April Fools’ Day is fast-approaching, and you’d have to be a fool to not see all the good stuff happening at SonicWall this week. Microscope quoted SonicWall CEO Bob VanKirk on how he’s successfully aligned two key areas at SonicWall. TechCrunch and Computer Weekly cited data from the 2023 Cyber Threat Report.

In industry news, Data Breach Today covers a slew of tech leaders asking AI developers to slow down. Dark Reading has the lowdown on a new MacOS malware. TechCrunch has information on a supply chain attack on a major phone system. At Bleeping Computer, they discuss a security flaw in a common WiFi protocol that’s causing problems. Hacker News provides insight on OpenAI’s user data leak from last week.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Silence gets you nowhere in a data breach

TechCrunch, SonicWall News: Attackers are increasingly targeting smaller businesses – as outlined in the 2023 SonicWall Cyber Threat Report – due to the fact they are seen as easier targets than large companies. This means that your startup is likely to get compromised at some point.

SonicWall CEO: Success will come from listening to partners

Microscope, SonicWall News: “I kind of flipped the sales team upside down to really make the team aligned with our partners,” he said. “Our partners are a force multiplier, one of our key differentiators. Not diminishing our product capabilities, but from the-go-to market standpoint, I really leaned into better aligning, and better listening to our channels where they were going with their businesses, requirements, needs and pain points.

Malware attacks on IoT and cryptojacking are growing in 2022

Computer Weekly (Spain), SonicWall News: Despite the 21% drop in ransomware globally, 2022 was the second year with the highest number of attack attempts with 493.3 million, SonicWall, which also reported a 2% increase in malware, 87% in IoT malware and 43% in cryptojacking.

DC Health Link Breach Exposes Private Information of Lawmakers

InformationWeek, SonicWall News: The healthcare industry is a popular target for breaches. Care providers and insurance companies safeguard valuable data. “Threat actors believe that healthcare providers and related organizations have no option but to pay the ransom, as restoring operations can mean the difference between life and death,” Immanuel Chavoya, threat detection and response strategist at cybersecurity company SonicWall, points out.

Ferrari in Italy targeted in cyber attack

MotorTrader, SonicWall News: In the UK, dealer groups Pendragon and Arnold have been targeted for cyber crime. According to the cyber security 2023 SonicWall Threat Report the UK is the 2nd most attacked country in the world, after the US. It said ransomware attacks last year doubled.

Covert Cyberattacks on The Rise as Attackers Shift Tactics for Maximum Impact

HelpNetSecurity, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 million), according to SonicWall.

2023 Could Be the Biggest Ever Year for Cybercrime

TechRadarPro, SonicWall News: 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals.

Spikes In IoT Malware, Cryptojacking Offset Decline in Ransomware In 2022

MSSP Alert, SonicWall News: SonicWall researchers recorded the second-highest year on record for global ransomware attempts but it was an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) that signaled a shift in the overall threat landscape in 2022, the company said in a new report.

Cybercrime Spiked In 2022 — And This Year Could Be Worse

Digital Trends, SonicWall News: Last year saw a massive spike in cybercrime, with some types of malicious digital activity rising by as much as 87%. It doesn’t bode well — but there were a couple of relative bright spots. That information comes from a new report published by cybersecurity firm SonicWall. It makes for interesting reading, especially since one of the biggest rises came from an unusual source — and one of the most feared types of malware saw a hefty drop.

Ransomware Attacks Plunged 48 Percent in US Last Year: SonicWall

CRN, SonicWall News: In a major reversal from prior years, the volume of ransomware attacks globally dropped by 21 percent in 2022, year-over-year, with a 48-percent decline in the U.S., SonicWall said in a new report Tuesday. It’s encouraging that we’re seeing a decrease” in ransomware attacks, SonicWall CEO Bob VanKirk said in an interview with CRN. At the same time, “the number of attacks still is staggering,” VanKirk said.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

Evening Standard, SonicWall News: The scale of the threat posed to companies and consumers by cyberattacks was laid bare today in a new report which reveals global ransomware attempts hit their second highest year on record in 2022.

Cyber intrusion attempts and malware attacks climbed 19% and 2% respectively, according to the Global Cyberattack Trends report by SonicWall, while crypto-theft attacks jumped 43% to reach a record high. The volume of ransomware attacks was especially severe in the UK, climbing a staggering 112% in 2022, the report found, despite a 21% decrease in attacks worldwide.

Experts Spot Half a Million Novel Malware Variants in 2022

InfoSecurity, SonicWall News: Global malware detections increased 2% year-on-year (YoY) in 2022 to hit 5.5 billion, with never-before-seen variants surging 5%, according to SonicWall. The security vendor captured threat intelligence from its global SonicWall Capture Threat network, including one million security sensors, in order to compile its 2023 SonicWall Cyber Threat Report.

Industry News

Tech Leaders Ask AI Developers to Slow Down Amid Fears

Artificial intelligence (AI) has been rapidly advancing over the past few years leading to a laundry list of exciting new features. While we’ve seen what AI can do with writing, artwork, memes and more, some top tech leaders have shared their concerns and actually asked AI developers to stop development for at least six months. The Future of Life Institute gathered over 1,000 signatures on a document asking to stop and consider developing safety protocols and more before continuing. The list of signatories includes notable names like Twitter CEO Elon Musk and former presidential candidate Andrew Yang along with Turing Prize-winner Yoshua Bengio and many others. The document asks pertinent questions about job automation, propaganda and even potentially losing control of our civilization as a whole. It remains to be seen whether the document will actually have an impact on the development of AI, but it would be prudent to stop and consider the possibilities of AI.

