Posts

Cyber Security News & Trends – 09-07-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Cybersecurity and the future of work: How much can we predict? – Silicon Republic (Ireland)

  • SonicWall CEO Bill Conner, talking to Silicon Republic, shares his thoughts on battling the growth areas of cybercrime over the coming years.

US Indicts North Korean Over Sony, Bank and WannaCry Attacks – Infosecurity magazine

  • The U.S. Justice Department has formally charged a hacker in connection with cybercrimes that they are directly connecting to the North Korean government. SonicWall’s Bill Conner is featured as a security expert on the issue.

Cyber Security News

British Airways boss apologises for ‘malicious’ data breach – BBC

  • A week after the Air Canada security leak another major security breach in an Airline, this time British Airways, has been dominating news headlines. Names, email address and credit card information from over 380,000 transactions have been compromised.

Nope, the NSA isn’t sitting in front of a supercomputer hooked up to a terrorist’s hard drive – The Register

  • The Register talks about what exactly Government intelligence services want versus what it’s likely they will be able to get in the current digital climate.

The Case for a National Cybersecurity Agency – Politico

  • Gen. David Petraeus argues in Politico that national cybersecurity is in need of a complete overhaul with the creation of an independent National Cybersecurity Agency that reports directly to the President.

FIN6 returns to attack retailer point of sale systems in US, Europe – ZDNet

  • Point of Sale (POS) malware is really gathering steam. ZDNet have a report on a new campaign by a cybercriminal group called FIN6 who were previously known for selling credit card numbers on the Dark Web.

More U.S. Cities Brace for ‘Inevitable’ Hackers – The Wall Street Journal

  • After the city of Atlanta paid millions of dollars to ransomware attackers this year other U.S. Cities are considering their options on how to handle cyberattacks.

Obama-Themed Ransomware Also Mines for Monero – BankInfoSecurity

  • They’re calling it Barack Obama’s Everlasting Blue Blackmail Virus and it doubles as a cryptocurrency miner on top of being ransomware.

In Case You Missed It

Infographic: Ransomware’s Devastating Impact on Real-World Businesses

/0 Comments/in /by

Still relatively new to the cyber threat landscape, ransomware continues to be one of the high-profile malware types that grab headlines. It’s one part Hollywood-style drama mixed with the “mystery” of cryptocurrencies and the seemingly personal nature of ransomware attacks.

But it’s not hyperbole. Ransomware remains one of the most malicious cyberattacks that can cripple a business. SonicWall’s new infographic highlights composite data that demonstrates how ransomware impacts businesses’ ability to operate.

So, how do you prevent your organization from being severely disrupted by ransomware? The best approach is to use multiple layers that deliver automated, real-time breach detection and prevention. While this isn’t an exhaustive list of all security options, these cornerstone tactics will mitigate most of today’s most malicious cyberattacks, including ransomware.

How to Block Ransomware

Businesses have no choice but to proactively mitigate ransomware attacks. But is there a proven approach that can cost-effectively scale across networks and endpoints? Four key security capabilities make full ransomware protection possible.

  1. Next-Generation Firewall

    Detect and prevent cyberattacks with power, speed and precision.
    Next-generation firewalls (NGFW) are one of your first lines of defense against hackers, cybercriminals and threat actors.

    For example, SonicWall firewalls deliver real-time, cloud-based threat prevention, while augmenting the security from on-box deep packet inspection of SSL traffic (DPI-SSL). And all new SonicWall firewalls integrate with our award-winning network sandbox for advanced threat protection.

  2. Network Sandbox

    Identify and stop unknown attacks in real time.
    A network sandbox is an isolated environment on the firewallthat runs files to monitor their behavior. SonicWall Capture Advanced Threat Protection (ATP) is a multi-engine sandbox service that holds suspicious files at the gateway until a verdict can be achieved.

    Capture ATP also features Real-Time Deep Memory InspectionTM (RTDMI). RTDMI is a memory-based malware analysis engine that catches more malware, and faster, than behavior-based sandboxing methods. It also delivers a lower false-positive rate to improve security and the end-user experience.

