take the necessary precautions to secure your device by installing the appropriate malware protection and recognizing the signs of an infected system.

Cybersecurity For Investors – Why Digital Defenses Require Good Governance

Seeking Alpha, SonicWall News: Cyberattacks are very costly. In the first half of 2022, at least 2.8 billion malware attacks were recorded globally, an increase of 11% over the previous 12 months, according to cybersecurity company SonicWall.

Study Shows the Worrying Human Cost of Cyber Attacks

Technology Magazine, SonicWall News: Research by SonicWall recently found there is growing concern regarding cyberattacks. Amongst 66% of organizations surveyed; ransomware leads the distress as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Ransomware Is the Biggest Concern for Most Organizations

HelpNetSecurity, SonicWall News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

The Four Biggest Security Risks Facing Retailers in The Next Five Years

Retail Week, SonicWall News: Research shows the retail sector has been one of the top targets among cybercriminals, with a surge of more than 200% in ransomware attacks over the past year, according to SonicWall. Many retailers went through a digital transformation during the pandemic to allow customers to switch from in-store to online purchasing, which created more vulnerabilities and avenues for cybercrime.

Weekly Roundup

Channel Pro Network, SonicWall News: The recent 2022 SonicWall Cyber Threat Mindset Survey, including third quarter information, reported that customers saw an average of 1,014 ransomware attempts, a flood even though the total dropped 31% below attempts in 2021. 91% reported they were most concerned about ransomware attacks, a rising source of anxiety for security professionals. Ransomware-as-a-Service offerings make it easy to attack, and perpetrators are increasingly targeting financial firms with cryptojacking attempts, which were up 35% in the quarter. SonicWall’s Real-Time Deep Memory Inspection tools identified 375,756 malware variants never seen before during the first three quarters of 2022.

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape

European Business, SonicWall News: Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.

Report: Ransomware Attacks Trending Down in the United States

Security Today, SonicWall News: SonicWall recently released new threat data through the third quarter of 2022. SonicWall recorded more than 4 billion malware attempts globally while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. In the recent 2022 SonicWall Cyber Threat Mindset Survey, 91% of organizations reported that they are most concerned about ransomware attacks, indicating a rise of anxiety among security professionals.

Ransomware on the decrease and the ghost of ransom past?

IT Canada, SonicWall News: SonicWall’s 2022 Cyber Threat report was published this week. It claims that ransomware attacks shrunk by 23 per cent on a year-to-date worldwide basis over 2021. That’s good news, perhaps, but to put it in perspective, there were still over 236 million attacks so far in 2022. Moreover, the reduced 2022 number is still larger than the full year totals of 2017, 2018 and 2019.

2022 Cyber Threat Report Details Growing Trends

TechRepublic, SonicWall News: The cyberthreat landscape is constantly evolving, with new attacks developing every day. In their new report, SonicWall explores some of the most dangerous trends that security professionals need to have on their radar.

Economic Strife Fuels Cyber Anxiety

HelpNetSecurity, SonicWall News: The 2022 SonicWall Threat Mindset Survey found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Industry News

Big Read: Log4j2 – the Threat CISA Doesn’t Want You to Forget

A little over a year ago, everyone was shocked by the Apache Log4j2 vulnerability because it affected any applications that use its extensive logging libraries. Log4j touches most Java applications and has a wide range of configuration options. As a result, an attacker could exploit a system running Log4j2 (or previous iterations) and execute arbitrary code.

This week, the US Cybersecurity and Infrastructure Security Agency (CISA) returned with a new reminder of the trouble Log4j2 vulnerabilities can still cause. In the latest report, the agency lays out details relating to MITRE ATT&CK tactics and techniques with guidance on what IT and security professionals can do to protect their systems.

MSSP Alert issued a report in August about a warning issued by the Microsoft Threat Intelligence Center (MSTIC) and Microsoft 365 Defender Research Team about an Iran-based threat actor calling themselves Mercury (aka “MuddyWater”) and exploiting Log4j 2 vulnerabilities in SysAid applications. MSPs use SysAid for IT service management (ITSM), ticket automation, task automation, asset management and patch management.

As reported in August by Hacker News, Mercury left no stone unturned to exploit unpatched systems running Log4j. They targeted Israeli entities but also other organizations, which gives some indication of the vulnerability’s ’long tail’ for ongoing and continuing attacks. The attacks were notable for using SysAid Server instances unsecured against the Log4Shell flaw as an approach for access. Prior to this method, threat actors leveraged VMware applications to breach target environments.

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security reports on the Disneyland Team, a financial cybercrime group that spoofs bank brands using Punycode, an internet standard that allows browsers to render domain names with non-Latin alphabets such as Cyrillic. The tactic makes confusing-looking domains appear more legitimate. Click the link to the original report to see the ‘defanged’ version of the actual URLs. As a feature of the tactic, you may see extra dots or other characters in the URL, but they might not register as real input.

According to the report, the gang had been operating numerous Punycode-based Phishing domains for much of this year. They’re Russian-speaking and may be based in Russia — but they’re not a phishing gang per se. Rather, this group uses phony bank domains with malicious software already secretly installed on a victim’s computer.

The group steals money from victims infected with a potent strain of Microsoft Windows-based banking malware known as Gozi 2.0/Ursnif (Gozi). Gozi specializes in collecting credentials and is mainly used for attacks on client-side online banking to facilitate fraudulent bank transfers. Gozi also allows attackers to connect to a bank’s website using the victim’s computer.

Thousands of Amazon RDS Snapshots Are Leaking Out to the Public

Dark Reading report that Amazon’s Relationship Database Service (RDS) may be a target for hackers. Researchers at Mitiga discovered a way to scan and clone sensitive data from RDS storage volume snapshots. Administrators typically store these image files separately in a database. Hackers could copy the images if the database is shared with others or exposed to the internet. In addition, researchers said that hackers could find the source of the images and threaten to release them if the organization doesn’t pay them. The researchers discovered 2,783 images from around the globe, of which 810 were public. Mitiga suggests that RDS administrators and users take security precautions to encrypt their RDS volume snapshots.

Poisoned Google Search Results?

BleepingComputer reveals that threat actors abuse Google’s Looker Studio (formerly Google Data Studio) to boost search engine rankings for illicit websites that promote spam, torrents, and pirated content. The SEO poisoning attack analyzed by BleepingComputer uses Google’s datastudio.google.com subdomain to lend credibility to malicious domains. BleepingComputer says they came across several pages of Google search results flooded with datastudio.google.com links after a concerned reader reported seeing the erratic behavior. These links, rather than representing a legitimate Google Data Studio project, are minisites that host links to pirated content. For example, one search result sends users looking to “Download Terrifier 2 (2022)” to bit.ly links that redirect them multiple times to land on spammy websites. Additionally, the poisoning campaign uses a keyword stuffing technique, often considered a form of ‘spamdex’ to boost rankings of illicit domains.

Twitter Troubles

TechCrunch reports that Cybercriminals quickly capitalized on Twitter’s ongoing verification chaos by sending phishing emails designed to steal the passwords of unwitting users. Soon after the verification chaos ensued, hackers launched a phishing email campaign to lure Twitter users into posting their usernames and password on an attacker’s website disguised as a Twitter help form. Additionally, an email was sent from a Gmail account to a Google Doc with another link to a Google Site, which lets users host web content. The fact that they set this up within hours of the launch of Twitter’s new verification program speaks to the hackers’ agility and ability to take advantage of emerging threats.

After a series of layoffs and resignations by critical executives at Twitter, NBC News asked if it is still safe even to use Twitter. Cybersecurity experts they interviewed said that the firings and resignations at Twitter had made the platform more vulnerable to attacks from scammers, organized crime and hostile governments. Others opined that Twitter was quickly becoming a dangerous place for scams and that the theft of personal information added to a growing sense of chaos around the service, which Elon Musk purchased last month for $44 billion.

SonicWall Blog

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

Cybersecurity News & Trends – 11-11-2022

We start with SonicWall’s surging attention from industry news. There were a lot of mentions of our Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey. Financial Times was among them, and we included that one for Industry News.