Apple Loses User Data to MacStealer Malware

MacOS users should be on the lookout as a new information-stealing malware, MacStealer, is making the rounds. The malware steals things like documents, browser cookies, passwords, iCloud keychain data and more. According to Dark Reading, the malware has been found on the Catalina version of MacOS as well as versions that use Intel’s M1 and M2 chipsets. The threat actors spreading this malware are doing so by getting users to install fake apps or download malicious files. Once users install the bogus software or download the malicious files, the malware prompts them to enter their login credentials which are then stored and sent off to the threat actors. Until a patch is released, MacOS users on the affected versions should continue to be wary when installing software or downloading files from suspicious sources.

New Supply Chain Attack Targets Major Phone System

A new supply chain attack targeting software-based phone developer 3CX has caused some concern amid multiple cybersecurity firms. Large companies like McDonald’s, American Express and BMW rely on the phone software for various services. It’s even used by the United Kingdom’s National Health Service. According to TechCrunch, 3CX claims to have over 12 million daily users. The attack has been compared to the SolarWinds attack and has been named “Smooth Operator.” The malware steals data and stored credentials from various internet browsers including Firefox, Brave, Microsoft Edge and Google Chrome. 3CX is aware of the issue and is asking customers to uninstall and reinstall the software on all devices.

Threat Actors Exploit WiFi Protocol Flaw to Commandeer Network Traffic

A security flaw that attackers can exploit to force access points to leak network frames has been uncovered in the IEEE 802.11 WiFi protocol. These network frames contain data such as MAC addresses and management data. The cybersecurity researchers who made the discovery found that the flaw could have widespread impact as it affects Linux, iOS, Android and FreeBSD. According to Bleeping Computer, Cisco has brought attention to the flaw and admitted that it could affect some Cisco products. There are currently no instances of the flaw being exploited in the wild.

OpenAI Gives Insight Into ChatGPT User Data Exposure Bug

ChatGPT’s developers, OpenAI, provided some answers this week about exactly what led to the glitches in their system last week that allowed some users to see descriptions of other users’ conversations as well as other users’ messages. OpenAI stated that the bug was found in the Redis open-source library. According to OpenAI’s statement, the bug in the Redis library caused connections to become corrupted and allowed for the chatbot to send users data from other users’ conversations. The company took ChatGPT down while addressing the glitch. Hacker News stated that the issue may have led to other issues where some users full names, email addresses, payment addresses and last four digits of their credit card numbers were revealed. The company emphasized that the full credit card numbers were not revealed in any instance. The issue has since been resolved, but time will surely tell the full impact this bug may have on ChatGPT and its users.

SonicWall Blog

Cybersecurity: Preventing Disaster from Being Online – Ray Wyman Jr

SonicWall Earns 5-Star Rating in 2023 Partner Program Guide for the Seventh Straight Year – Bret Fitzgerald

Global Threat Data, Worldwide Coverage: The 2023 SonicWall Cyber Threat Report – Amber Wolff

U.S. National Cybersecurity Strategy Represents Paradigm Shift in IT Security – Darryl Jenkins

SonicWall Data Shows Attacks on Schools Skyrocketing – Amber Wolff

Recognizing Outstanding Partner and Distributor Performance in 2022 – Bob VanKirk

Latest Threat Intelligence Reveals Rising Tide of Cryptojacking – Amber Wolff

Latest Threat Intelligence Tracks Shifting Cyber Frontlines in 2022 – Amber Wolff

New SMA Release Updates OpenSSL Library, Includes Key Security Features – Jai Balasubramaniyan

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

It’s St. Patrick’s Day today, so we hope you’re protecting yourself by wearing green. We also hope you’re protecting yourself from cybercriminals by staying up to date with the latest threat intelligence, such as the 2023 Cyber Threat Report.

In industry news, Hacker News has the lowdown on a new AiTM phishing campaign and a phony ChatGPT extension causing trouble for Chrome users. Bleeping Computer reported on a new attack developed for air-gapped computers. The folks at Dark Reading have the scoop on AI-created YouTube videos spreading malware. TechCrunch and Vice dive into details on a potential breach at video surveillance company Ring.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Covert Cyberattacks on The Rise as Attackers Shift Tactics for Maximum Impact

HelpNetSecurity, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 million), according to SonicWall.

2023 Could Be the Biggest Ever Year for Cybercrime

TechRadarPro, SonicWall News: 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals.

Spikes In IoT Malware, Cryptojacking Offset Decline in Ransomware In 2022

MSSP Alert, SonicWall News: SonicWall researchers recorded the second-highest year on record for global ransomware attempts but it was an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) that signaled a shift in the overall threat landscape in 2022, the company said in a new report.

Cybercrime Spiked In 2022 — And This Year Could Be Worse

Digital Trends, SonicWall News: Last year saw a massive spike in cybercrime, with some types of malicious digital activity rising by as much as 87%. It doesn’t bode well — but there were a couple of relative bright spots. That information comes from a new report published by cybersecurity firm SonicWall. It makes for interesting reading, especially since one of the biggest rises came from an unusual source — and one of the most feared types of malware saw a hefty drop.

