Posts

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New NIST Small Business Cybersecurity Act to Provide Guidance for Protecting SMBs – SonicWall eBook

  • If you’re a small to medium-sized business (SMB) looking for guidance on the NIST Small Business Cybersecurity Act, get this eBook. It includes an explanation of the act and information on how best to protect yourself and your business.

Intel CPUs Fall to New Hyperthreading Exploit That Pilfers Crypto Keys – Ars Technica

  • PortSmash is a new attack that exploits Intel’s Hyper-Threading architecture. SonicWall adds a layer of protection against this exploit and other similar side-channel attacks.

Cyber Security News

The Mad Dash to Find a Cybersecurity Force – The New York Times

  • The need for skilled cybersecurity experts in the workplace is growing faster than the talent pool can provide with an estimated 3.5 million cybersecurity jobs available but unfilled by 2021.

Lazarus FASTCash ATM Attack Details Discovered – SC Magazine

  • North Korean hacker group Lazarus has been using FASTCash trojan on obsolete AIX servers to hack ATMs and steal tens of millions of dollars.

Data of Nearly 700,000 Amex India Customers Exposed via Unsecured MongoDB Server – ZDNet

  • American Express India has been caught with an unencrypted server accessible online without a password, exposing a huge amount of personal data.

HSBC Customers Hit by Data Breach in US Business – BBC News

  • At least one customer in every U.S. state has been affected by a data breach that occurred between October 4 and 14 of this year. HSBC say it affected less than 1 percent of its U.S. customer base but the details include account numbers and transaction histories.

Cambodia’s ISPs Hit by Some of the Biggest DDoS Attacks in the Country’s History – ZDNet

  • Someone is bombarding ISPs in Cambodia with DDoS attacks and ZDNet have a few theories on who it might be.

Private Messages From 81,000 Hacked Facebook Accounts for Sale – BBC

  • Hackers who claim to have access to 120 million Facebook accounts have been attempting to sell private messages online for as little as 10 cents per account.

Ransomware Keeps Ringing in Profits for Cybercrime Rings – BankInfoSecurity

  • If you’re confused by the many different types of ransomware in the news right now, BankInfoSecurity explain current trends and who is most at risk.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Channelnomics Innovation Awards – Channelnomics

  • SonicWall’s Steve Pataky is up for Security Channel Chief of the Year, vote for him today!

British Airways Confirms Theft of Additional Data – Silicon (UK)

  • In light of many recent high-profile breaches, SonicWall CEO Bill Conner spoke to Silicon about the responsibility that companies bear when guarding customer data.

2018 ChannelPro SMB All-Stars – ChannelPro

  • SonicWall has been named one of the ChannelPro 2018 SMB All-Stars, an award that honors organizations that do something “truly special” with “significant impact on the SMB channel.”

Cyber Security News

Canada’s Mandatory Breach Notification Rules Now in Effect – Bank Info Security

  • As of Nov. 1, Canadian organizations must record all data breaches, big or small, and report major ones. Records must be kept for at least two years.

Radisson Hotel Group Suffers Data Breach, Customer Info Leaked  – ZDNet

  • Loyalty members of the Radisson Hotel Group have email addresses, phone numbers and more leaked. No financial data is said to be exposed.

White House Sets Deadlines for Agencies to Protect Their Digital Crown Jewels – NextGov

  • Homeland Security has until April 2019 to develop a tool that will map cybersecurity problems in federal agencies following a report in May of this year that found that up to three-quarters of federal agencies were at risk of a breach.

Nice Work if You Can Get It: GandCrab Ransomware Nets Millions Even Though It Has Been Broken – The Register

  • There’s a free decryption tool now available if you’re caught by GandCrab, but in the past 3 months alone the ransomware is still estimated to have netted its owners $300 million.

Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks – Krebs On Security

  • The convicted co-author of the Mirai botnet malware has been sentenced to 2,500 hours of community service, six months home confinement and ordered to pay $8.6 million for his use of Mirai in attacks against Rutgers University, New Jersey.

Assault and Battery: Malvertising Campaign Checks User Device’ Charge as Anti-Detection Technique – SC Magazine

  • JuiceChecker-3PC is a clever mobile malware that doesn’t run when a phone battery is low or high in an attempt to avoid detection by security programs that are activated when a phone is charging.