It’s the end of the year and publications have started their “Top Trends for 2023” cycle. This first harvest is our big read and includes predictions from Forbes and ZDNet. We will revisit this topic as more publications release their editorial perspectives. Then the Financial Times asks the very reasonable question when companies face ransomware: is there a case for paying up? This report includes analysis and data from SonicWall’s mid-year 2022 Cyber Threat Report. Next, Bleeping Computer reports that hackers are selling access to 576 corporate networks for $4 million. And finally, a ‘Knock Knock’ joke that nobody is laughing about, from Dark Reading.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Study shows the worrying human cost of cyber attacks

Technology Magazine, SonicWall News: Research by SonicWall recently found there is growing concern regarding cyberattacks. Amongst 66% of organizations surveyed; ransomware leads the distress as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Ransomware is the biggest concern for most organizations

HelpNetSecurity, SonicWall News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

The four biggest security risks facing retailers in the next five years

Retail Week, SonicWall News: Research shows the retail sector has been one of the top targets among cybercriminals, with a surge of more than 200% in ransomware attacks over the past year, according to SonicWall. Many retailers went through a digital transformation during the pandemic to allow customers to switch from in-store to online purchasing, which created more vulnerabilities and avenues for cybercrime.

Weekly Roundup

Channel Pro Network, SonicWall News: The recent 2022 SonicWall Cyber Threat Mindset Survey, including third quarter information, reported that customers saw an average of 1,014 ransomware attempts, a flood even though the total dropped 31% below attempts in 2021. 91% reported they were most concerned about ransomware attacks, a rising source of anxiety for security professionals. Ransomware-as-a-Service offerings make it easy to attack, and perpetrators are increasingly targeting financial firms with cryptojacking attempts, which were up 35% in the quarter. SonicWall’s Real-Time Deep Memory Inspection tools identified 375,756 malware variants never seen before during the first three quarters of 2022.

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape

European Business, SonicWall News: Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.

Report: Ransomware Attacks Trending Down in the United States

Security Today, SonicWall News: SonicWall recently released new threat data through the third quarter of 2022. SonicWall recorded more than 4 billion malware attempts globally while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. In the recent 2022 SonicWall Cyber Threat Mindset Survey, 91% of organizations reported that they are most concerned about ransomware attacks, indicating a rise of anxiety among security professionals.

Ransomware on the decrease and the ghost of ransom past?

IT Canada, SonicWall News: SonicWall’s 2022 Cyber Threat report was published this week. It claims that ransomware attacks shrunk by 23 per cent on a year-to-date worldwide basis over 2021. That’s good news, perhaps, but to put it in perspective, there were still over 236 million attacks so far in 2022. Moreover, the reduced 2022 number is still larger than the full year totals of 2017, 2018 and 2019.

2022 Cyber Threat Report Details Growing Trends

TechRepublic, SonicWall News: The cyberthreat landscape is constantly evolving, with new attacks developing every day. In their new report, SonicWall explores some of the most dangerous trends that security professionals need to have on their radar.

Economic Strife Fuels Cyber Anxiety

HelpNetSecurity, SonicWall News: The 2022 SonicWall Threat Mindset Survey found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Ransomware In the US Is Down 51% Compared To 2021

Security Magazine, SonicWall News: There were more than 4 billion malware attempts globally in Q3, while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. However, ransomware levels in the United States are trending down, with a decrease of 51% of ransomware attack volume compared to 2021 levels.

Ransomware Attacks Are Down This Year – But That’s Not Really a Great Thing

TechRadarPro, SonicWall News: Despite it never being easier to launch a ransomware (opens in new tab) attack, the number of such incidents has actually dropped year-on-year, a new report from cybersecurity company SonicWall has claimed. The company’s latest threat intelligence paper, covering Q3 2022, says that in the US alone, the number of ransomware attacks was cut in half (-51%). However, other parts of the world came into focus, with attacks rising by 20% in the UK, 38% in the EMEA region, and 56% in APJ, compared to the same timeframe, last year.

Hackers Increasingly Targeting IoT Devices

TechMonitor, SonicWall News: In the last quarter of this year there has been a 98% rise in malware detected targeting IoT (internet of things) devices, according to a new report by threat intelligence agency SonicWall. It comes as the number of never-before-seen malware variants also spiked, rising by 22% year-on-year.

Industry News

Big Read: The Top Cybersecurity Trends for 2023

The last several years have been especially hard for cybersecurity, so much, so that board room meetings are the setting for detailed threat reports and network security assessments. Of course, they have. Losses from attacks – because of regulatory penalties to practical marketing – have increased dramatically. So, we thought we’d start looking at what the industry is thinking about for 2023.

Forbes gives us a tidy list of considerations for 2023. They predict more significant impacts from IoT devices and cloud security, ongoing and shifting work-from-home cybersecurity priorities, growing state-sponsored attacks, AI in cybersecurity, and the mechanics of building a security-aware culture.

ZD Net looked at the same topic and landed on a few notable trends: the continuing shortage of cybersecurity-ready workers and more significant threats to the supply chain, notably from industrial espionage. ZD also added to our worry list vulnerability from Web3, specifically blockchain, cryptocurrency and token-based economics. ZD Net concludes that today’s security problems are still to be fixed, and evolving technologies mean there will be new challenges.

Ransomware Attacks: Is There a Case for Paying Up?

Ransoms are not new to crime. Nor is the question of whether to pay or not. But it’s a genuine and rational consideration for companies facing ransomware attacks. Imagine watching your data and network locked down, employees idle, and hackers taunting you with demand payments in exchange for the encryption key. Ransoms exploded in 2020-2021 after work-from-home made everyone more susceptible to attacks and hacks.

The Financial Times observes that the tide appears to be turning from the recorded onslaught. In its mid-year 2022 Cyber Threat Report, Sonic­Wall identified a 23% drop in ransomware attempts. And the downtrend is partially attributed to the increase in organizations willing to pay cybercriminals.

According to SonicWall, some victims have become more reluctant to pay due to growing awareness that many ransomware criminals are linked to Russia. Targets could therefore risk violating sanctions — and incurring civil penalties — if they sent them money. Then again, some victims may be worried that the money could fund the Russian government’s actions and object to paying a ransom on ethical grounds.

Selling Access to 576 Corporate Networks for $4 Million

Bleeping Computer reports that a new report shows that hackers are selling access to 576 corporate networks worldwide for a total cumulative sales price of $4,000,000, fueling attacks on the enterprise. The research comes from Israeli cyber-intelligence firm KELA which published its Q3 2022 ransomware report, reflecting stable activity in the sector of initial access sales but a steep rise in the value of the offerings. The report describes the role of Initial Access Brokers (IABs) in selling access to corporate networks using credentials that have been stolen, webshells or other exploited vulnerabilities in publicly available hardware. Once they have gained access to the network, the threat agents sell access to other hackers who harvest data, run ransomware, and conduct malicious activities. This is proof that access is now a growing hacker commodity with appreciating market value.

China is Likely Stockpiling and Deploying Vulnerabilities

The Register notes that increased espionage and cyberattacks are linked to a new law that requires network and device vulnerabilities to be reported to Beijing. Microsoft has asserted that China’s offensive cyber capabilities have improved thanks to a rule that has allowed Beijing to create an arsenal of unreported software vulnerabilities. China’s 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard information on vulnerabilities and pick and choose their attack.

The ‘Knock, Knock’ Joke that Isn’t

Sounds like the opening to a joke, but it isn’t. Dark Reading reports that an Aiphone bug literally allows cyberattackers to open physical doors. The issue was narrowed down to a vulnerability in a series of popular digital door-entry systems offered by Aiphone. The vulnerability enables hackers to breach the entry systems simply by using a mobile device armed with near-field communication. According to the report, the devices in question (GT-DMB-N, GT-DMB-LVN, and GT-DB-VN) are used by high-profile customers, including the White House and the United Kingdom’s Houses of Parliament.

A researcher discovered the vulnerability with the Norwegian security firm Promon, who also found no limit to the number of times someone can enter an incorrect password on some Aiphone door-lock systems.

In case you missed…

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

SonicWall Capture ATP Earns 100% ICSA Threat Detection Rating for Sixth Straight Quarter – Amber Wolff

Ten Cybersecurity Books for Your Late Summer Reading List – Amber Wolff

Cybersecurity News & Trends – 10-28-22

SonicWall brings you important news stories and trends affecting your security. It’s Cybersecurity Awareness Week. Stay safe!

