This week, Trickbot is gaining strength, Bitcoin is gaining value, and cybercriminals are gaining ground against vaccine manufacturers.

SonicWall in the News

New Partnerships Boost OT/IoT Security Across Digital Environments — Security Boulevard

• SonicWall’s Q3 Threat Report data is cited in this article about Nozomi Networks partnership with Honeywell and Yokogawa Europe.

Top Tips to Stay Safe During Black Friday & Cyber Monday — Security Toolbox

• Check out five tips to maintain security hygiene when shopping online during the upcoming holiday season.

Industry News

Manchester United attack illuminates the cyberthreats facing an overlooked sports sector — Cyberscoop

• The headline-making attack is a stark reminder that major sports franchises have targets on their backs, even if regulators and the press don’t apply the same amount of scrutiny to data protection strategies in athletics as in other sectors.

 Federal agencies warn that hackers are targeting US think tanks — The Hill

• The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that major hacking groups are targeting U.S. think tanks.

 Companies Urged to Adjust Hiring Requirements for Cyber Jobs — The Wall Street Journal

• Companies need millions more cybersecurity professionals to fill roles around the world, but researchers say the problem may be outlandish job requirements, rather than a lack of workers.

FINRA Warns Brokerage Firms of Phishing Campaign — Security Week

• Cybercriminals are using a recently registered lookalike domain in a phishing campaign targeting U.S. organizations, the Financial Industry Regulatory Authority warns.

Cyberespionage APT group hides behind cryptomining campaigns — Bleeping Computer

• An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts.
  

Bitcoin Hits New Record, This Time With Less Talk of a Bubble — The New York Times

• The crazy cousin of traditional currencies, which fell below $4,000 in March, has now passed $19,783 — and more investors are now buying it for the long term.

Government watchdog urges policymakers to boost cybersecurity for 5G networks — The Hill

• The agency detailed “capabilities and challenges” involved in the buildout of 5G networks and made a number of recommendations aimed at scaling up cybersecurity, spectrum availability and consumer data privacy.

Supreme Court considers scope of federal anti-hacking law in biggest cyber case to date — Cyberscoop

• This case is the biggest to come before the nation’s highest court involving the Computer Fraud and Abuse Act (CFAA), written in the 1980s and centering on when an individual “exceeds authorized access” to a computer.

It’s hard to keep a big botnet down: TrickBot sputters back toward full health — Cyberscoop

• Mounting evidence suggests that TrickBot, the vast botnet that both U.S. Cyber Command and a Microsoft-led coalition sought to disable around the 2020 elections, is on the mend and evolving.

Coronavirus: Hackers targeted Covid vaccine supply ‘cold chain’ — BBC

• The international vaccine supply chain has reportedly been targeted by cyber-espionage.

The Internet’s Most Notorious Botnet Has an Alarming New Trick — Wired

• The hackers behind TrickBot have begun probing victim PCs for vulnerable firmware, which would let them persist on devices undetected.

North Korean Hackers Are Said to Have Targeted Companies Working on Covid-19 Vaccines — The Wall Street Journal

• At least six pharmaceutical companies in the U.S., the U.K. and South Korea were targeted as the regime seeks sensitive information it could sell or weaponize.

In Case You Missed It

• Defending Against Tomorrow’s APTs — Brook Chelmo
• Black Friday Preview: As Holiday Shopping Thrives Online, Will Cybercriminals Move In? — Amber Wolff
• Cybersecurity Alphabet Soup: SDP, ZTNA and SASE — Jayant Thakre
• Making Sense of Today’s APT Groups — Brook Chelmo
• Storms Ahead: The Dark Side of the Rush to the Cloud — Osca St. Marthe
• New SonicWall Products Drive Innovation; Offer Greater Flexibility, Performance and Low TCO — Atul Dhablania

This week, teenage hackers and nation-state attackers made trouble worldwide.

SonicWall Spotlight

SonicWall TZ 600 POE — SC Magazine

• SC Media takes a close look at the TZ 600 POE and awards it top marks.

Why Small Businesses Must Deal With Emerging Cybersecurity Threats — Entrepreneur

• Cybercriminals are counting on small businesses to be less protected — and they’re often right.

Surging CMS attacks keep SQL Injections On The Radar During The Next Normal — Help Net Security

• Cyberattacks have risen during the pandemic, leaving businesses to wonder whether things will settle down when COVID-19 begins to wane, or if the increase in attacks is here to stay.

Cybersecurity News

Teenager arrested in cyberattacks on Miami-Dade schools — The Washington Times

• A 16-year-old student has been arrested for orchestrating a series of network outages and cyberattacks during the first week of school in Florida’s largest district.