Ransomware Attacks Plunged 48 Percent in US Last Year: SonicWall

CRN, SonicWall News: In a major reversal from prior years, the volume of ransomware attacks globally dropped by 21 percent in 2022, year-over-year, with a 48-percent decline in the U.S., SonicWall said in a new report Tuesday. It’s encouraging that we’re seeing a decrease” in ransomware attacks, SonicWall CEO Bob VanKirk said in an interview with CRN. At the same time, “the number of attacks still is staggering,” VanKirk said.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

Evening Standard, SonicWall News: The scale of the threat posed to companies and consumers by cyberattacks was laid bare today in a new report which reveals global ransomware attempts hit their second highest year on record in 2022.

Cyber intrusion attempts and malware attacks climbed 19% and 2% respectively, according to the Global Cyberattack Trends report by SonicWall, while crypto-theft attacks jumped 43% to reach a record high. The volume of ransomware attacks was especially severe in the UK, climbing a staggering 112% in 2022, the report found, despite a 21% decrease in attacks worldwide.

Experts Spot Half a Million Novel Malware Variants in 2022

InfoSecurity, SonicWall News: Global malware detections increased 2% year-on-year (YoY) in 2022 to hit 5.5 billion, with never-before-seen variants surging 5%, according to SonicWall. The security vendor captured threat intelligence from its global SonicWall Capture Threat network, including one million security sensors, in order to compile its 2023 SonicWall Cyber Threat Report.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

MSN, SonicWall News: Bob Vankirk, CEO of SonicWall, said: “The past year reinforced the need for cybersecurity in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance. While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”

State-Sponsored Hackers Are Diversifying Tactics, Targeting Small Businesses

IT Pro, SonicWall News: State-sponsored threat actors are increasingly shifting their focus towards SMBs and smaller enterprises, according to new research. While large enterprises, public services, and critical national infrastructure have traditionally been key targets for state-sponsored threat actors, SonicWall’s 2023 Cyber Threat Report predicted that groups will ‘diversify’ their tactics in 2023 to target SMBs and a “broader set of victims.”

Cybersecurity Predictions for 2023 – Things You Should Know

Utah Pulse, SonicWall News: SonicWall reports a 328% YoY increase in healthcare ransomware attacks in 2022, and healthcare and education are expected to be among the most targeted sectors in 2023. The expanding IoT footprint in these sectors is predicted to make them more vulnerable to digital attacks, increasing the risk to critical infrastructure.

The 20 Coolest Network Security Companies Of 2023: The Security 100

CRN, SonicWall News: Key offer­ings from SonicWall in the realm of next-gener­ation firewalls include the SonicWall NSa 5700, which utilizes a scalable hardware architecture designed to fit in a single rack-mountable unit. The high port density of the NSa 5700 includes multiple 10-Gigabit Ether­net and 1-Gigabit Ethernet fiber and copper interfaces.

CEO Outlook 2023

CRN, SonicWall News: One of the biggest opportunities we will be tackling with our partners is providing a broader set of unified and cost-effective solutions that fully secure the evolving network perimeter. For many of our partners and customers, 2023 will represent a period of cautious and informed investment in IT and security – customers will demand more bang for their security buck.

Industry News

Ring Refuses to Reveal Truth About Russian Ransomware Rush

A Russian ransomware gang has claimed to have breached the Amazon-owned video security company Ring. The ransomware gang, known as ALPHV, has so far failed to provide evidence of the supposed breach, and Ring has remained tight-lipped concerning the matter. A Ring spokesperson did tell TechCrunch that they had no indications of a ransomware attack but declined to comment on whether or not they had the ability to see if data had been exfiltrated from their networks. Ring did tell Vice that they were aware of a potential incident with a third-party vendor, but they didn’t say the name of the vendor. Ring said the vendor did not have access to customer records.

Researchers Utilize Computer Speakers and Smartphone Microphone to Steal Data

At Korea University in Seoul, South Korea, researchers have recently discovered that a new channel attack called CASPER is capable of transferring data from air-gapped computers to a microphone through the air. An air-gapped computer is a computer that is not physically capable of connecting to an external network or device, so this development could be concerning for those using air-gapped computers to store their most sensitive data. The attack utilizes the computer’s internal speakers to emit a high-frequency soundwave that cannot be heard by human ears but can be detected by microphones – including a smartphones microphone – up to 1.5 meters away. The high-frequency audio transfers data using binary or morse code at a rate of 20 bits per second. Similar attacks have been seen previously, but those attacks utilized external speakers. Air-gapped computers typically don’t have external speakers, but they do usually still have internal speakers to emit sounds such as boot-up beeps or other information-conveying beeps. While this type of attack may seem far-fetched, Bleeping Computer states that such attacks have been successfully carried out in the past, such as the Stuxnet worm targeting Iran’s nuclear enrichment facility and others. The malware utilized in this attack can target specific files in the system from hardcoded lists, and it can exfiltrate the data from those files. The malware could also be used for keylogging. The university researchers did share ways to defend against such an attack, with the simplest method being to simply remove internal speakers from any air-gapped computers.