In this week’s Cybersecurity News, SonicWall got a lot of coverage from several leading industry and business journals with new mentions of our Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey.

From Industry News, our big read is on the high stress and burnout rates among IT response teams faced with a steady onslaught of attacks, with contributions from ZDNet, Dark Reading, Wall Street Journal and Forbes. From Security Magazine, CISA released the first iteration of critical infrastructure cybersecurity performance goals. It’s not a spellbinding read, but it shows where the national focus is heading. From Bleeping Computer, the tabloid newspaper New York Post was hacked with offensive headlines that targeted politicians. Late breaking news, the hack was an inside job. TechCrunch says business startups need to do a better job with cybersecurity, noting that the DOJ declared 2021 as the “worst year” for ransom attacks and that 2022 might soon overtake that record. Finally, Hacker News reports that hackers from the Daixin Team are targeting health organizations with ransomware.

It’s still Cybersecurity Awareness Month. Keep an eye on the SonicWall blog for updates and remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

2022 Cyber Threat Report Details Growing Trends

TechRepublic, SonicWall News: The cyberthreat landscape is constantly evolving, with new attacks developing every day. In their new report, SonicWall explores some of the most dangerous trends that security professionals need to have on their radar.

Economic Strife Fuels Cyber Anxiety

HelpNetSecurity, SonicWall News: The 2022 SonicWall Threat Mindset Survey found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Ransomware In the US Is Down 51% Compared To 2021

Security Magazine, SonicWall News: There were more than 4 billion malware attempts globally in Q3, while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. However, ransomware levels in the United States are trending down, with a decrease of 51% of ransomware attack volume compared to 2021 levels.

Ransomware Attacks Are Down This Year – But That’s Not Really a Great Thing

TechRadarPro, SonicWall News: Despite it never being easier to launch a ransomware (opens in new tab) attack, the number of such incidents has actually dropped year-on-year, a new report from cybersecurity company SonicWall has claimed. The company’s latest threat intelligence paper, covering Q3 2022, says that in the US alone, the number of ransomware attacks was cut in half (-51%). However, other parts of the world came into focus, with attacks rising by 20% in the UK, 38% in the EMEA region, and 56% in APJ, compared to the same timeframe, last year.

Hackers Increasingly Targeting IoT Devices

TechMonitor, SonicWall News: In the last quarter of this year there has been a 98% rise in malware detected targeting IoT (internet of things) devices, according to a new report by threat intelligence agency SonicWall. It comes as the number of never-before-seen malware variants also spiked, rising by 22% year-on-year.

Ransomware Down This Year – But There’s a Catch

The Register, SonicWall News: The number of ransomware attacks worldwide dropped 31 percent year-over-year during the first nine of months 2022, at least as far as SonicWall has observed. But don’t get too excited. While that may sound like great news, there’s a catch. According to SonicWall CEO Robert VanKirk, the decline follows a record-setting spike in 2021. Without that outlier, the ransomware rate this year shows a steady increase over 2017 through 2020. In fact, the nine-month total of 338.4 million ransomware attempts this year is more than the full-year totals in every year except 2021.

Latest SonicWall Intelligence Reveals Unstable Cyber Threat Landscape

PR Newswire, SonicWall News: SonicWall recorded more than 4 billion malware attempts globally while year-to-date ransomware attempts in 2022 have already exceeded full-year totals from four of the last five years. In the recent 2022 SonicWall Cyber Threat Mindset Survey, 91% of organizations reported that they are most concerned about ransomware attacks, indicating a rise of anxiety among security professionals.

Seven Things You Need to Know About No-Code Tools

TechPoint, SonicWall in the News: Cyberattacks have risen globally, with more people working from home due to the coronavirus pandemic. According to the 2022 Cyber Threat Report released by cybersecurity company, SonicWall, governments witnessed a 1,885% rise in ransomware attacks.

How High Touch Technologies Renewed Their Cyber Insurance Policy

Security Boulevard, SonicWall in the News: The massive spike in ransomware attacks in 2021 – up 105% worldwide, according to SonicWall – left cyber insurance companies facing an exponential increase in claims at the end of last year. In response, insurers tightened their requirements this year, releasing a long list of specific conditions companies now need to meet in order to qualify for a policy.

For Most Companies’ Ransomware Is the Scariest of All Cyberattacks

HelpNetSecurity, SonicWall in the News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Ingram Micro Ties Up with SonicWall to Expand Their Security Services

CRN (India), SonicWall in the News: SonicWall has designed its MSSP Program to offer a broad suite of cyber defense tools and capabilities to extend end-to-end network security. Ingram Micro will distribute all SonicWall products through its extensive partner network across India, Bangladesh, Bhutan, Maldives, Nepal and Sri Lanka.

Industry News

Big Read: Cybersecurity teams at their breaking point

Our big read for the week is on the growing number of reports of IT network security teams hit was stress and burnout. Faced with an utterly endlessly expanding threat landscape, companies report high absenteeism and turnover rates. So the big question is, should we be worried?

First up, ZDNet reports that cybersecurity professionals are “reaching their breaking point” as ransomware attacks increase and create new risks for people and businesses, according to a global study of 1,100 cybersecurity professionals. The report says that one-third are considering leaving their role in the next two years due to stress and burnout. And Dark Reading cited the same study, noting that more than half (54%) of those surveyed told researchers ransomware attacks had put a strain on their mental health, while a full 56% say their job gets more challenging each year. And the stress is severely eroding IT Team’s feeling of personal responsibility if an attack is successful, comparing last year, when 71% of respondents said they felt “very personally responsible” compared to this year at 57%.

Earlier this month, Wall Street Journal reported that IT teams that respond to hacks say they are stretched thin as attacks become more proliferate. They cite that teams work on multiple cases simultaneously and that the onslaught of attacks contributes to burnout. In addition, the report points out that hackers often launch attacks on weekends or before major holidays. For example, a ransomware attack on meatpacker JBS USA Holdings Inc. occurred at the start of the Memorial Day weekend in 2021. In the case of the Los Angeles Unified School District, school systems were hit on Labor Day weekend, forcing incident responders from the Cybersecurity and Infrastructure Security Agency and the district to work well into the night on a Sunday.

Forbes published an article about the cost of maintaining cybersecurity defenses in the face of mounting threats, citing a Gartner survey that says 88% of respondents consider cybersecurity a business risk, and 66% intend to increase cybersecurity spending to enhance their defensive postures in the years to come. The focus on investment, they say, will be on people, processes, and technology. They may have to add counseling to some of that cost.

CISA Releases Critical Infrastructure Cybersecurity Performance Goals

Security Magazine: The Cybersecurity and Infrastructure Security Agency (CISA) has released the first iteration of the Cross-Sector Cybersecurity Performance Goals (CPGs). The National Security Memorandum (NSM)-5, titled “Improving Cybersecurity Control Systems” requires CISA to work with the National Institute of Standards and Technology (NIST) to develop baseline cybersecurity goals that are consistent across all critical infrastructure sectors. Alongside NIST, CISA will regularly update goals at least every 6 to 12 months and will work with Sector Risk Management Agencies (SRMAs) to build on this foundation to develop sector-specific goals. Not an exciting read, but it does help us understand where the national focus is headed.

New York Post Hacked with Offensive Headlines Targeting Politicians

BleepingComputer: The tabloid newspaper New York Post confirmed yesterday that it was hacked after its website and Twitter account were used by the attackers to publish offensive headlines and tweets targeting Democrat politicians. The New York Post updated today that one of its employees (now fired) was behind the incident.

Business Startup Need to do Better with Cybersecurity

TechCrunch: Back in 2021, the Department of Justice (DOJ) famously declared 2021 as the “worst year” for ransomware attacks, but according to SonicWall’s own reporting, that title could be in 2022’s hands very soon. Despite some rare wins in the war against hackers over the past 12 months — from the government’s seizure of $2.3 million in bitcoin paid out to the Colonial Pipeline hackers, to its successful disruption of the notorious REvil gang — the ransomware threat continues to grow. Over the past few months alone, we’ve seen threat actors ramping up attacks against public sector organizations, including hospitals, schools and in the case of Costa Rica, entire governments. The private sector is also battling a worsening ransomware threat, with attackers claiming a number of high-profile victims such as AMD, Foxconn and Nvidia.