  3. Email Security

    Filter email-borne attacks before they hit your network.
    Secure email solutions deliver comprehensive inbound and outbound protection from advanced cyberattacks, including ransomware, phishing, business email compromise (BEC), spoofing, spam and viruses. Proven solutions will be available in on-premise email security appliances and hosted secure email.

    SonicWall Email Security also integrates with Capture ATP to protect email from advanced threats, such as ransomware and zero-day malware.

  4. Advanced Endpoint Client Security

    Block ransomware before it compromises user devices.
    Traditional antivirus (AV) has been trusted for years to protect computers. This was a sound approach when the total number of signatures required numbered in the hundreds of thousands. Today, millions of new forms of malware are discovered each month.

    To protect endpoints from this endless onslaught of malware attacks, SonicWall recommends using a next-generation antivirus (NGAV) solution that can monitor the behavior of a system to look for malicious activities, such as the unauthorized encryption of your files.

    For example, SonicWall Capture Client delivers advanced malware protection and additional security capabilities for SonicWall firewall

Ransomware remains one of the most damaging cyberattacks to businesses. Follow these four ransomware protection best practices to help ensure ransomware does not impact your ability to operate.

Cyber Security News & Trends – 08-31-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Air Canada Presses Reset After App Security Snafu – Infosecurity Magazine

  • SonicWall CEO Bill Conner talks to Infosecurity Magazine about the wider implications of the Air Canada app data breach.

T-Mobile, Sprint both hit by Security Breaches ahead of Merger – MSSP Alert

  • In an article detailing the recent T-Mobile and Sprint security breaches ahead of the announced mega-merger, SonicWall’s Bill Conner is featured as a security expert providing perspective on the significance of these security breaches for companies.

Fortnite app for Android let hackers hijack players’ phones, Google warn – The Independent (UK)

  • SonicWall’s VP of Product Management Lawrence Pingree is featured providing commentary to the recent Fortnite vulnerability and the risk organizations face as Fortnite continues to grow.

Cyber Security News

The Untold Story of NotPetya, the Most Devastating Cyberattack in History – Wired

  • In 2017 there was a massive cyberattack that caused billions of dollars of damage worldwide, including almost completely wiping out the systems of a one of the biggest international shipping firms. This is the full story of NotPetya.

Artificial Intelligence Is Now a Pentagon Priority. Will Silicon Valley Help – New York Times

  • The Pentagon and Silicon Valley eye each other up and try and find a common ethical middle ground so they can work together.

ThreatList: Ransomware Attacks Down, Fileless Malware Up in 2018 – Threat Post

  • Cybercrime changes but never goes away.

Give yourselves a pat on the back, top million websites, half of you now use HTTPS – The Register

  • 51.8 percent of the top million websites ranked by Alexa are now using HTTPS, with a little help from Google Chrome and a shaming website.

How Mindfulness Can Help Prevent Hacks, and Four More Cybersecurity Tips – University of Virginia Today

  • This blog might be what you need if all this cybercrime news is getting you down.

In Case You Missed It

Cyber Security News & Trends – 08-24-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

SonicWall Email Security Wins Coveted 2018 CRN Annual Report Card (ARC) Award  — Ganesh Umapathy

  • SonicWall Email Security solution has been named the overall winner at the CRN Annual Report Card, this is the third award it’s won this year so far.

Industry Reactions to Foreshadow Flaws: Feedback Friday — SecurityWeek

  • SonicWall’s Bill Conner was featured amongst industry professionals for his insight on the Foreshadow flaw.

Cyber Security News

US airports’ new facial recognition tech spots first imposter — Engadget

  • Facial Recognition has only been used for 3 days in Dulles airport and has already caught an imposter.

After the Bitcoin Boom: Hard Lessons for Cryptocurrency Investors — New York Times

  • The current digital currency bust could be a sign that the always volatile virtual currency market is on a permanently downward trend.