Microsoft Defender can ironically be used to download malware — Bleeping Computer

• A recent update to Windows 10’s Microsoft Defender antivirus solution ironically allows it to download malware and other files to a Windows computer.

Twitter Hack May Have Had Another Mastermind: A 16-Year-Old — The New York Times

• A Massachusetts teenager appears to have played a significant role in the July 15 Twitter attack, investigators and fellow hackers said.

Chinese Hackers Targeted European Officials in Phishing Campaign — Bloomberg

• Chinese nation-state hackers launched a phishing campaign against European government officials, diplomats, non-profits and other organizations to gather intelligence about global economies reeling from the pandemic.

Minister: New Zealand Enduring Wave of Cyberattacks — Security Week

• According to the Associated Press, tracking down the perpetrators will be extremely difficult, as the distributed denial of service attacks are being routed through thousands of computers.

Federal agencies deny seeing attacks on voting infrastructure — The Hill

• The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have denied seeing any reports of attacks on voting infrastructure, following the publication of a report on potential Russian election interference.

The FBI Botched Its DNC Hack Warning in 2016—but Says It Won’t Next Time — Wired

• Facing looming election threats and a ransomware epidemic, the bureau says it has revamped its process for warning hacking victims.

The accidental notary: Apple approves notorious malware to run on Macs — Ars Technica

• Newfangled malware protection gives users a false sense of security, critics say, making it potentially worse than nothing at all.

Attackers abuse Google DNS over HTTPS to download malware — Bleeping Computer

• More details have emerged on a malware sample that uses Google DNS over HTTPS to retrieve the stage 2 malicious payload.

‘UltraRank’ Gang Sells Card Data It Steals — Bank Info Security

• A cybercriminal gang that has spent five years planting malicious JavaScript code in order to steal payment card data from hundreds of e-commerce websites also takes the unusual step of selling the data on its own.

Hackers Attack Norway’s Parliament — Security Week

• Norway’s parliament said Tuesday it had been the target of a “vast” cyberattack that allowed hackers to access the some lawmakers’ emails.

In Case You Missed It

• Your Email DLP Just Got Better and More Secure — Vishnu Chandra Pandey
• All it Takes is One Click! — Vishnu Chandra Pandey
• Not Safe for Work — Amber Wolff
• SonicWall Wins ChannelPro Reader’s Choice Award — Amber Wolff
• Get the Most out of Your Security Appliance with Multi-Instance — Ajay Uggirala
• SonicWall Products Compliant with NDAA Section 889 Regulations — Wayne Engelke
• SonicWall CEO Bill Conner Talks Company Milestone in CRNtv Guest Appearance — Lindsey Lockhart
• Introducing the SonicExpress Mobile App — Sathya Thammanur

This week, SonicWall reveals what the “new business normal” looks like for cybercriminals in the mid-year update to the 2020 Cyber Threat Report.

SonicWall Spotlight

SonicWall Report: COVID-19 Has Created ‘Boon’ For Criminals — ZDNet

• In an article on SonicWall’s Mid-Year Threat Report, ZDNet highlights findings that hackers have shifted their strategies due to COVID-19.

The 2020 Rising Female Stars Of The IT Channel — CRN

• SonicWall is proud to announce one of its own, Tiffany Haselhorst, has joined other leaders within the IT channel community on CRN’s esteemed 2020 list of 100 Rising Female Stars.

Cyberthreat landscape changes to meet new business normal of Work From Home: SonicWall — Channelbuzz.ca

• In an article on SonicWall’s Mid-Year Threat Report, Channelbuzz highlights how cybercriminals have evolved their tactics to better exploit remote work environments during the pandemic.

Malware Attacks Down As Ransomware Increases — BetaNews

• In an article on SonicWall’s Mid-Year Threat Report, BetaNews highlights findings that malware has dropped 24% and ransomware has increased 20% globally and 109% in the U.S.

Cybersecurity News

Using Robust Tools, Cybercriminals Accelerate Their Own Digital Transformation — SiliconANGLE

• In the online underground, crime not only pays, but attackers are rapidly developing tools and networks that rival those of legitimate enterprises today.

Blackbaud Hack: Universities lose data to ransomware attack — BBC

• At least seven universities in the UK and Canada have had student data stolen after hackers attacked a cloud computing provider.

Ongoing Meow attack has nuked >1,000 databases without telling anyone why — Ars Technica

• Just hours after a world-readable database exposed a wealth of sensitive user information, UFO made the news again, this time because a database that stored user details was destroyed in an attack.

Apple’s Hackable iPhones Are Finally Here — Wired

• Last year, Apple announced a special device just for hackers. The phone — for approved researchers only — will soon go into circulation.