Hackers Targeting Health Organizations with Ransomware

The Hacker News: U.S. cybersecurity and intelligence agencies published a joint advisory warning of attacks perpetrated by a cybercrime gang that is primarily targeting the healthcare sector in the country. According to the warning, the Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations since at least June 2022.

The alert was published Friday by the Federal Bureau of Investigation (FBI), Over the past four months, the group has been linked to multiple ransomware incidents in the Healthcare and Public Health (HPH) sector, encrypting servers related to electronic health records, diagnostics, imaging, and intranet services.

It’s also said to have exfiltrated personal identifiable information (PII) and patient health information (PHI) as part of a double extortion scheme to secure ransoms from victims.

SonicWall Blog

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

SonicWall Third-Party Threat Performance: Seven Times Superior – Amber Wolff

Q3 2022 Threat Intelligence Highlights Changing Threat Environment in 2022 – Amber Wolff

Securing Your Credentials: Does Your Password Pass the Test? – Amber Wolff

The Power of Patching: Why Updating Your Software Should Be a Top Priority

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi
SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

SonicWall Capture ATP Earns 100% ICSA Threat Detection Rating for Sixth Straight Quarter – Amber Wolff

Ten Cybersecurity Books for Your Late Summer Reading List – Amber Wolff

CoinDesk TV Covers Cryptojacking with Bill Conner – Bret Fitzgerald

First-Half 2022 Threat Intelligence: Geopolitical Forces Rapidly Reshaping Cyber Frontlines – Amber Wolff

2022 CRN Rising Female Star – Bret Fitzgerald

Cybersecurity News & Trends – 10-14-22

SonicWall curates important news stories and trends that’s affecting our security. It’s Cybersecurity Awareness Week. Stay safe!

In this week’s roundup, SonicWall held a solid global appearance in several leading industry and business journals with new mentions of our Cyber Threat Reports and the 2022 SonicWall Threat Mindset Survey.

In Industry News, there were so many events that we set aside the “big read” because it’s all a big read. Earlier this week, a dozen or more websites operated by US airports were taken down by the Russian hacker gang known as KillNet, according to Washington Post and Reuters. The CISA is keeping an eye on email servers, a known weakness in the nation’s cybersecurity. SecurityWeek and Dark Reading pulled together reports on a hack of Intel’s latest chip development, the Alder Lake BIOS project. The GAO issued a report critical of cybersecurity coordination among the nation’s law enforcement agencies. Bleeping Computer reported a story that almost seems quaint in the age of record-breaking ransomware. A judge in Puerto Rico sentenced a former college student to 13 months of imprisonment for cyberstalking and hacking the social media accounts of more than 100 students (most were female). Krebs on Security reported on an investigation by a US Senator that some US banks are stiffing victims of account takeovers. And finally, the Kaspersky blog published the results of an eye-opening survey of SMBs that shows (among other things) that only 39% have an IT disaster recovery plan.

It’s Cybersecurity Awareness Month. Keep an eye on the SonicWall blog for updates and remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

How High Touch Technologies Renewed Their Cyber Insurance Policy

Security Boulevard, SonicWall in the News: The massive spike in ransomware attacks in 2021 – up 105% worldwide, according to SonicWall – left cyber insurance companies facing an exponential increase in claims at the end of last year. In response, insurers tightened their requirements this year, releasing a long list of specific conditions companies now need to meet in order to qualify for a policy.

For Most Companies’ Ransomware Is the Scariest of All Cyberattacks

HelpNetSecurity, SonicWall in the News: SonicWall released the 2022 SonicWall Threat Mindset Survey which found that 66% of customers are more concerned about cyberattacks in 2022, with the main threat being focused on financially motivated attacks like ransomware.

Ingram Micro Ties Up with SonicWall to Expand Their Security Services

CRN (India), SonicWall in the News: SonicWall has designed its MSSP Program to offer a broad suite of cyber defense tools and capabilities to extend end-to-end network security. Ingram Micro will distribute all SonicWall products through its extensive partner network across India, Bangladesh, Bhutan, Maldives, Nepal and Sri Lanka.

Cybercriminals Are Having It Easy with Phishing-as-a-Service

HelpNetSecurity, SonicWall in the News: In this interview for Help Net Security, Immanuel Chavoya, Threat Detection Expert at SonicWall, talks about phishing-as-a-service (PaaS), the risks it can pose to organization, and what to do to tackle this threat.

SonicWall Survey: Vast Majority of Customers Most Worried About Ransomware

Channel Futures, SonicWall in the News: The 2022 SonicWall Threat Mindset Survey found two-thirds (66%) of customers are more concerned about cyberattacks in 2022. In addition, the SonicWall survey shows ransomware leads the distress, as 91% of all customers cited it as their biggest concern. Phishing and spear-phishing (76%), as well as encrypted malware (66%), comprised the top three concerns.

Can MSPs get cyber security ‘right’ for SMEs?

Microscope, SonicWall in the News: Terry Greer-King, vice-president for EMEA and APJ at SonicWall, says the biggest thing MSPs can do for SME customers is to simplify it. “Most people in security see the complexity of it, but an SME needs to be protected from the complexity,” he says. The main point is to ensure the SME is protected “at all levels”, says Greer-King, but MSPs “can typically get too into the weeds, particularly towards the trend of increasingly complex breaches and growing expertise from bad actors.”

New cryptojacking campaign exploits OneDrive vulnerability

CSO Online. SonicWall in the News: Cryptojacking cases rose by 30% to 66.7 million in the first half of 2022, up 30% over the first half of 2021, according to the 2022 SonicWall Cyber Threat Report. The financial sector witnessed a 269% increase in cryptojacking attacks, according to the report.

Study Shows 91% Of Organizations Fear Ransomware Attacks

Technology Magazine, SonicWall in the News: Amid an economic downturn, staffing shortages and endless cyberattacks, financially motivated attacks are the top concern among IT professionals.

SonicWall Backs Cybersecurity Awareness Month, Places Emphasis on Empowering People

M2, SonicWall in the News: This year’s theme – ‘See Yourself in Cyber’ – demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people.

Lapsus$ Hit Uber

Cyber Security Intelligence, SonicWall in the News: SonicWall’s mid-year threat report found that malware rose by 2.8 billion globally in the last year. Other findings include encrypted threats has 132% increase to 4.8 billion; finance sector experiences the highest IoT malware attempts up 151%; and IoT Malware is up 134% in the UK and 228% in the US.

The Growing Cybersecurity Threats Facing Retailers

TechMonitor, James Musk Interview: Tech Monitor news editor Matthew Gooding spoke to James Musk, UK sales director at SonicWall, about the company’s research into the types of attacks being used against retailers. They also discuss what businesses can do to protect themselves, and how they can ensure staff are vigilant when it comes to spotting potential cyber breaches.

Industry News

US Airport Websites Hacked, TSA Issues New Cybersecurity Requirements

According to several news outlets, hackers briefly took down websites owned by several major US airports on Monday after a pro-Russian hacker group called for them to be hacked. The websites fell to a series of DDoS (distributed denial of service) attacks. Several airports were targeted, including Chicago, Los Angeles, Atlanta, New York and possibly a dozen more. According to Washington Post, a pro-Russian group called KillNet claimed responsibility. However, they also reported there was no disruption to the operation of the airports, and the attacks only affected public-facing web interfaces dedicated to public information such as flights and services. The follow-up to that attack came a few days later, according to Reuters when the Transportation Security Administration (TSA) said it plans to issue new cybersecurity requirements for some critical aviation systems. While all news reports indicate that hackers did not disrupt airport operations, TSA noted that it previously “updated its aviation security programs to require airport and airline operators designate a cybersecurity coordinator and report cybersecurity incidents, conduct a cybersecurity assessment, and develop remediation measures and incident response plans.”