Microsoft Alerts Users to Millions of Phishing Emails Being Sent Out Daily

An increasing amount of cybercriminals are using an adversary-in-the-middle (AiTM) phishing kit to steal the passwords and cookies of users around the world. In an AiTM phishing attack, threat actors usually place a proxy server between the user and the website, and the proxy server is where the theft takes place. According to Hacker News, these attacks can be more effective because they’re able to get around things like multi-factor authentication (MFA) and time-based one-time passwords (TOTPs). The Microsoft Threat Intelligence team is monitoring the situation and tracking the cybercriminals who are orchestrating the attack. The threat actors developing the phishing kit are known as DEV-1101, and they are responsible for multiple phishing kits on the dark market. Microsoft has seen millions of phishing emails per day from the threat actors who have purchased the kit from DEV-1101. Organizations should consider phishing-resistant authentication methods to help thwart this type of attack.

Phony ChatGPT Chrome Extension Steals Facebook Accounts

A fake ChatGPT browser extension is making its way around Chrome, and it has the ability to take over Facebook accounts and even create administrator accounts. The goal of the extension is apparently to hijack high-profile Facebook business accounts and then run paid advertisements on the dime of the businesses. Google pulled the extension, named “Quick access to ChatGPT”, on March 9, 2023, but it amassed 2,000 installations per day in its short time on the Chrome Web Store. According to Hacker News, the viral success of OpenAI’s ChatGPT has led threat actors to capitalize by creating fraudulent apps and extensions. Users must be wary of the sources of the extensions and apps they choose to install.

YouTube Videos Created by AI Fake Tutorials, Spread Malware

Artificial intelligence is being used to create YouTube videos that use an infostealer malware to find users personal data on their devices. These videos are posed as tutorials for programs like Photoshop, AutoCAD, Premier Pro and more. Dark Reading states that security researchers have determined that cybercriminals are using programs like Synthesia and D-ID to produce phony personas that are intended to exude a sense of trustworthiness with users all around the world. It’s currently unclear how large of an impact these videos are having on cybercrime as a whole, but it’s yet another example of artificial intelligence being used in a nefarious way.

SonicWall Blog

SonicWall Data Shows Attacks on Schools Skyrocketing – Amber Wolff

Recognizing Outstanding Partner and Distributor Performance in 2022 – Bob VanKirk

Latest Threat Intelligence Reveals Rising Tide of Cryptojacking – Amber Wolff

Latest Threat Intelligence Tracks Shifting Cyber Frontlines in 2022 – Amber Wolff

New SMA Release Updates OpenSSL Library, Includes Key Security Features – Jai Balasubramaniyan

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

It’s the first week of March, and the 2023 SonicWall Cyber Threat Report was released this week! SonicWall has been dominating the news cycle following its release. MSN quoted our CEO, Bob VanKirk, about the great need for cybersecurity among all businesses. ITPro cited data from the 2023 Threat Report. CRN quoted Bob VanKirk as well about 2022 ransomware numbers. Evening Standard cited the 2023 Threat Report’s cryptojacking data. The 2023 Cyber Threat Report has made a huge splash in the media and will continue to do so all year.

In industry news, TechCrunch had the lowdown on the major ransomware attack at Dish Network. Dark Reading shared details of the follow-up attack at LastPass. Hacker News had the scoop on the first UEFI bootkit to bypass Windows 11 Secure Boot, and Bleeping Computer reported on the Russian government banning use of certain foreign communication apps.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Covert Cyberattacks on The Rise as Attackers Shift Tactics for Maximum Impact

HelpNetSecurity, SonicWall News: 2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 million), according to SonicWall.

2023 Could Be the Biggest Ever Year for Cybercrime

TechRadarPro, SonicWall News: 2023 could very well be the biggest year ever for cybercriminals, new figures have claimed. According to SonicWall’s latest figures, cybercrime is on the rise across the board, but trends are slowly shifting which is something IT security teams should keep in mind. More precisely, hackers are opting for a “slow and low” approach, keeping stealthy while trying to achieve financially-motivated goals.

Spikes In IoT Malware, Cryptojacking Offset Decline in Ransomware In 2022

MSSP Alert, SonicWall News: SonicWall researchers recorded the second-highest year on record for global ransomware attempts but it was an 87% increase in Internet of Things (IoT) malware and a record number of cryptojacking attacks (139.3 million) that signaled a shift in the overall threat landscape in 2022, the company said in a new report.

Cybercrime Spiked In 2022 — And This Year Could Be Worse

Digital Trends, SonicWall News: Last year saw a massive spike in cybercrime, with some types of malicious digital activity rising by as much as 87%. It doesn’t bode well — but there were a couple of relative bright spots. That information comes from a new report published by cybersecurity firm SonicWall. It makes for interesting reading, especially since one of the biggest rises came from an unusual source — and one of the most feared types of malware saw a hefty drop.

Ransomware Attacks Plunged 48 Percent in US Last Year: SonicWall

CRN, SonicWall News: In a major reversal from prior years, the volume of ransomware attacks globally dropped by 21 percent in 2022, year-over-year, with a 48-percent decline in the U.S., SonicWall said in a new report Tuesday. It’s encouraging that we’re seeing a decrease” in ransomware attacks, SonicWall CEO Bob VanKirk said in an interview with CRN. At the same time, “the number of attacks still is staggering,” VanKirk said.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

Evening Standard, SonicWall News: The scale of the threat posed to companies and consumers by cyberattacks was laid bare today in a new report which reveals global ransomware attempts hit their second highest year on record in 2022.

Cyber intrusion attempts and malware attacks climbed 19% and 2% respectively, according to the Global Cyberattack Trends report by SonicWall, while crypto-theft attacks jumped 43% to reach a record high. The volume of ransomware attacks was especially severe in the UK, climbing a staggering 112% in 2022, the report found, despite a 21% decrease in attacks worldwide.