Magecart Claims Fresh Victim in Electronics Kit Seller Kitronik – ZDNet

  • Magecart’s prolific streak continues as electronics outlet Kitronik join British Airways and Ticketmaster in confirming that it has been hit by the malware. Data exposed this time includes complete card details, names and addresses.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Privacy Problems for FANG Companies Might Beget M&A Action in Cybersecurity – The Street

  • SonicWall CEO Bill Conner predicts that large tech companies and social media giants will look to mergers and acquisitions (M&A) to address the shortage of available cyber security talent and stave off further punishment and damages caused by breaches and other cyber security incidents.

WSJ Report: Facebook Breach the Work of Spammers, Not Nation-State Actors – Dark Reading

  • Lawrence Pingree offers his perspective on the most recent Facebook breach revelations.

Cyber Security News

Apple CEO Condemns ‘Data-Industrial Complex’ – The Wall Street Journal

  • Apple CEO Tim Cook is calling for new digital privacy laws in the United States to be drawn up, warning that the collection of huge amounts of private and everyday information is being “weaponized against us with military efficiency.”

EU Takes Step Toward Cyberattack Sanctions – Dark Reading

  • The European Union has approved a proposal to place further sanctions on nations proven to have carried out a cyberattack.

Cathay Pacific Says Data of 9.4 Million Passengers Stolen in Hack – The Telegraph (UK)

  • Hong Kong airline Cathay Pacific has suffered a breach affecting up to 9.4 million passengers, including over three quarters of a million passport numbers.

Super Micro to Review Hardware for Malicious Chips – Reuters

  • Super Micro is agreeing to review their hardware in the wake of reports that the Chinese authorities are placing spying chips in their hardware. They deny all the allegations.

Who Is Agent Tesla? – Krebs on Security

  • Openly available for commercial license, Agent Tesla is classified by many as password-stealing malware. Krebs on Security investigates the not-so-well-hidden identity of Agent Tesla’s creator following a 100 percent usage increase of the program in August 2018.

Yahoo to Pay $50M, Other Costs for Massive Security Breach – Associated Press

  • The fallout from the biggest security breach of all time looks to be finally drawing to a close.

Magecart Cybergang Targets 0days in Third-Party Magento Extensions – Threat Post

  • Magecart, the malware behind the Ticketmaster and British Airways breaches, continues to be updated and reconfigured, now targeting unpatched vulnerabilities in third-party plugins used in the Magento e-commerce platform.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

10 Security Advances That Could Change the Game  – Channel Partners Online

  • SonicWall’s Lawrence Pingree shares his perspective on the need for rapid chip augmentation in order to successfully combat the cybersecurity war in 2019.

SonicWall and Partners Take Part at GITEX Technology Week – Tahawul Tech

  • SonicWall is a major presence at GITEX Technology Week, one of the biggest technology events in the world.

How Cyberhardening Can Reduce Risk to the Entire Medical Community – Beckers Hospital Review

  • Data from SonicWall’s Capture Labs is used to help show just how much data in the medical industry is vulnerable to cyberattack.

Cyber Security News

Facebook Finds Hack Was Done by Spammers, Not Foreign State – The Wall Street Journal

  • Facebook thinks that spammers looking to make money through advertising, and not a nation-state, are responsible for a recent data breach involving the data of 30 million accounts.

The Mysterious Return of Years-Old Chinese Malware – Wired

  • A modified version of malware dating back to 2010, that has never been made public and is not known to have been sold on the black market, has had a mysterious resurgence in recent months.

Pentagon Discloses Card Breach – ZDNet

  • Only a week after reporting that it was struggling to meet the demands of cyberwarfare, the Pentagon confirms that a security breach affecting up to 30,000 personnel was discovered at the start of October this year.

UK Firms “Not Prepared” for Data Breaches – Tech Radar

  • It’s not just U.K. firms. According to a report released for European Cybersecurity Month. one in six European businesses are not prepared for a cyberattack, even though over a third of them have suffered from a data breach in the past year.

Zero-Days, Fileless Attacks Are Now the Most Dangerous Threats to the Enterprise  – ZDNet

  • According to a study conducted by the Ponemon Institute, the average cost of a successful endpoint-based attack has increased by roughly 42 percent year-on-year with the average organization losing over $7 million.

New Cyberdefenses to Protect Your Smart Appliances From Hackers – The Wall Street Journal

  • A partnership was announced between U.K. based chip-designers Arm and Boston-based cybersecurity firm Cyberreason; they aim to develop secure chip designs specifically protecting Internet of Things (IOT) devices from cyberattack.