CISA: Email Servers are Vulnerable

Hackers are attracted to email servers because they contain a wealth of information about employees and their work, as well as attachments and messages that hackers can use to access data. An attacker could use hacked email systems to gain access to an organization’s network to steal data or spy on them. CISA (Cybersecurity and Infrastructure Security Agency) reported last week that hackers accessed a defense contractor’s network through Microsoft Exchange vulnerabilities. The report doesn’t reveal how the hackers got into the network or whether they did any other damage. However, at least one attacker compromised the administrator account and worked from there. The CISA letter was unclear whether these breaches resulted from zero-day vulnerabilities reported earlier. Researchers say that attackers were unnoticed by the victim’s system for several months.

Intel Chip Source Code Cracked?

Intel has confirmed that some of its UEFI source code was leaked, according to SecurityWeek. Someone with a Twitter account made the announcement that about 6 Gb of source code for the Alder Lake BIOS (Intel’s codename for its 12th generation Core processors) had been made public on GitHub and other websites. Intel blamed the leak on an unnamed third party, adding that the company “does not believe this exposes, or creates, any new security vulnerabilities as we do not rely on obfuscation of information as a security measure.” But experts interviewed by Dark Reading disagree. Researcher Mark Ermolov noted, “A very bad thing happened: now, the Intel Boot Guard on the vendor’s platforms can no longer be trusted.” In addition, the researchers at Hardened Vault pointed out the code could be particularly useful for malicious actors who want to reverse engineer the code to find vulnerabilities.

US Agency is Critical of Cybersecurity Coordination for Law Enforcement

Many countries’ law enforcement agencies are more aware of the growing ransomware attacks on local and regional government departments. But agencies often don’t coordinate their work, making tracking attacks difficult. The Government Accountability Office recently reported the same problem in the United States. According to the report, the FBI, Secret Service, and Cybersecurity and Infrastructure Security Agency offer help but lack detailed information sharing and analysis procedures, cybersecurity review and assessment, and incident response.

Student Jailed for Hacking Female Classmates’ Email, Snapchat Accounts

From Bleeping Computer, a judge in Puerto Rico sentenced an ex-student of the University of Puerto Rico (UPR) to 13 months’ imprisonment for hacking into the accounts of 12 female colleagues via Snapchat and email. Ivan Santell-Velazquez pleaded guilty to cyberstalking and admitted having targeted more than 100 students. US Attorney Muldrow stated that “this individual engaged in phishing, spoofing strategies to steal information.” Santell-Valazquez not only targeted dozens of student email addresses but also hacked into several university email accounts to collect personal information through phishing and spoofing attacks.

Between 2019 and 2021, he hacked the Snapchat accounts of several female students and stole nude images. These photos were later shared with others and ended up online. At least in one case, he used nude images stolen from the victim’s Snapchat account to harass her through text messages. The suspect also shared the stolen images on Twitter and Facebook.

Are US Banks Stiffing Account Takeover Victims?

US financial institutions have a legal obligation to stop illegal transactions if US customers have their online banking accounts stolen and plundered by hackers. New data this week shows that account takeover victims at some of the country’s biggest banks are more common than ever but that some of the largest banks are not reimbursing victims as expected.

According to Krebs on Security, Sen. Elizabeth Warren opened an investigation into fraud linked to Zelle, a “peer-to-peer” digital payment service that allows customers to send money quickly to their friends and families. Sen. Warren reports that “overall, the three banks that provided complete data sets reported 35,848 cases of scams, involving over $25.9 million of payments in 2021 and the first half of 2022.” The report continues, “In the vast majority of these cases, the banks did not repay the customers that reported being scammed. Overall these three banks reported repaying customers in only 3,473 cases (representing nearly 10% of scam claims) and repaid only $2.9 million.”

Cyber-Resilience During a Crisis

Now that we have years of experience dealing with year-over-year record malware and ransomware attacks, how well are small and medium businesses staying cyber-prepared? Kaspersky dove into the thick of it with a revealing survey of 1,300 decision-makers and business owners in small and medium-sized businesses in 13 countries.

One of the big numbers that caught our eye: only 39% of respondents indicated they had an IT disaster recovery plan. Another one? A shocking 31% of companies said they would consider using pirated software to save money in times of crisis. Another eye-opener stat: if hit by a crisis, companies must rely on IT functions to keep transactions moving, secure customer data, and connect suppliers with a business. However, just 31% of business managers or owners say they are confident they could keep their IT and information security functions stable if they had to cut costs on IT.

In Case You Missed It

Think Before You Click: Spotting and Stopping a Phish – Amber Wolff

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

SonicWall Capture ATP Earns 100% ICSA Threat Detection Rating for Sixth Straight Quarter – Amber Wolff

Ten Cybersecurity Books for Your Late Summer Reading List – Amber Wolff

CoinDesk TV Covers Cryptojacking with Bill Conner – Bret Fitzgerald

First-Half 2022 Threat Intelligence: Geopolitical Forces Rapidly Reshaping Cyber Frontlines – Amber Wolff

2022 CRN Rising Female Star – Bret Fitzgerald

Enhance Security and Control Access to Critical Assets with Network Segmentation – Ajay Uggirala

Three Keys to Modern Cyberdefense: Affordability, Availability, Efficacy – Amber Wolff

BEC Attacks: Can You Stop the Imposters in Your Inbox? – Ken Dang

Cybersecurity in the Fifth Industrial Revolution – Ray Wyman

Cybersecurity News & Trends – 10-07-22

Each week SonicWall curates the cybersecurity industry’s most compelling, trending and important interviews, media and news stories — just for you.

This week, SonicWall made another strong appearance in global industry and business news with executive interviews and mentions of our Cyber Threat reports.

In Industry News, the big read is an old story that is growing more urgent. Bloomberg reports hackers have found the cruelest twist in the growing use of business email compromises to target homebuyers, with contributions from the FBI’s IC3, and SonicWall. According to Cyberscoop, US intelligence officials revealed that hackers maintained deep access inside the US military organizational network. The Register reports that the US Department of Energy believes utility security is so bad that they’re offering rate cuts and free services to help improve it. Hacker News reports that hackers have found a way to leverage a weakness in the App Mode in Chromium browsers to enact stealth phishing attacks. Binance blockchain hit by $570 million crypto hack, according to Reuters and Bleeping Computer. From HackRead, researchers discovered that Iranian state hackers are spreading Android spyware disguised as a VPN app. And from DarkReading, there are seven IoT devices that make our security professionals cringe. Can you guess what they are?

Remember especially during Cybersecurity Awareness Month, that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Can MSPs get cyber security ‘right’ for SMEs?

Microscope, SonicWall in the News: Terry Greer-King, vice-president for EMEA and APJ at SonicWall, says the biggest thing MSPs can do for SME customers is to simplify it. “Most people in security see the complexity of it, but an SME needs to be protected from the complexity,” he says. The main point is to ensure the SME is protected “at all levels”, says Greer-King, but MSPs “can typically get too into the weeds, particularly towards the trend of increasingly complex breaches and growing expertise from bad actors.”

New cryptojacking campaign exploits OneDrive vulnerability

CSO Online. SonicWall in the News: Cryptojacking cases rose by 30% to 66.7 million in the first half of 2022, up 30% over the first half of 2021, according to the 2022 SonicWall Cyber Threat Report. The financial sector witnessed a 269% increase in cryptojacking attacks, according to the report.

Study Shows 91% Of Organizations Fear Ransomware Attacks

Technology Magazine, SonicWall in the News: Amid an economic downturn, staffing shortages and endless cyberattacks, financially motivated attacks are the top concern among IT professionals.

SonicWall Backs Cybersecurity Awareness Month, Places Emphasis on Empowering People

M2, SonicWall in the News: This year’s theme – ‘See Yourself in Cyber’ – demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people.

Lapsus$ Hit Uber

Cyber Security Intelligence, SonicWall in the News: SonicWall’s mid-year threat report found that malware rose by 2.8 billion globally in the last year. Other findings include encrypted threats has 132% increase to 4.8 billion; finance sector experiences the highest IoT malware attempts up 151%; and IoT Malware is up 134% in the UK and 228% in the US.

The Growing Cybersecurity Threats Facing Retailers

TechMonitor, James Musk Interview: Tech Monitor news editor Matthew Gooding spoke to James Musk, UK sales director at SonicWall, about the company’s research into the types of attacks being used against retailers. They also discuss what businesses can do to protect themselves, and how they can ensure staff are vigilant when it comes to spotting potential cyber breaches.