Experts Spot Half a Million Novel Malware Variants in 2022

InfoSecurity, SonicWall News: Global malware detections increased 2% year-on-year (YoY) in 2022 to hit 5.5 billion, with never-before-seen variants surging 5%, according to SonicWall. The security vendor captured threat intelligence from its global SonicWall Capture Threat network, including one million security sensors, in order to compile its 2023 SonicWall Cyber Threat Report.

Ransomware Threat Surges as Brits Suffer Millions of Attacks In 2022

MSN, SonicWall News: Bob Vankirk, CEO of SonicWall, said: “The past year reinforced the need for cybersecurity in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance. While organizations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.”

State-Sponsored Hackers Are Diversifying Tactics, Targeting Small Businesses

IT Pro, SonicWall News: State-sponsored threat actors are increasingly shifting their focus towards SMBs and smaller enterprises, according to new research. While large enterprises, public services, and critical national infrastructure have traditionally been key targets for state-sponsored threat actors, SonicWall’s 2023 Cyber Threat Report predicted that groups will ‘diversify’ their tactics in 2023 to target SMBs and a “broader set of victims.”

Cybersecurity Predictions for 2023 – Things You Should Know

Utah Pulse, SonicWall News: SonicWall reports a 328% YoY increase in healthcare ransomware attacks in 2022, and healthcare and education are expected to be among the most targeted sectors in 2023. The expanding IoT footprint in these sectors is predicted to make them more vulnerable to digital attacks, increasing the risk to critical infrastructure.

The 20 Coolest Network Security Companies Of 2023: The Security 100

CRN, SonicWall News: Key offer­ings from SonicWall in the realm of next-gener­ation firewalls include the SonicWall NSa 5700, which utilizes a scalable hardware architecture designed to fit in a single rack-mountable unit. The high port density of the NSa 5700 includes multiple 10-Gigabit Ether­net and 1-Gigabit Ethernet fiber and copper interfaces.

CEO Outlook 2023

CRN, SonicWall News: One of the biggest opportunities we will be tackling with our partners is providing a broader set of unified and cost-effective solutions that fully secure the evolving network perimeter. For many of our partners and customers, 2023 will represent a period of cautious and informed investment in IT and security – customers will demand more bang for their security buck.

Industry News

Personal Data Stolen in Dish Network Ransomware Attack

Dish Network is experiencing a prolonged outage on its website, apps and customer support services following a ransomware attack last week. In a public filing, Dish said that the threat actors had successfully exfiltrated data from their servers that may contain personal information. TechCrunch spoke with several Dish Network customers who said they have not had TV service since last Thursday. No attackers have yet taken credit for the breach, but it’s suspected that the Black Basta ransomware gang is responsible.

LastPass Vault Data Lost in Follow-up Attack

LastPass has experienced another breach from the same threat actors that infiltrated their development environment in August 2022. According to Dark Reading, LastPass lost the decryption keys for a large amount of customer and encrypted vault data. The threat actors accessed the data by infiltrating the home computer of a LastPass DevOps engineer who had the data. The attack utilized a vulnerable media player on the engineer’s home computer. LastPass did make a statement reminding end users that their master passwords are not known or stored by LastPass, so they were not stolen in the breach.

BlackLotus UEFI Bootkit Malware Bypasses Windows 11 Secure Boot

In a first for Windows 11, a Unified Extensible Firmware Interface (UEFI) bootkit has bypassed Secure Boot. The UEFI bootkit is called BlackLotus, and is the first UEFI bootkit to pull off such a feat which makes it a danger to any system running Windows 11. BlackLotus was first sold in October 2022 and the seller did claim it was capable of bypassing Secure Boot. The seller also claimed it could disable security software. At a price of only $5,000, it’s a much more accessible tool for a broader range of cyber criminals. According to Hacker News, exploiting the Secure Boot vulnerability allows the attacker to execute arbitrary code during early boot phases which allows the attacker to wreak havoc on a user’s system. It’s not yet known exactly how the bootkit is deployed, but Microsoft will surely want to patch this vulnerability quickly and thoroughly.

Foreign Communication Apps Banned in Russian Government Organizations

Laws banning foreign messaging applications in the Russian government have started being enforced this week. Roskomnadzor, Russia’s internet control agency, announced the new restrictions this week. The services banned by the Russian government include Discord, Microsoft Teams, Skype for business, Snapchat, Telegram, Threema, Viber, WhatsApp and WeChat. As of now, the ban only applies to Russian government and state agencies. Russian citizens can still use the communication apps. According to Bleeping Computer, Roskomnadzor did not ban Zoom or the encrypted messaging app Signal.

SonicWall Blog

Latest Threat Intelligence Tracks Shifting Cyber Frontlines in 2022 – Amber Wolff

New SMA Release Updates OpenSSL Library, Includes Key Security Features – Jai Balasubramaniyan

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

It’s Valentine’s week, and SonicWall is getting love from media outlets once again. SiliconRepublic talked to our own Spencer Starkey about his predictions for 2023 and quoted Immanuel Chavoya’s thoughts on artificial intelligence.

In industry news, Bleeping Computer has the low-down on Apple and Microsoft’s zero-day issues and has informed us of another zero-day exploit that was used to breach 130 organizations. Dark Reading reported on a former cybersecurity entrepreneur from Russia being convicted of a hack-to-trade scheme. Hacker News warns of a North Korean threat actor targeting South Korean systems as well as a flurry of attacks from the notorious SideWinder group.