Super-mugs: Hackers claim to have snatched 20k customer records from Brit biz Superdrug — The Register

  • British Cosmetics firm Superdrug argue with hackers over whether or not they were hacked and whether or not the hack affected 20,000 or 386 customers.

Hackers steal more than $1M from global economy in a single minute: analysis — The Hill

  • A new report has worked out that $1 million is stolen every minute through cybercrime and is pushing to make “Evil Internet Minute” happen.

In Case You Missed It

Cyber Security News & Trends – 08-17-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

New post for PNC’s former CCOPittsburg Biz Journals (US)

  • SonicWall CMO David Chamberlin is featured for his recent appointment to the company following his position as PNC’s former CCO in Pittsburg, Penn.

Foreshadow Vulnerability (L1TF) Introduces New Risks to Intel Processors  — SonicWall Blog

  • Foreshadow, the latest vulnerability to hit microprocessors, comes from the same family as Spectre. SonicWall customers with Capture Advanced Threat Protection (ATP) sandbox service activated are protected.

Cyber Security News

NIST Small Business Cybersecurity Act Becomes Law – Security Week

  • U.S. President Donald Trump signed the NIST Small Business Cybersecurity Act into law on Tuesday (August 14, 2018). It requires NIST to “disseminate clear and concise resources to help small business concerns identify, assess, manage, and reduce their cybersecurity risks.”

Foreshadow and Intel SGX software attestation: ‘The whole trust model collapses’ – The Register

  • In the wake of yet another collection of Intel bugs, The Register had the chance to speak to Foreshadow co-discoverer and University of Adelaide and Data61 researcher Dr Yuval Yarom about its impact.

The state of cybersecurity at small organizations – CSO Online

  • A research survey of 400 cybersecurity professionals in small organizations, found that SMBs are being compromised due to human error, ignorance and apathy.

U.S. investor sues AT&T for $224 million over loss of cryptocurrency – Reuters

  • U.S. entrepreneur and cryptocurrency investor Michael Terpin filed a $224 million lawsuit on Wednesday against telecommunications company AT&T, accusing it of fraud and gross negligence in connection with the theft of digital currency tokens from his personal account.

Cryptojacking attacks: One in three organizations say they’ve been hit with mining malware – ZDNet

  • Almost a third of organizations say they’ve been hit by cryptojacking attacks in the last month, as cyber criminals continue their attempts to push malware designed to secretly use processing power to generate cryptocurrency.

Hundreds of Netflix, HBO, DirecTV and Hulu credentials for sale on dark web – SC Magazine

  • Hundreds of stolen Netflix, HBO, DirecTV and Hulu accounts found at an average price of $8.81, less than the cost of a monthly subscription for most of the services which range from $7.99 per month for Hulu’s lowest tier plan to $15 per month for HBO Go.

FBI Warns of Cyber Extortion Scam – Dark Reading

  • Extortion is a very old crime that’s being given new life in the cyber world. A recent public service announcement from the FBI warns computer users to be on the lookout for threats that use stolen information to tailor extortion demands to specific email addresses.

In Case You Missed It

Cyber Security News & Trends – 08-10-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

DHS Has New Cyber Collaboration Center, But Private Companies May Hesitate to Share — Law.com

  • SonicWall CEO Bill Conner discusses the challenges faced by the new DHS National Risk Management Center initiative in relation to cooperation from the private sector.

ADT Acquires MSSP SDI, Eyes Small Business Cybersecurity Market Growth — MSSP Alert

  • ADT, the monitored security and home and business automation solutions provider, has acquired Secure Designs Inc. (SDI), a well-known MSSP and SonicWall partner that manages firewall equipment for small business customers.

The Changing Data Security Landscape — Database Trends and Applications

  • The SonicWall 2018 Cyber Threat Report is used in an analysis of the overall risk landscape for cybersecurity.

SonicWall to expand product engineering facility in India — ETCIO

  • Debasish Mukherjee, Country Manager India & SAARC SonicWall sat down with ETCIO to discuss the country’s expansion in Bangalore, India.