New cryptojacking botnet uses SMB exploit to spread to Windows systems — Bleeping Computer

• A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol.

Ransomware attack locked a football club’s turnstiles — ZDNet

• Cyber criminals are targeting sports teams, leagues and organizational bodies — and in many cases, their attacks are successful, warns the NCSC.

Lazarus hackers deploy ransomware, steal data using MATA malware — Bleeping Computer

• A recently discovered malware framework, known as MATA and linked to the North Korean-backed Lazarus hacking group, was used in attacks targeting corporate entities from multiple countries.

House-passed defense spending bill includes provision establishing White House cyber czar — The Hill

• The House version of the annual National Defense Authorization Act included a provision establishing a national cyber director, a role that would help coordinate federal cybersecurity efforts.

Hackers use recycled backdoor to keep a hold on hacked e-commerce server — Ars Technica

• Easy-to-miss script can give attackers new access should they ever be booted out.

Twitter Hack Revives Concerns Over Its Data Security — The Wall Street Journal

• The alleged perpetrator, who called himself ‘Kirk,’ was part of a subculture where hackers trade in coveted social-media accounts.

In Case You Missed It

• New Cyber Threat Intelligence Finds Malicious Office Files Spiking, Ransomware Up during COVID-19 Pandemic — Geoff Blaine
• ‘3 & Free’ Promotion: The Easiest Way to Upgrade Your SonicWall Firewall for Free — Robert (Bob) VanKirk
• SonicWall EMEA 2020 Virtual Partner Events — Terry Greer-King
• COVID-19 Ushers in a New Era of Cybersecurity for Higher Ed — Bill Conner
• A Brief History of COVID-19 Related Attacks, Pt. 1 — Dmitriy Ayrapetov
• SonicWall’s Online Community Connects Cybersecurity Professionals — Micah Vorst

This week, SonicWall launched its new SD-Branch capabilities and multi-gigabit SonicWall Switches, bringing cost-effective simplicity and centralized management to the hyperdistributed era.

SonicWall Spotlight

Sonicwall Advances Network Edge Security, Adds Multi-Gigabit Switch Series, Easy-To-Manage SD-Branch Capabilities — SonicWall Press Release

• To simplify security deployment, management and visibility for organizations with growing branch footprints, SonicWall is introducing new secure SD-Branch capabilities and a complete line of new multi-gigabit switches to cost-effectively scale and manage remote or branch locations.

SonicWall Adds Multi-Gigabit Switches to SD-Branch Portfolio — DevOps.com

• Dmitriy Ayrapetov, vice president of platform architecture for SonicWall, talks about the new SonicWall Switches and SD-Branch capabilities, and how they centralize management of remote offices.

Seven Factors To Consider When Evaluating Endpoint Protection Solutions — MSSP Alert

• Attackers are getting craftier when infiltrating secure environments. SonicWall’s Vishnu Chandra Pandey offers several ways to know whether your endpoint protection solution will be able to keep up.

Boundless Cybersecurity for the New Work Reality — SC Magazine

• With the widespread adoption of remote work, we’ve moved into a hyperdistributed IT landscape. SonicWall’s Terry Greer-King explains how Boundless Cybersecurity can help businesses survive this new business normal.

Cybersecurity News

Ransomware: Hackers took just three days to find this fake industrial network and fill it with malware — ZDNet

• Researchers set up a tempting honeypot to monitor how cybercriminals would exploit it. Then it came under attack.

Fake Black Lives Matter voting campaign spreads Trickbot malware — Bleeping Computer

• A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware.

Rate of Ransomware Attacks in Healthcare Slows in H1 2020 — Dark Reading

• A lower number of ransomware attacks on healthcare entities suggests many threat groups are indeed avoiding targeting them during the current pandemic. But the lull may be short-lived.

Encryption Utility Firm Accused of Bundling Malware Functions in Product — Threat Post

• A legally registered Italian company is selling what it claims is a legitimate encryption utility, but the service it provides has been a common denominator in thousands of attacks over the past year.

Vulnerability in Plug-and-Play Protocol Puts Billions of Devices at Risk — Dark Reading

• “CallStranger” flaw in UPnP allows attackers to launch DDoS attacks and scan internal ports, security researcher says.

Environmentalists Targeted Exxon Mobil. Then Hackers Targeted Them. — The New York Times

• Federal prosecutors are investigating a global hacker-for-hire operation that sent phishing emails to environmental groups, along with thousands of individuals and hundreds of institutions around the world.

Valak malware gets new plugin to steal Outlook login credentials — Bleeping Computer

• A new module discovered by researchers suggests the authors of the Valak information stealer are increasingly focusing on stealing email credentials.