Why retail stores are more vulnerable than ever to cybercrime

IFSEC Global, SonicWall Threat Report Mention: Figures from SonicWall’s Biannual Report revealed that ecommerce and online retail businesses saw a 264% surge in the past 12 months in ransomware attacks alone. These kinds of statistics are extremely worrying for retail businesses, so it is unsurprising that websites and digital security are at the forefront of retailers’ minds.

These steps can help keep colleges from being easy targets for cyberattacks

HigherEd Dive, SonicWall Byline from Immanuel Chavoya, and SonicWall mention: A cybersecurity strategist outlines cultural and technical changes to help institutions stave off attacks like malware or business email compromise. Recent data from SonicWall revealed surging attacks across the board in the first half of the year, with the overall education industry seeing a 110% spike in IoT malware attacks and a 51% increase in ransomware — despite a global decline in ransomware attacks.

SonicWall’s Matt Brennan Talks New Leadership and Taking ‘Outside-In’ Approach

CRNtv, SonicWall Interview with Matt Brennan: With a New CEO and Matt Brennan taking on the role as channel chief at SonicWall, Brennan discusses some of the changes partners can expect from the new leadership and winning a CRN 2022 Annual Report Card Award.

The Soaring Threat Going Undetected

Blockchain Tribune, SonicWall Byline from Immanuel Chavoya: The popularity of cryptocurrencies has increased, not only in their overall market value but also in the number of people looking to digital currencies to generate totally independent revenue. While some do this through investing and selling cryptocurrency directly, others are turning to transaction processing (cryptomining) to turn a profit.

3 Cybersecurity Solutions Likely to Gain Traction In 2022 And Beyond

Cyber Defense Magazine, SonicWall Threat Report Mention: In June 2021, there were nearly 78.4 million ransomware attacks worldwide. This implies that about 9.7 ransomware attempts per consumer were made for every business day.

Industry News

Big Read: Hackers Target Eager Homebuyers with a Scam That Keeps Working

This week’s big read comes mostly from Bloomberg, reporting that hackers have found the cruelest twist in the growing use of BEC (business email compromises): they’re targeting homebuyers.

BEC scams target every industry, but hackers are focusing on eager homebuyers eager to close a purchase on their dream home. Overwhelmed with paperwork and emails, the buyer believes they are transferring funds for a down payment but mistakenly hands thousands of dollars to hackers. The hack, say investigators, is cunning if not vicious. Hackers take advantage of the flurry of activity between buyers and sellers and inject themselves into the middle of the transaction at the most critical moment by omitting a tiny detail in an email (e.g., a spelling error or extra character) that could flag someone that it is a fake. As a result, this form of wire fraud is proliferating, often intercepting wire transfers of tens of thousands of dollars for down payments on homes and wiping out potential buyers’ nest eggs.

In March this year, a cybercrime branch of the FBI known as the Internet Crime Complaint Center (IC3) reported that they receive an average of more than 2,300 crime complaints per day (about one complaint every 37 seconds), with BECs schemes averaging 552,000 per year over the last five years. In 2021, victims of BECs reported losses of nearly $7 billion, a 7% increase over 2020.

Bloomberg’s report features stories from individuals who lost up to $150,000 in one transfer by a couple trying to buy a condo in Boston. In one case, hackers tried to steal $30,000 by sending fake statement claims to a construction company in Long Island, NY. An investigator followed the trail of similar scams and uncovered more than $9 million in stolen funds affecting more than 50 victims spanning several business sectors.

October is National Cybersecurity Awareness Month, and SonicWall is using this opportunity to spotlight the role of individuals in stopping attacks. Also, as part of our campaign, we’re offering tips on how everyone can be more aware and protect themselves from the bad guys – because cybersecurity is everyone’s business.

Hackers Had Deep Access Inside US Military Organizational Networks

Cyberscoop reports that law enforcement and intelligence officials revealed on Tuesday that sophisticated hackers infiltrated a likely US military contractor and maintained “persistent, long-term” access to their system.

The National Security Agency, the Cybersecurity and Infrastructure Security Agency and the FBI released a detailed, joint advisory containing the notification, explaining that in November 2021, CISA responded to a report of malicious activity on an anonymous “Defense Industrial Base (DIB) Sector organization’s enterprise network.”

CISA uncovered the compromise and reported that some intruders had “long-term access to the environment.” After breaking in, officials said, hackers leveraged an open-source toolkit known as Impacket to “programmatically” construct and manipulate network protocols.

Binance Blockchain Hit by a $570 million Crypto Hack

Reuters reports that a blockchain linked to Binance, the world’s largest crypto exchange, has been hit by a $570 million hack, a Binance spokesperson said on Friday, the latest in a series of hacks to hit the crypto sector this year.

A report from Bleeping Computer adds that hackers stole tokens from a blockchain “bridge” used in the BNB Chain, known until February as Binance Smart Chain. Blockchain bridges are tools used to transfer cryptocurrencies between different applications. Criminals have increasingly targeted them, with about $2 billion stolen in 13 various hacks, mostly this year. Zhao said that the hackers stole around $100 million worth of crypto in his tweet. The BNB Chain blog claims that the hacker withdrew a total of 2 million of the BNB cryptocurrency worth around $570 million.

Department of Energy Offers Helping Hand to Bolster Utility Cybersecurity

The Register reports that the US Department of Energy is proposing regulations to financially reward cybersecurity modernization at power plants by offering rate deals for everything from buying new hardware to paying for outside help. In a notice of proposed rulemaking posted Oct 6, the DoE said the time was right “to establish rules for incentive-based rate treatments” for utilities making investments in cybersecurity technology. The DoE said these included products and services and information like plans, policies, procedures, and other information related to cybersecurity tech. For example, industrial systems used in power plants are known as soft spots due to older software. Much of the equipment used in operational technology (OT) environments are not designed to connect securely to the internet and can’t be configured safely.

Hackers Use’ App Mode’ in Chromium Browsers for Stealth Phishing Attacks

Hackers are always looking for new ways to take advantage of weaknesses in our internet use. According to Hacker News, the latest is using the Application Mode feature in Chromium-based web browsers can be abused to create “realistic desktop phishing applications.” Application Mode is designed to offer native-like experiences in a manner that causes the website to be launched in a separate browser window while also displaying the website’s favicon and hiding the address bar. Hackers can leverage this behavior to resort to some HTML/CSS trickery, display a fake address bar on top of the window, and fool users into giving up their credentials on rogue login forms. If that wasn’t bad enough, an attacker-controlled phishing site could use JavaScript to take more actions, such as closing the window immediately after the user enters the credentials or resizing and positioning it to achieve the desired effect.

It’s worth noting that the mechanism works on other operating systems, such as macOS and Linux, making it a potential cross-platform threat. However, the attack’s success is predicated on the attacker already having access to the target’s machine.

Iranian State Hackers are Spreading RatMilad Android Spyware Disguised as a VPN App

An Iranian hacking group is using new Android spyware in an extensive campaign primarily targeting enterprise users, according to HackRead. The group involved in this campaign goes by “AppMilad,” while the spyware being used is dubbed “RatMilad.” It can perform a wide range of malicious actions after it is installed on a victim’s device, including functionalities like file manipulation, audio recording, and application permission modification. In addition, AppMilad has devised a campaign to get the malicious app sideloaded onto unsuspecting users’ devices. Zimperium examined a spyware sample using the VPN and phone number spoofing app, which was identified as Text Me.

Another live RatMilad sample was distributed through a Text Me variant called NumRent. Moreover, scammers have developed a product website to distribute the app and socially engineer targets to believe that it is a legit app.

7 IoT Devices That Make Us Cringe

Researchers at DarkReading honored Cybersecurity Awareness Month, noting that in cybersecurity if it isn’t one thing, it’s another 14.4 billion things that’ll get you. That’s about how many Internet of Things (IoT) devices will increase globally by the end of the year, according to some analyst estimates. The Dark Reading crew thought it was only fitting to roast the types of IoT devices that are most likely to make security and privacy people cringe. Our read on the story is that it offers a bit of levity along with some serious insight into why these devices are insecure, bizarrely impractical, or just downright creepy in the kind of data they collect about our lives and our businesses. The IoT devices they included in their list: WiFi connected surveillance cameras, smart toilets, digital license plates, smart speakers, smart kitchen appliances, robotic vacuum cleaners, and smart locks. Enjoy the full story for a complete description of the vulnerabilities to help shore up security at work and at home.