Remember to keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Ransomware Attacks Aimed at Manufacturing Grew By 50pc in 2022

SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of SonicWall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

Genie Out of The Bottle: ChatGPT Has Shaken Up the AI Sector

SiliconRepublic, SonicWall News: In recent AI predictions for 2023, experts such as Immanuel Chavoya of SonicWall said new software will give threat actors the ability to quickly exploit vulnerabilities and reduce the technical expertise required “down to a five-year-old level.”

Stolen MTU Data Appears on Dark Web Following IT Breach

SiliconRepublic, SonicWall News: In recent cybersecurity predictions for 2023, Spencer Starkey of Sonicwall predicted that healthcare and education will be among the sectors most targeted by cyberattacks this year.

Ryuk, Conti Ransomware Members Hit with UK Sanctions in Latest Crackdown

ITPro, SonicWall News: In 2020 – the third year of it being considered a major strain – security firm SonicWall revealed it was behind a third of ransomware attacks worldwide for the year.

Global Hacker Attack May Reach Brazil but Risk Is Limited, Says Experts

GQ Brasil, SonicWall News: Arley Brogiato, director for Latin America and the Caribbean of the multinational security company SonicWall, does not exclude the possibility of these attacks reaching Brazilian companies, but says he is surprised by the alerts and the dissemination of the news, which on the morning of last Monday (6) competed with football game calendars and the price of cooking gas in Manaus the most sought after Google Trends.

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition

SonicWall Blog, SonicWall News: SonicWall Chief Revenue Officer (CRO) Jason Carter and Vice President Americas Channel Sales Matt Brennan have been named to CRN’s 2023 Channel Chiefs list. Every year, CRN honors the IT channel executives who drive the channel success and evangelize the importance of channel partnerships within the IT industry.

Challenges For Startups in The IoT Sector

TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.

JD Sports Cyber Attack: Why Online Retail Is Vulnerable and What Can Be Done?

Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.

The Best Hardware Firewalls for Small Businesses

Ask by Geeks, SonicWall News: One of the best small business firewalls is the SonicWall TZ400 Security Firewall. The SonicWall TZ400 NGFW Premium is considered a little more expensive than other firewall options, but its security, reliability, ease of use, and unique features justify its price.

10 million Customers Exposed in JD Sports Cyber Attack

ITPro, SonicWall News: A study last year by SonicWall found that the retail sector saw a 264% surge in ransomware attacks between February 2021 and 2022. The widespread consumer shift to online shopping during the pandemic prompted hackers to escalate attacks against online retailers.

Three Ways Governments Can Better Protect Public Data

Networking+, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.

2023 Predictions: Emerging Tech & Global Conflict Bring New Cyber Threats

CyberSecurityInsiders, SonicWall News: 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.

Cybersecurity ‘More Critical Than Ever’ In Era of Connected Care: BD

MedTechDive, SonicWall News: Ransomware attacks in which cybercriminals attempt to extort money declined by 23% overall during the first half of 2022 but increased 328% in healthcare, according to data from cybersecurity company SonicWall.

Industry News

SideWinder Group Responsible for Over 60 Attacks According to Researchers

The notorious threat actor group known as SideWinder has been linked to 61 attacks across Sri Lanka, Bhutan, Nepal, Afghanistan and Myanmar. According to Hacker News, the groups targets include government, finance, military and other organizations. Their typical attacks start with a spear-phishing email that includes a bogus URL. The URL directs victims to a site where the main malware is dropped onto their computer. It was also stated that SideWinder has added new tools to its threat arsenal. The ability to reload and retool so frequently suggests that SideWinder has considerable financial backing – perhaps even from a nation-state.

CISA Warns of Zero-days Being Exploited On iOS and Windows

Four new exploits were added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) list of exploits found in the wild this week. Three of them affected Microsoft products, and Microsoft patched all three on Tuesday as part of their February 2022 patch. The fourth affected WebKit on Apple devices and was acknowledged by Apple on Monday. Apple released emergency security updates to address the issues. According to Bleeping Computer, CISA has now given U.S. federal agencies until March 7^th to patch all four exploits.

Clop Ransomware Gang Uses Zero-Day to Breach 130 Organizations

GoAnywhere MFT secure file transfer tool has been exploited for a zero-day vulnerability. The exploit allowed the attackers to execute code remotely on the compromised systems. According to Bleeping Computer, the ransomware gang known as Clop reached out last week to inform BleepingComputer that they had used this vulnerability to breach 130 organizations already. They refused to go into details on whether they had already begun demanding ransoms from their victims or not. Reporter Brian Krebs reported that GoAnywhere MFT had warned of this exploit last week. Fortra, the developer of GoAnywhere MFT, said, “We are working directly with customers to assess their individual potential impact, apply mitigations and restore systems.” The full impact of the breaches is still unknown.

Tesla, Roku Hacker from Russia Faces Decades in Prison

Vladislav Klyushin has been found guilty by a U.S. district court for crimes involving information theft from U.S. networks. Klyushin is a former cybersecurity businessman from Russia. According to a release from the United States Justice Department, Klyushin was arrested in Sion, Switzerland, in 2021 before being sent to the U.S. to stand trial. U.S. attorney Rachael S. Rollins said, “For nearly three years, he and his co-conspirators repeatedly hacked into U.S. computer networks to obtain tomorrow’s headlines today.” Klyushin and his co-conspirators used the stolen information to gain money through insider trading. According to Dark Reading, the charges of security fraud and wire fraud could each put him behind bars for 20 years. Klyushin will face sentencing on May 4^th.