Cyber Security News

The Sensors That Power Smart Cities Are a Hacker’s Dream — Wired

  • Research from IBM Security and data security firm Threatcare that looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes.

Network of 15,000 bots used to spread cryptocurrency giveaway spam via Twitter — SC Magazine

  • A recently developed methodology for identifying Twitter bot accounts in large quantities turned up a cryptocurrency scam botnet operation found to leverage at least 15,000 bots to submit bogus tweets and likes.

Internet of Things Adoption to Rise Despite Security, Data Integration Challenges — The Wall Street Journal

  • Firms continue to adopt Internet of Things technologies, but believe large-scale deployments and returns on investment may take longer than expected to materialize due to ongoing security and implementation challenges.

iPhone Chipmaker Blames WannaCry Variant for Plant Closures — Bloomberg

  • Taiwan Semiconductor Manufacturing Co. blamed a variant of the 2017 WannaCry ransomware for the unprecedented shutdown of several plants, as it ramps up chipmaking for Apple Inc.’s next iPhones

Atlanta’s Reported Ransomware Bill: Up to $17 Million — Bank Info Security

  • The cost of the city of Atlanta’s mitigation and subsequent IT overhaul following a massive SamSam ransomware infection earlier this year could reach $17 million.

In Case You Missed It

Cyber Security News & Trends – 07-13-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

As Malware, Ransomware Surge in 2018, SonicWall Raises Alarm on Encrypted Threats and Chip-Based Attacks

  • SonicWall publishes a mid-year update of 2018 SonicWall Cyber Threat Report, finds more than 5.99 billion total malware attacks, up 102 percent, in the first six months of 2018.

Ghostbusters 2: how to deal with Spectre, the sequel – SC Magazine (UK)

  • Lawrence Pingree, SonicWall’s VP of Product Management discusses the possibilities of future exploits built on the Spectre vulnerability

Big Enterprise or Small Business, It Doesn’t Matter: Hackers Are Coming for You, Right Now – Joseph Steinberg

  • Quotes from a 2017 interview between Bill Conner and Joe Steinberg are resurfaced to explain that about half of all cyber-attacks are on small businesses.

Cyber Security News

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders – The Register

  • An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers’ NPM login tokens.

Hackers are selling backdoors into PCs for just $10 – ZDNet

  • Cyber criminals are offering remote access to IT systems for just $10 via a dark web hacking store — potentially enabling attackers to steal information, disrupt systems, deploy ransomware and more.

Senators press federal election officials on state cybersecurity – The Hill

  • Senators on Wednesday pressed top officials from the U.S. Election Assistance Commission (EAC) about their efforts to boost state cybersecurity election systems, with a focus on whether each state should have a mechanism in place to audit their results.

Cryptocurrency service Bancor robbed of billions; MyEtherWallet users targeted via malicious VPN Chrome extension – SC Magazine

  • Cryptocurrency token conversion service Bancor disclosed yesterday that hackers stole millions in funds from one of its online wallets, while Etherium crypto wallet service MyEtherWallet warned that hackers may have compromised anyone who accessed its service while using the free VPN service Hola and its Chrome extension.

Breach department: Unauthorized party accesses Macys.com and Bloomingdales.com customer accounts – SC Magazine

  • For nearly two months, an unauthorized party reportedly used stolen usernames and passwords to log into the online accounts of certain Macys.com and Bloomingdales.com customers.

In Case You Missed It

Ransomware Surges, Encrypted Threats Reach Record Highs in First Half of 2018

/0 Comments/in /by

To ensure organizations are aware of the latest cybercriminal attack behavior, today SonicWall published a mid-year update to the 2018 SonicWall Cyber Threat Report.

“The cyber arms race is moving faster than ever with bigger consequences for enterprises, government agencies, educational and financial institutions, and organizations in targeted verticals,” said SonicWall CEO Bill Conner in the official announcement.