Report: Cryptocurrency Exchanges Lost $882 Million to Hackers – Bank Info Security

  • Cryptocurrency exchanges continue to suffer from successful cyberattacks and a newly released study has tallied the damages at $882 million in the past two years, this is only expected to get worse in 2019.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

“A leader has to be passionate about their work be able to motivate their teams to be equally passionate” With Bill Conner – Authority Magazine

  • Bill Conner, CEO of SonicWall, is interviewed about his career, from his days loading shipping containers all the way to his current role.

Cryptomining Malware Steals Fortnite Gamers’ Bitcoins and Personal Data – SC Magazine (UK)

  • As malware continues to target Fortnite players, SonicWall’s Lawrence Pingree talks about the probable future of kinetic ransomware.

Chart of the Day: Google Plus Never Got off the Ground – Real Money

  • SonicWall CEO Bill Conner weighs in with his thoughts on the importance, or not, of the Google Plus breach.

Cyber Security News

Pentagon Struggling to Meet Cyber Challenges, as Modern Warfare Goes High Tech – The Washington Times

  • The Pentagon wants to avoid another “Beast of Kandahar” situation but is struggling to keep its cybersecurity stronger than its attackers.

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom – Bloomberg

  • Accusations that China are inserting spying chips into US companies’ hardware are still being made and are spreading to other companies.

Medtronic Disables Pacemaker Programmer Updates Over Hack Concern – Reuters

  • There have been no documented reports of the vulnerability being exploited but the company are taking no chances with peoples’ hearts.

Vietnam Cyber Law Set for Tough Enforcement Despite Google, Facebook Pleas – Reuters

  • Companies will be required to store a wide range of user data and set up offices inside the country.

Heathrow Airport Fined £120,000 Over USB Data Breach Debacle – ZDNet

  • A memory stick with unencrypted private data of airport employees was found by a member of public last year.

Payment-Card-Skimming Magecart Strikes Again: Zero out of Five for Infecting E-Retail Sites – The Register (UK)

  • The British Airways and Ticketmaster attacking toolkit Magecart isn’t going away, this time turning up in a plugin called Shopper Approved that is used by hundreds of e-commerce sites.

This Cryptojacking Mining Malware Pretends to Be a Flash Update – ZDNet

  • The much-maligned Flash software now has the added problem of an imposter program that uses a victim’s computer to mine for the Monero cryptocurrency.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Facebook Hack: People’s Accounts Appear for Sale on Dark Web – The Independent (UK)

  • SonicWall CEO Bill Conner shares his thoughts on the fallout from the recent Facebook hack.

The A-Z of Security Threats 2018 – ITPro

  • SonicWall’s Laurence Pingree mans the letter E in this alphabet of cybersecurity threats for 2018.

100 People You Don’t Know but Should 2018 – CRN

  • Congratulations to John Mullen, included in the CRN 2018 list.

UK and Allies Accuse Russia of Cyber Attack Campaign – ComputerWeekly

  • SonicWall CEO Bill Conner encourages global co-operation following the UK National Cyber Security Centre (NCSC) directly linking Russia with cyberattacks.

Cyber Security News

National Cybersecurity Awareness MonthOfficial Website

  • October marks the 15th annual National Cybersecurity Awareness Month (NCSAM). Follow the activity online using the hashtags #NCSAM and #CyberAware.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

  • Hardware hacks are rare but, if successful, the payoff for them can be huge. Both Amazon and Apple may have been the victim of such a hack.

Meet Torii, a New IoT Botnet Far More Sophisticated Than Mirai Variants  – ZDNet

  • A very sophisticated Internet of Things botnet has been found and experts are impressed, “The author is not your average script kiddie.”

BUPA Fined $228,000 After Stolen Data Surfaces on Dark Web – BankInfoSecurity

  • British data-protection regulators are taking a dim view of companies who are not exercising good cybersecurity practises.

Gwinnett Medical Center Investigates Possible Data Breach – ZDNet

  • A security incident has led to a possible leak of patient information online.

Facebook Hack Puts Thousands of Other Sites at Risk – The New York Times

  • The Facebook hack has major implications for any site that uses Facebook as a login tool.