North Korean Threat Actor Targeting South Korea with Malware

A threat actor who has been linked to North Korea has been caught targeting South Korea with a new malware. They’re calling the new malware M2RAT, and the threat actor is being tracked as APT37. According to Hacker News, this cybercriminal is also tracked under the monikers ScarCruft, Ricochet Chollima, Red Eyes and Reaper. The new malware was observed in January 2023, and it uses a now-patched vulnerability in the South Korean word processor Hangul. This same vulnerability was exploited in 2017 but the North Korean Lazarus group to target South Korean cryptocurrency exchanges.

SonicWall Blog

SonicWall Recognizes Bill Conner for Transition of Business, Impact on Cybersecurity Industry – Bret Fitzgerald

SonicWall’s Jason Carter and Matt Brennan Earn 2023 CRN Channel Chief Recognition – Bret Fitzgerald

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi

Curated cybersecurity news and trends from the industry’s leading bloggers and news outlets, for you from SonicWall.

It’s the first week of February, and SonicWall has continued to draw interest in the news for excellent products and relevant research. Ask by Geek calls the TZ400 one of the best firewalls for small businesses. Charged Retail cites SonicWall’s data to contextualize a breach in the retail sector. Networking+ discusses rising ransomware numbers using data from our threat report.

It’s been another busy week for the cybersecurity world. Bleeping Computer has the lowdown on a recent attack from Russia’s Sandworm hacking group. Dark Reading warns of the return of North Korea’s state-backed hacker organization known as Lazarus. Google Fi lost customer data in a breach reported on by TechCrunch. Info Security breaks down how threat actors have been impersonating DocuSign in an elaborate phishing scheme. Hacker News unravels a Realtek vulnerability that is wreaking havoc on IoT devices.

Keep your passwords close and your eyes peeled — cybersecurity is everyone’s responsibility.

SonicWall News

Challenges For Startups in The IoT Sector

TechToday, SonicWall News: According to a report by SonicWall, 2.8 billion malware attacks were registered, up 11% in the first half of 2022, marking the first increase in global malware volume in over three years.

JD Sports Cyber Attack: Why Online Retail Is Vulnerable and What Can Be Done?

Charged Retail, SonicWall News: The JD Sports incident is yet another example of the rise in cyberattack incidents, with the retail industry experiencing a 90% increase in ransomware attacks last year, according to a report from SonicWall.

The Best Hardware Firewalls for Small Businesses

Ask by Geeks, SonicWall News: One of the best small business firewalls is the SonicWall TZ400 Security Firewall. The SonicWall TZ400 NGFW Premium is considered a little more expensive than other firewall options, but its security, reliability, ease of use and unique features justify its price.

10 million Customers Exposed in JD Sports Cyber Attack

ITPro, SonicWall News: A study last year by SonicWall found that the retail sector saw a 264% surge in ransomware attacks between February 2021 and 2022. The widespread consumer shift to online shopping during the pandemic prompted hackers to escalate attacks against online retailers.

Three Ways Governments Can Better Protect Public Data

Networking+, SonicWall News: The chances of being hit by a ransomware attack are more significant than ever. Last year, global ransomware volume skyrocketed by 105% year over year, according to the 2022 SonicWall Cyber Threat Report. While no industry was spared, the numbers were particularly gruesome for governments. Ransomware attempts on government entities rose a staggering 1,885%. That’s more than double the increase reported by healthcare (755%), education (152%), and retail (21%) combined.

2023 Predictions: Emerging Tech & Global Conflict Bring New Cyber Threats

CyberSecurityInsiders, SonicWall News: 2022 saw a shifting cybersecurity landscape as rising geopolitical conflicts brought new tactics, targets, and goals for cybercrime. According to recent threat intelligence from SonicWall, global ransomware attempts declined 31% YoY as cybercriminals and nation-state actors opted for never-before-seen malware variants, IoT malware, and cryptojacking in attacks motivated by financial gain and state-sponsored hacktivism.

Cybersecurity ‘More Critical Than Ever’ In Era of Connected Care: BD

MedTechDive, SonicWall News: Ransomware attacks in which cybercriminals attempt to extort money declined by 23% overall during the first half of 2022 but increased 328% in healthcare, according to data from cybersecurity company SonicWall.

IT Services Industry Looks to Cyber, Cloud Consulting for Growth

TechTarget, SonicWall News: Logically’s MSSP offerings include extended detection and response, endpoint detection and response, and MDR; enterprise-level managed firewall services; and cybersecurity assessments, according to Skeens. The company runs a SOC. The company’s IT security technology partners include SonicWall.

The Sonicwall NSsp 15700 Brings Serious Network Protection Super Powers

iTWire, SonicWall News: iTWire really could go on and on; the list of features is almost endless. There is a database of applications for intelligent packet analysis, support for IoT devices, DNS protection and more. However, the best thing right now is to take it for a spin yourself. You can demo the SonicWall NSsp series firewalls online without any installation or commitment and see all the features and benefits in action.

Royal Mail ‘Cyber Incident’ Causes Widespread Disruption

Strategic Risk, SonicWall News: There were 623 million ransomware attacks globally in 2021 according to Sonic wall, representing a 105% year on year increase. The UK saw a 228% surge and a 65% increase in never-seen-before malware.