Cyber threat intelligence is a key weapon in organizations’ fight against criminal organizations within the fast-moving cyber arms race. The mid-year update outlines key cyberattack trends and real-world threat data, including:

Data for the annual SonicWall Cyber Threat Report is gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than 1 million security sensors in nearly 200 countries and territories.

“SonicWall has been using machine learning to collect, analyze and leverage cyber threat data since the ‘90s,” said Conner. “This commitment to innovation and emerging technology is part of the foundation that helps deliver actionable threat intelligence, security efficacy and automated real-time bread detection and prevention to our global partners and customers.”

Get the Mid-Year Update

Dive into the latest cybersecurity trends and threat intelligence from SonicWall Capture Labs. The mid-year update to the 2018 SonicWall Cyber Threat Report explores how quickly the cyber threat landscape has evolved in just a few months.

GET THE UPDATE

Cyber Security News & Trends – 07-06-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

Breaking down SonicWall’s 12 new features for mid-tier enterprises — TechRepublic

  • Following the release of SonicWall’s latest product news, TechRepublic provides an overview of the features released. This article concludes that the new mid-tier offerings make SonicWall an option for companies of any sector and size.

Review: SonicWall TZ400 Provides Local Governments with Deep, Frontline Protection – StateTech

  • SonicWall’s firewall appliance is a strong choice for state and local governments watching the bottom line.

Cyber Security News

Sophos shares tank as revenues slow – UK Investor Magazine

  • Shares in cyber security group Sophos fall by a fifth as growth slows. The company’s shares fell by more than 20% as it said billings growth – an indicator of future revenues – in the three months to the end of June had slowed to just 6pc, or 2pc when adjusted for foreign currency changes.

New Virus Decides If Your Computer Good for Mining or Ransomware — The Hacker News

  • Researchers at Kaspersky Labs have discovered a new variant of Rakhni ransomware family, which has now been upgraded to include cryptocurrency mining capability as well.

Macro-based malware campaign replaces desktop and Quick Launch shortcuts to install backdoor — SC Magazine

  • Researchers have uncovered an unusual malicious macro-based malware campaign that effectively modifies infected users’ shortcut files so that they secretly download a backdoor program.

Trump nominates former Energy official to lead Homeland Security tech research arm — The Hill

  • President Trump announces that he is tapping William Bryan, an Army veteran and former Department of Energy official, to lead the Department of Homeland Security’s technology research and development arm.

Adidas Reports Data Breach — The Wall Street Journal

  • Adidas warned late on Thursday that hackers may have lifted customer data from its US website.

In Case You Missed It

Cyber Security News & Trends – 06-29-18

/0 Comments/in /by

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.

SonicWall Spotlight

SonicWall Targets Mid-Tier Enterprises with New Network Security Software and Appliances SiliconANGLE

  • Following the release of SonicWall’s latest product news, SiliconANGLE unpacks updates to the SonicWall Capture Security Center. This article also touches on the company’s six new firewall appliances.

Cyber Security News

Despite Caution Over Cryptocurrency, Investors are Bullish The New York Times

  • Initial coin offerings are raising billions for cryptocurrency start-ups, like the Russia messaging service Telegram, which raised nearly $2 billion.

Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records Wired

  • Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses.

Reality Winner, N.S.A. Contractor Accused in Leak Pleads Guilty The New York Times

  • Reality Winner, the former government contractor charged with leaking classified information, pleaded guilty in federal court Tuesday as part of a plea agreement reached with federal prosecutors.

Hotels, Airlines and Travel Sites Battle Bot Attacks ZDNet

  • Attackers in certain countries appear to have a particular focus on breaching organizations operating in the travel sector.

60,000 Android Devices Hit With Ad-Clicking Bot Ransomware SC Magazine

  • A new malicious Android app has infected at least 60,000 devices gaining the ability to extract some important information from each device along with installing some ad click malware.

New Fears Over Chinese Espionage Grip Washington The Hill

  • Lawmakers are scrutinizing the Pentagon over its efforts to keep military secrets safe from hackers, after Chinese actors allegedly breached a Navy contractor’s computer and collected data on submarine technology.

In Case You Missed It