Amid Pandemic and Upheaval, New Cyberthreats to the Presidential Election — The New York Times

• Fear of the coronavirus is speeding up efforts to allow voting from home, but some of them pose security risks and may make it easier for Vladimir Putin or others to hack the vote.

NATO Condemns Cyberattacks Against COVID-19 Responders — Security Week

• Over the past couple of months, there has been a surge in attacks targeting those who work in response to the pandemic, prompting NATO to publicly condemn the malicious cyber-activities directed against COVID-19 responders.

In Case You Missed It

• SonicWall’s New SD-Branch Solution, Multi-gigabit Switch Line Secure Dispersed Businesses, Branch Locations — Jayant Thakre
• SonicWall Reinvents Branch Connectivity with Secure SD-Branch and Switches — Srudi Dineshan
• A Message from our CEO: Listening, Learning and Standing Together — SonicWall Staff
• Custom Build your Security Strategy with the SonicWall Boundless Cybersecurity Bundle — Amber Wolff
• Why Securing Remote Work is Crucial To Ensuring Business Continuity — Agasthiamani Sankaran

This week, hackers continued to capitalize on the COVID-19 pandemic, targeting the healthcare industry, oil companies and remote workers.

SonicWall Spotlight

Czech Cyber Officials Warn Of Serious Threat To Health Care Sector – Cyberscoop

• Cybersecurity authorities in the Czech Republic have warned of an “extensive campaign of cyberattacks” on IT systems and health care facilities. At least one of the malicious files in the Czech advisory is part of a batch of code used in a remote access hacking tool, which SonicWall reported last month.

SonicWall Boundless Cybersecurity Platform for Remote Working – CRN

• SonicWall’s new Boundless Cybersecurity model is designed to protect and mobilize large enterprises, small- and medium-sized businesses, and government agencies from the risks of a remote workforce.

2,000 Coronavirus Scammers Taken Offline in NCSC Phishing Crackdown – Experts Reaction –  Information Security Buzz

• The UK’s National Cyber Security Centre, along with the City of London Police and several other government agencies, has launched a ‘Suspicious email reporting service’ for members of the public to alert the authorities to potential cyber-attacks.

Cybersecurity News

Hacking against corporations surges as workers take computers home – Reuters

• Hackers are targeting remote workers, particularly in highly impacted areas where users’ confusion and anxiety makes them more susceptible to phishing.

FBI enlists internet domain registries in fight against coronavirus scams – Cyberscoop

• Ongoing cooperation between the government and technology companies has resulted in the removal of hundreds of fraudulent websites that included “coronavirus,” “covid19” and related phrases in their names.

Creative Skype phishing campaign uses Google’s .app gTLD – Bleeping Computer

• Attackers have deployed a phishing campaign against remote workers using Skype, luring them with emails that mimic notifications from the service.

Hackers Target Top Officials at World Health Organization – Bloomberg

• The WHO’s security team has been the target of an increasing number of attempted cyber-attacks since mid-March. According to officials, WHO itself has not been hacked, but employee passwords have leaked through other websites.

Hackers Target Oil Companies as Prices Plunge – Wired

• Espionage hackers have commenced a sophisticated spear-phishing campaign concentrated on U.S.-based energy companies. The goal: install a notorious trojan to siphon their most sensitive communications and data.

Virtual army rising up to protect healthcare groups from hackers – The Hill

• A new network of white hat hackers—made up of more than 1,400 volunteers in 76 countries, from sectors including information security, telecommunications and law enforcement—has banded together under the name COVID-19 CTI League to help protect the healthcare industry. 
  

Apple iPhone May Be Vulnerable to Email Hack – The Wall Street Journal

• Sophisticated hackers may be attacking Apple iPhones by exploiting a previously unknown flaw in the smartphone’s email software.

Customer complaint phishing pushes network hacking malware – Bleeping Computer

• A new phishing campaign is targeting remote employees, using fake customer complaints to install a backdoor that will compromise the corporate network.

Hackers Can Exfiltrate Data From Air-Gapped Computers Via Fan Vibrations – Security Week

• With the use of new malware and a smartphone, researcher Mordechai Guri was able to exfiltrate data from air-gapped computers using vibrations from the machines’ internal fans.

In Case You Missed It

• Securing Telecommuters with Expanded Endpoint Visibility and Control – Suroop Chandran
• ‘Boundless Cybersecurity’ Protects Organizations Mobilizing for the New Business Normal – Geoff Blaine
• The New Front in Hospitals’ Battle Against COVID-19: Ransomware – Amber Wolff
• SonicWall Unveils Partner Program Designed for MSSPs – Lindsey Lockheart
• Securing SaaS: Protect More, Manage Less – Vishnu Chandra Pandey