In Case You Missed It

National Cybersecurity Awareness Month Spotlights the Role of Individuals in Stopping Attacks – Amber Wolff

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

SonicWall Capture ATP Earns 100% ICSA Threat Detection Rating for Sixth Straight Quarter – Amber Wolff

Ten Cybersecurity Books for Your Late Summer Reading List – Amber Wolff

CoinDesk TV Covers Cryptojacking with Bill Conner – Bret Fitzgerald

First-Half 2022 Threat Intelligence: Geopolitical Forces Rapidly Reshaping Cyber Frontlines – Amber Wolff

2022 CRN Rising Female Star – Bret Fitzgerald

Enhance Security and Control Access to Critical Assets with Network Segmentation – Ajay Uggirala

Three Keys to Modern Cyberdefense: Affordability, Availability, Efficacy – Amber Wolff

BEC Attacks: Can You Stop the Imposters in Your Inbox? – Ken Dang

SonicWall CEO Bill Conner Selected as SC Media Excellence Award Finalist – Bret Fitzgerald

Cybersecurity in the Fifth Industrial Revolution – Ray Wyman

Cybersecurity News & Trends – 09-30-22

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets.

For our big read last week, we covered the ongoing story about the ChromeLoader Malware. This week, we’re covering a possibly bigger story about spear phishing hackers who have also weaponized well-known and widely used open-source software. This story has contributions from Microsoft, ARS Technica, and Infosecurity Magazine. According to Hacker News, attackers hid malware in a Microsoft Windows logo to set off a cyberattack against governments in the Middle East. According to Krebs on Security and Bleeping Computer, two new and previously unknown Zero-Day flaws have cropped up in Exchange Server, and as of this moment, Microsoft does not have a fix ready to deploy. And if the thought of going into the weekend with weaponized open-sourced software was unsettling, how about deepfakes in your email or text messaging? According to TrendMicro (with a bit of help from DarkReading), hackers are ‘this close’ to using deepfake technology.

Meanwhile, you’ll notice in this week’s list of news that SonicWall is doing very well in the global news circuit with good hits in education, healthcare and retail.

Remember that cybersecurity is everyone’s business. Be safe out there!

SonicWall News

Why retail stores are more vulnerable than ever to cybercrime

IFSEC Global, SonicWall Threat Report Mention: Figures from SonicWall’s Biannual Report revealed that ecommerce and online retail businesses saw a 264% surge in the past 12 months in ransomware attacks alone. These kinds of statistics are extremely worrying for retail businesses, so it is unsurprising that websites and digital security are at the forefront of retailers’ minds.

These steps can help keep colleges from being easy targets for cyberattacks

HigherEd Dive, SonicWall Byline from Immanuel Chavoya, and SonicWall mention: A cybersecurity strategist outlines cultural and technical changes to help institutions stave off attacks like malware or business email compromise. Recent data from SonicWall revealed surging attacks across the board in the first half of the year, with the overall education industry seeing a 110% spike in IoT malware attacks and a 51% increase in ransomware — despite a global decline in ransomware attacks.

SonicWall’s Matt Brennan Talks New Leadership and Taking ‘Outside-In’ Approach

CRNtv, SonicWall Interview with Matt Brennan: With a New CEO and Matt Brennan taking on the role as channel chief at SonicWall, Brennan discusses some of the changes partners can expect from the new leadership and winning a CRN 2022 Annual Report Card Award.

The Soaring Threat Going Undetected

Blockchain Tribune, SonicWall Byline from Immanuel Chavoya: The popularity of cryptocurrencies has increased, not only in their overall market value but also in the number of people looking to digital currencies to generate totally independent revenue. While some do this through investing and selling cryptocurrency directly, others are turning to transaction processing (cryptomining) to turn a profit.

3 Cybersecurity Solutions Likely to Gain Traction In 2022 And Beyond

Cyber Defense Magazine, SonicWall Threat Report Mention: In June 2021, there were nearly 78.4 million ransomware attacks worldwide. This implies that about 9.7 ransomware attempts per consumer were made for every business day.

Why Retail Stores Are More Vulnerable Than Ever to Cybercrime

IFSEC Global, SonicWall Threat Report Mention: Figures from SonicWall’s Biannual Report revealed that ecommerce and online retail businesses saw a 264% surge in the past 12 months in ransomware attacks alone. These kinds of statistics are extremely worrying for retail businesses, so it is unsurprising that websites and digital security are at the forefront of retailers’ minds.

Elections, A Full Plate for Cybercrime in Brazil

Monitor (Brazil), SonicWall Threat Report Mention: According to a report by SonicWall, there were approximately 33 million attacks in the country, which places it in the fourth position among the countries that suffer the most from this type of crime, behind only the US, Germany and the United Kingdom.

SonicWall Threat Report Mid-Year Update Highlights Significant Threat Variance

IT Brief New Zealand, SonicWall Threat Report Mention: The cyber threat landscape is continuing to become increasingly diverse. With COVID-19 and many geopolitical crises occurring worldwide, threat actors are capitalizing on various cybersecurity gaps, and, as a result, enterprises and end users are often put at risk.

Defending Against Ransomware Attacks

Professional Security, SonicWall Threat Report Mention: In retail in particular, in the year from February 2021, the 2022 SonicWall Cyber Threat Report revealed that there was a 264pc increase in ransomware attacks on ecommerce and online retail businesses. Estimates suggest that over 40% of retail organizations suffered a ransomware attack.

Ransomware Roulette with Consumer Trust – The Link Between Loyalty and Attacks

Information Security Buzz, SonicWall Threat Report Mention: In retail in particular, in the year from February 2021, the 2022 SonicWall Cyber Threat Report revealed that there was a 264% increase in ransomware attacks on ecommerce and online retail businesses. Estimates suggest that over 40% of retail organizations suffered a ransomware attack.

Metaverse: An Emerging Market in Virtual Reality

TechSling, SonicWall Threat Report Mention: Cyber-attacks have targeted market participants, raising high sensitivity and security concerns. According to SonicWall, nearly 500 million cyber-attacks were reported through September 2021, with over 1700 attacks reported per organization.

Protecting Against Customizable Ransomware

CXO Today, Threat Report Mention: All sorts of Cybercrimes have grown tremendously in recent years. SonicWall’s Cyber Threat Report published in early 2022, details a sustained meteoric rise in ransomware with 623.3 million attacks globally with an exponential rise in all monitored threats, cyberattacks and malicious digital assaults including: ransomware, encrypted threats, IoT malware and cryptojacking.

The Best Defense Is a Good Defense

ComputerWeekly (Spain), SonicWall Byline: In cybersecurity, building the best possible defense also means incorporating some offensive strategies to gain intelligence about attackers and understand how they try to penetrate systems, says SonicWall.

SonicWall Boosts Wireless Play with Ultra-High-Speed Wi-Fi 6 Access Points

AIthority, Threat Report Mention: SonicWall announced the introduction of the new Wi-Fi 6 wireless security product line, which provides always-on, always-secure connectivity for complex, multi-device environments. Powered by Wi-Fi 6 technology, the new SonicWave 600 series wireless access points, coupled with Wireless Network Manager (WNM) 4.0, enable organizations to automatically secure wireless traffic while boosting performance and simplifying connectivity.

Uber’s Ex-Security Chief Faces Landmark Trial Over Data Breach That Hit 57m Users

The Guardian, Threat Report Mention: The trial will play out as reports of ransomware attacks continue to rise. In 2021, the US saw a more than 95% increase in ransomware attacks, according to the threat intelligence firm SonicWall. Many of those attackers have targeted healthcare facilities and schools. Hackers targeted the Los Angeles Unified School District (LAUSD), the second-largest school district in the US, with a cyber-attack over Labor Day weekend.