Malware Scam Targets Fortnite Cheaters and Their Bitcoin Wallets – CNET

  • If you’re looking to cheat at Fortnite then you are at risk of being cheated yourself.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

SonicWall Firewalls Named A 2018 Gartner Peer Insights Customers’ Choice – SonicWall Blog

  • With 122 reviews and a 4.3 rating, SonicWall is recognized as a 2018 Gartner Peer Insights Customers’ Choice for Unified Threat Management, reflecting commitment to partners and customers in providing top-tier cyber security solutions, along with an exceptional customer experience to support it.

SonicWall NSa Series Wins Cybersecurity Breakthrough Award as Best Firewall Solution – SonicWall Blog

  • This recognition brings SonicWall to a total of 42 industry honors so far in 2018.

SonicWall CEO Bill Conner On Cybersecurity Trends CEOs Should Know – Chief Executive Magazine

  • SonicWall CEO Bill Conner talks about the cybersecurity trends that CEOs should be paying attention to in this profile by Chief Executive Magazine.

ChannelPro Weekly Podcast: Episode #089 – Mimeographs Are Extinct. Are You? – Channelpro Podcast

  • SonicWall TZ500 Wireless-AC Gen 6 Firewall is the tech pick of the week.

Cyber Security News

Uber Settles Data Breach Investigation for $148 Million – NYTimes

  • In 2016, not wanting to expose a leak, Uber paid big money to a hacker who had gained access to 600,000 driver’s names and license numbers.

Pennsylvania Senate Democrats paid $700,000 to recover from ransomware attack – ZDNet

After falling victim to a ransomware attack, Pennsylvania Senate Democrats refused to pay the $30,000 ransomware demand, opting instead to pay over $700,000 to Microsoft to rebuild its IT infrastructure.

President Trump Unveils America’s First Cybersecurity Strategy in 15 Years – The White House

  • The White House has announced a new National Cyber Strategy that they are calling the first Cybersecurity Strategy in 15 years.

Some Credential-Stuffing Botnets Don’t Care About Being Noticed Any More – The Register (UK)

  • The “low and slow” covert method of malicious logins previously employed has been replaced by some bots with pure volume; one US credit union saw almost 9 thousand attempts per hour.

Qualcomm Accuses Apple of Stealing Its Secrets to Help Intel – Reuters

  • It’s a long-running patent drama but Qualcomm have filed papers against Apple saying they used Qualcomm software and log files without permission to “improve the sub-par performance of Intel’s chipsets.”

In Case You Missed It

The Evolution of Next-Generation Antivirus for Stronger Malware Defense

Threat detection has evolved from static to dynamic behavioral analysis to detect-threatening behavior. Comprehensive layers of defense, properly placed within the network and the endpoint, provide the best and most efficient detection and response capabilities to match today’s evolving threats.

For years, SonicWall offered endpoint protection utilizing traditional antivirus (AV) capabilities. It relied on what is known as static analysis. The word “static” is just like it sounds. Traditional antivirus used static lists of hashes, signatures, behavioral rules and heuristics to discover viruses, malware and potentially unwanted programs (PUPs). It scanned these static artifacts across the entire operating system and mounted filesystems for retroactive detection of malicious artifacts through scheduled scanning.

Traditional antivirus focuses on pre-process execution prevention. Meaning, all the scanning mechanisms are primarily designed to prevent the execution of malicious binaries. If we go back 20 years, this approach was very effective at blocking the majority of malware, and many antivirus companies capitalized on their execution prevention approaches.

As that technology waned, the provider we had for traditional antivirus discontinued their legacy antivirus solution and SonicWall sought new and more effective alternatives.

Traditional Defenses Fail to Match the Threat

In the past, attackers, determined to beat antivirus engines, focused much of their attention on hiding their activities. At first, the goal of the attacker was to package their executables into archive formats.

Some threat actors utilized multi-layer packaging (for example, placing an executable into a zip then placing the zip into another compression archive such as arj or rar formats). Traditional antivirus engines responded to this by leveraging file analysis and unpacking functions to scan binaries included within them.

Threat actors then figured out ways to leverage documents and spreadsheets, especially Microsoft Word or Excel, which allowed embedded macros which gave way to the “macro virus.”

Antivirus vendors had to become document macro experts, and Microsoft got wise and disabled macros by default in their documents (requiring user enablement). But cybercriminals didn’t stop there. They continued to evolve the way they used content to infect systems.

Fast forward to today. Threat actors now utilize so many varieties of techniques to hide themselves from static analysis engines, the advent of the sandbox detection engine became popular.