8 Safety Solutions to Keep Your Business Secure

Business Info, SonicWall News: Network security devices are essential for any business. They establish a firewall that will protect internal networks from external threats, such as attacks from the internet. The SonicWall TZ270 uses Real-Time Deep Memory Inspection to prevent cyber-attacks.

Safe Homes: Security Tech for Remote Workers

Silicon, SonicWall News: Speaking to Silicon UK, Rick Meder, VP of Strategic Partnerships and Platform Architecture at SonicWall, commented: “With most employees no longer within the protected perimeter of a traditional corporate network, the basic secure access tools in place for remote access workers have become quickly inadequate. The potential attack surface expands exponentially, oversite by security staff is met with extreme challenges, and policy complexity reaches levels like never before. Efforts to uphold an adequate security posture while maintaining workforce productivity quickly become overwhelming.”

Industry News

Realtek Vulnerability is Real Problem for IoT Devices

A now-patched vulnerability in Realtek’s Jungle SDK has resulted in over 134 million hack attempts on IoT devices since August 2022. Threat actors have been abusing the vulnerability to try and infect devices across the globe. The exploit makes some devices manufactured by D-Link, ASUS, LG, Belkin and NETGEAR vulnerable. Hacker News warned users of the importance of updating devices regularly to protect them from exposure to attacks like this.

North Korean Lazarus Group Targeting Medical Research and Energy Intel

The North Korean hacker group known as Lazarus has made another appearance, this time targeting intel in medical research and the energy sector. The discovery was made by threat intelligence analysts at WithSecure. WithSecure was able to assert with high confidence that the attack came from Lazarus after discovering that the attacker made an operational security error. The actions carried out by Lazarus point to this being an intelligence-gathering attack. Per Dark Reading, Lazarus never lays low for long. They are a long-running group that is thought to be run by North Korea’s Foreign Intelligence and Reconnaissance Bureau. Lazarus first appeared on the scene in 2009 and has made numerous appearances since then with minimal time spent in the dark. Last year, Lazarus targeted Apple’s M1 chip in an attack. The group is a large source of income for the North Korean regime, so their attacks are usually both finance- and intel-based.

Sandworm Hacker Group Using Active Directory to Wipe Critical Files

A new malware capable of wiping critical files and data has been discovered following a cyberattack on a target in Ukraine. The malware, which the researchers who discovered it are calling ‘SwiftSlicer,’ uses Windows’ Active Directory Group Policy. The malware variant is being attributed to Russia’s Sandworm hacking group. According to Bleeping Computer, the target’s name has not been released. Sandworm recently attacked Ukrinform, which is Ukraine’s national news agency. A Tweet from ESET Research says, “Once executed, it deletes shadow copies; recursively overwrites files located in %CSIDL_SYSTEM%\drivers.” Bleeping Computer notes that by targeting that specific folder, the malware hopes to bring down entire Windows domains alongside wiping critical files. While the malware was only added to the Virus Total database on January 26, more than half of the antiviruses on the platform are currently detecting it.

Google Fi Loses Customer Data in Breach

Google’s cell phone service, Google Fi, lost customer data in a recent breach. The folks at TechCrunch believe it may be related to the recent T-Mobile breach that resulted in 37 million customers data being stolen. Google stated that information such as the content of calls and texts, payment card data, passwords, and customer personal information were not stolen in the breach. The attackers accessed limited customer information such as phone numbers, SIM card serial numbers and information on the type of plan customers were enrolled in. As of now, it’s unclear how many Google Fi customers were affected in the breach. Google has not made the total number of Google Fi customers public, so it is difficult to speculate how many people could be affected. Google notified customers in an email that they are attempting to secure the data and notify all customers whose data was taken.

Threat Actors Impersonate DocuSign to Target 10,000 People in Phishing Attack

A phishing attack from a group impersonating DocuSign targeted 10,000 users across multiple organizations. Attackers sent emails that managed to bypass security and reach the inbox of the targets. Cybersecurity researchers at Armorblox discovered the ploy and have issued guidance on how to avoid similar attacks. According to Info Security, victims were redirected to a fake DocuSign landing page after clicking the link provided in the email. The emails were sent from a valid domain to make it past security.

SonicWall Blog

Can You Catch All the Phish? Take Our New Phishing IQ Quiz and Find Out! – Ken Dang

Celebrating 2023 With Expanded “3 & Free” – Matt Brennan

‘3 & Free’ Promotion: How to Upgrade to a New SonicWall TZ Series NGFW for Free – Matt Brennan

The Art of Cyber War: Sun Tzu and Cybersecurity – Ray Wyman

Talking Boundless Cybersecurity at the Schoolscape IT 2022 Conference – Mohamed Abdallah

3 & Free: 1 Amazing Deal, 2 Exceptional Firewalls, 3 Years of Superior Threat Protection – Matt Brennan

SonicWall Wins CRN’s 2022 Tech Innovator Award in Enterprise Network Security – Bret Fitzgerald

SonicWall Included on the Acclaimed CRN Edge Computing 100 List for 2022 – Bret Fitzgerald

A New Era of Partnering to Win – Robert (Bob) VanKirk

Multiply Your Security with Multifactor Authentication – Amber Wolff

10 Reasons to Upgrade to the Latest SonicWall Gen 7 TZ Firewall – Sarah Choi