Public Transport Group Go-Ahead Hit by Cyber Attack

Financial Times, Threat Report Mention: There were 2.8bn known malware attacks in the first half of the year, up 11 percent, according to cyber security company SonicWall.

Kansas Most at Risk for Malware Attacks

Fox 4 News Kansas City, SonicWall News: SonicWall reports that malware dropped 4% year over year in 2021, with a total of 5.4 billion hits reported by the firm’s devices around the world. The company detected 2.9 billion malware hits on their US sensors in 2021. Florida saw the most malware hits with 625 million in 2021. The state didn’t appear on the latest list, indicating that these attacks can be successfully thwarted by technologies like antivirus software and firewalls.

Our Success Is Based on The Philosophy of Knowledge Building And Sharing

Digital Terminal (India), SonicWall News: Commenting on the increasing cyber incidents, Debasish Mukherjee, Vice President, Regional Sales APJ, SonicWall Inc said, “Across the globe, we saw that pandemic while stretched companies’ networks, accelerated their digital transformation, on the downside exposed them to more cybercrime. Cybersecurity has become much more important in today’s times than ever before. The global cyber security market is estimated to record a CAGR of 10.5% over the forecast period of 2022 to 2032.”

Industry News

Big Read: Spear Phishing Hackers Weaponizing Open-Source Software

Last week, we covered the ongoing woes from a persistent and malicious malware that assumes the disguise of a Chrome browser extension called ChromeLoader that was likely put into circulation by Russian ransomware gangs. This week, the focus is on open-source software that has been obviously and strategically weaponized by North Korean hackers for pretty much the same reason, and they appear to be very flexible about how they go about their attacks.

According to a report from ARS Technica, researchers believe hackers with connections to the North Korean government have been pushing a Trojanized version of the PuTTY networking utility to backdoor the network of organizations they want to watch. Researchers from security firm Mandiant said on Thursday that at least one customer it serves had an employee who installed the fake network utility by accident. The incident caused the employer to become infected with a backdoor tracked by researchers as Airdry.v2. A group Mandiant tracks transmitted the file as UNC4034. Compromised versions of other open-source software include well-known utilities such as KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording (and that list appears to be growing).

Another angle, according to Microsoft, has successfully compromised numerous organizations in acts of corporate espionage, data theft, financial gain and general network mayhem. For example, one group, named ZINC, deploys agents to connect with people over LinkedIn as job recruiters. Once a conversation is established, victims are asked to move away from LinkedIn and switch to WhatsApp, where the victim may receive files that contain malware. Victims include engineers and technical support staff at defense, aerospace, media and IT companies in the US, UK, and India.

ARS Technica reminds us that ZINC is Microsoft’s name for a threat actor group also known as Lazarus, best known for the devastating 2014 compromise of Sony Pictures Entertainment.

Infosecurity Magazine nails the story on the head by headlining the Zinc methodology as “spear phishing” with the added reliance on weaponized apps like PuTTY SSH. In addition, they included a statement from Google subsidiary, Mandiant: “This is likely one of several malware delivery techniques being employed by North Korean actors after a target has responded to a fabricated job lure.” The Mandiant advisory includes several technical indicators to help companies spot UNC4034-related activity. Its publication comes days after US authorities seized $30m in stolen cryptocurrency from North Korea.

Cyber Attacks Against Middle East Governments Hide Malware in Windows logo

The Hacker News: An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom’s Symantec Threat Hunter Team attributed the updated tooling to a hacking group known as Witchetty(LookingFrog, and TA410). Intrusions involving TA410 – believed to share connections with a Chinese threat group known as APT10 (aka Cicada, Stone Panda, or TA429) – stand out with a modular implant called LookBack. Attacks that lead to the deployment of Stegmap then weaponize ProxyLogon and ProxyShell vulnerabilities in Exchange Server to drop the China Chopper web shell, that’s then used to carry out credential theft and lateral movement activities before launching the LookBack malware. All from clicking a logo.

Microsoft: Two New Zero-Day Flaws in Exchange Server

KrebsOnSecurity: Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and receive email. Microsoft says it is expediting work on software patches to plug the security holes. In the meantime, it is urging a subset of Exchange customers to enable a setting that could help mitigate ongoing attacks. In customer guidance released Thursday, Microsoft is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability that can enable an authenticated attacker to remotely trigger the second zero-day vulnerability — CVE-2022-41082 — which allows remote code execution (RCE) when PowerShell is accessible to the attacker. Bleeping Computer also reports on the same issues here and offers additional perspective on the vulnerabilities and CISA reporting.

Hackers are Ready to Deploy Deepfakes on Your Cybersecurity

TrendMicro, DarkReading: This story was second-place for our big read for the week, with deepfake technology is now poised to be a standard tool for malicious cybersecurity campaigns. For the average person, it isn’t easy to detect and mitigate deepfakes. That means cybercriminals have a considerable upside for deploying it as part of any ransomware campaign.

DarkReading’s reading on TrendMicro’s new study makes it easy to see that all the necessary elements for widespread use of deepfake technology exist today. Many of the basic components and expertise can be found in underground markets and open forums. In addition, the study shows that deepfake-enabled scams such as phishing and business email compromise (BEC) will rapidly change the nature of the threat landscape.

“From hypothetical and proof-of-concept threats, [deepfake-enabled attacks] have moved to the stage where non-mature criminals are capable of using such technologies,” says Vladimir Kropotov, a security researcher with Trend Micro and the principal author of a report on the topic that the security vendor released this week.

“We already see how deepfakes are integrated into attacks against financial institutions, scams, and attempts to impersonate politicians,” he says, adding that what’s scary is that many of these attacks use identities of real people — often scraped from content they post on social media networks.

One of the main takeaways from Trend Micro’s study is the ready availability of tools, images, and videos for generating deepfakes. The security vendor found, for example, that multiple forums, including GitHub, offer source code for developing deepfakes to anyone who wants it. Similarly, enough high-quality images and videos of ordinary individuals and public figures are available for bad actors to create millions of fake identities or impersonate politicians, business leaders, and other famous personalities.

In Case You Missed It

Seamless Security: How SonicWall Solutions Work Together to Safeguard Your Organization – Sarah Choi

SonicWall’s Nicola Scheibe Recognized by CRN as One of 2022’s 100 People You Don’t Know But Should – Bret Fitzgerald

SonicWall NSM 2.3.4 Uplevels Central Management Capabilities – Amber Wolff

Cybersecurity and the Metaverse: Virtual and Real Threats – Ray Wyman

Why 5G Needs to Start with Secure Network Access – Rishabh Parmar

Security Platform Vendors vs. Best-of-Breed Approach to Security Architecture – Rajesh Agnihotri

Why Organizations Should Adopt Wi-Fi 6 Now – David Stansfield

Vote for SonicWall in Computing Security Awards 2022 – Bret Fitzgerald

SonicWall Earns 2022 CRN Annual Report Card (ARC) Honor – Bret Fitzgerald

SonicWall Capture ATP Earns 100% ICSA Threat Detection Rating for Sixth Straight Quarter – Amber Wolff

Ten Cybersecurity Books for Your Late Summer Reading List – Amber Wolff

CoinDesk TV Covers Cryptojacking with Bill Conner – Bret Fitzgerald

First-Half 2022 Threat Intelligence: Geopolitical Forces Rapidly Reshaping Cyber Frontlines – Amber Wolff

2022 CRN Rising Female Star – Bret Fitzgerald

Enhance Security and Control Access to Critical Assets with Network Segmentation – Ajay Uggirala

Three Keys to Modern Cyberdefense: Affordability, Availability, Efficacy – Amber Wolff

BEC Attacks: Can You Stop the Imposters in Your Inbox? – Ken Dang

SonicWall CEO Bill Conner Selected as SC Media Excellence Award Finalist – Bret Fitzgerald

Cybersecurity in the Fifth Industrial Revolution – Ray Wyman

What is Cryptojacking, and how does it affect your Cybersecurity? – Ray Wyman

Why Healthcare Must Do More (and Do Better) to Ensure Patient Safety – Ken Dang

SonicWall Recognizes Partners, Distributors for Outstanding Performance in 2021 – Terry Greer-King

Anti-Ransomware Day: What Can We Do to Prevent the Next WannaCry? – Amber Wolff