I often use an analogy to explain a malware sandbox. It’s akin to a petri dish in biology where a lab technician or doctor examines a germ in a dish and watches its growth and behavior using a microscope.

Behavioral Sandbox Analysis

Sandbox technologies allow for detection by monitoring malware behavior within virtual or emulated operating systems. The sandboxes run and extract malware behavior within these monitored operating system to investigate their motives. As sandboxing became more prevalent, threat actors redesigned their malware to hide themselves through sandbox evasion techniques.

This led SonicWall to develop advanced real-time memory monitoring to detect malware designed to evade sandbox technology. Today, SonicWall uses a multitude of capabilities — coupled with patent-pending Real-Time Deep Memory Inspection (RTDMITM) — to identify and mitigate malware more effectively than competing solutions.

SonicWall Automated Real-Time Breach Prevention & Detection

The Endpoint Evolves, Shares Intelligence

Next comes the endpoint. As we know, most enterprises and small businesses are mobile today. Therefore, a comprehensive defense against malware and compliance must protect remote users and devices as they mobilize beyond an organization’s safe perimeter. This places an emphasis in combining both network security and endpoint security.

Years ago, I wrote research at Gartner about the gaps in the market. There was a critical need to bridge network, endpoint and other adjacent devices together into a shared intelligence and orchestrated fabric. I called it “Intelligence Aware Security Controls (IASC).”

The core concept of IASC is that an orchestration fabric must exist between different security technology controls. This ensures that each control is aware of a detection event and other shared telemetry so that every security control can take that information and automatically respond to threats that emerge across the fabric.

So, for example, a botnet threat detection at the edge of the network can inform firewalls that are deployed deeper in the datacenter to adjust policies according to the threat emerging in the environment.

As Tomer Weingarten, CEO of SentinelOne said, “Legacy antivirus is simply no match for today’s sophisticated file-based malware, which proliferates much faster than new signatures can be created.”

Limitations of Legacy Antivirus (AV) Technology

To better understand the difference between legacy antivirus (AV) and next-generation antivirus (NGAV), we should know the advantages and unique features of NGAV over legacy signature-based AV solutions. Below are four primary limitations of legacy offerings.

  • Frequent updates. Traditional AV solutions require frequent (i.e., daily or weekly) updates of their signature databases to protect against the latest threats. This approach doesn’t scale well. In 2017 alone, SonicWall collected more than 56 million unique malware samples.
  • Invasive disk scans. Traditional AV solutions recommend recurring disk scans to ensure threats did not get in. These recurring scans are a big source of frustration for end users, as productivity is impacted during lengthy scans.
  • Cloud dependency. Traditional AV solutions are reliant on cloud connectivity for best protection. Signature databases have grown so large that it is no longer possible to push the entire database to the device. So, they keep the vast majority of signatures in the cloud and only push the most prevalent signatures to the agent.
  • Remote risk. In cases where end-users work in cafés, airports, hotels and other commercial facilities, the Wi-Fi provider is supported by ad revenues and encourage users to download the host’s tools (i.e., adware) for free connectivity. These tools or the Wi-Fi access point can easily block access to the AV cloud, which poses a huge security risk.

Switching to Real-time, Behavior-focused Endpoint Protection

Considering these limitations, there is a need for viable replacement of legacy AV solutions. For this reason, SonicWall partnered with SentinelOne to deliver a best-in-class NGAV and malware protection solution: SonicWall Capture Client.

SonicWall Capture Client is a unified endpoint offering with multiple protection capabilities. With a next-generation malware protection engine powered by SentinelOne, Capture Client applies advanced threat protection techniques, such as machine learning, network sandbox integration and system rollback. Capture Client uses automated intelligence to adapt and detect new strains of malware through advanced behavior analytics.

SonicWall Capture Client was a direct response to multiple market trends.

  • First, there has been a detection and response focus, which is why SentinelOne offers our customers the ability to detect and then select the response in workflows (along with a malware storyline).
  • Second, devices going mobile and outside the perimeter meant that backhauling traffic to a network device was not satisfying customers who wanted low latency network traffic for their mobile users (and, frankly, the extra bandwidth costs that go along with it).
  • Third, because of all the evasion techniques that attackers use, a real-time behavioral engine is preferred over a static analysis engine to detect advanced attacks.
  • Fourth, the Capture Client SentinelOne threat detection module’s deep file inspection engine sometimes detects low confidence or “suspicious” files or activities. In these low confidence scenarios, Capture Client engages the advanced sandbox analysis of RTDMI to deliver a much deeper analysis and verdict about the suspicious file/activity.

One crucial feature of the latest Capture Client solution is the ability to record all the behaviors of an attack and the processes involved on an endpoint into an attack storyline — essential for security operations detection, triage and response efforts.

By listening to the market and focusing on the four key points above, SonicWall delivered best-in-class protection for endpoints, and another important milestone in SonicWall’s mission to provide automated, real-time breach detection and prevention.

SonicWall Capture Client combines multiple technologies to provide the most efficient and effective defense against threat actors. The solution should be paired with a defense-in-depth security strategy across all the key layers of transport, including email, network and endpoints.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Business Live – BBC

  • SonicWall CEO Bill Conner appears live discussing cybersecurity on the flagship BBC business program.

Security Success in 2018 and Beyond – Channelnomics

  • SonicWall is a winner in the 2018 Channelnomics Security Awards for the Best Security Partner Program

SonicWall CEO rallies partners to fend off non-standard ports threat – Computer Weekly

  • At the PEAK 2018 event in London, SonicWall CEO Bill Conner takes time to talk to Computer Weekly about the growth in cyberattacks through non-standard ports and what SonicWall is doing to defeat them.

Cyber Security News

“Lawful intercept” Pegasus spyware found deployed in 45 countriesZDNet

  • New research data shows that the malware that can be found in both IOS and Android devices has been deployed by governmental regimes worldwide.

The Cyberthreats That Most Worry Election OfficialsThe Wall Street Journal

  • States and counties are busy preparing for the upcoming elections with drills and simulations of potential cyberattacks. The Wall Street Journal documents some of the biggest cyberthreats and what is being done to prevent them.

Equifax IT staff had to rerun hackers’ database queries to work out what was nicked The Register (UK)

  • An auditor’s report recently made public exposes in detail the number of avoidable missteps that led to the hack of Equifax in May to July 2017.

Hackers peddle thousands of air miles on the Dark Web for pocket moneyZDNet

  • Over on the Dark Web cyberattackers are undercutting the market with cheap frequent flyer miles, including 100,000 British Airwaves air miles for sale for as little as $144.

New Defense cyber strategy gives military power on preventative cyberattacksThe Hill

  • The US cyber defense strategy is moving increasingly towards an aggressive stance, with attack being the best form of defense.

There’s a song about cybersecurity from the Chinese governmentAbacus News

  • China celebrates Cybersecurity Week by releasing a patriotic song praising their digital defenses.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity and the future of work: How much can we predict? – Silicon Republic (Ireland)

  • SonicWall CEO Bill Conner, talking to Silicon Republic, shares his thoughts on battling the growth areas of cybercrime over the coming years.

US Indicts North Korean Over Sony, Bank and WannaCry Attacks – Infosecurity magazine

  • The U.S. Justice Department has formally charged a hacker in connection with cybercrimes that they are directly connecting to the North Korean government. SonicWall’s Bill Conner is featured as a security expert on the issue.

Cyber Security News

British Airways boss apologises for ‘malicious’ data breach – BBC

  • A week after the Air Canada security leak another major security breach in an Airline, this time British Airways, has been dominating news headlines. Names, email address and credit card information from over 380,000 transactions have been compromised.

Nope, the NSA isn’t sitting in front of a supercomputer hooked up to a terrorist’s hard drive – The Register

  • The Register talks about what exactly Government intelligence services want versus what it’s likely they will be able to get in the current digital climate.

The Case for a National Cybersecurity Agency – Politico

  • Gen. David Petraeus argues in Politico that national cybersecurity is in need of a complete overhaul with the creation of an independent National Cybersecurity Agency that reports directly to the President.

FIN6 returns to attack retailer point of sale systems in US, Europe – ZDNet

  • Point of Sale (POS) malware is really gathering steam. ZDNet have a report on a new campaign by a cybercriminal group called FIN6 who were previously known for selling credit card numbers on the Dark Web.

More U.S. Cities Brace for ‘Inevitable’ Hackers – The Wall Street Journal

  • After the city of Atlanta paid millions of dollars to ransomware attackers this year other U.S. Cities are considering their options on how to handle cyberattacks.

Obama-Themed Ransomware Also Mines for Monero – BankInfoSecurity

  • They’re calling it Barack Obama’s Everlasting Blue Blackmail Virus and it doubles as a cryptocurrency miner on top of being ransomware.

In Case You Missed It