Posts

3 Elements of a Successful Managed Security Services (MSS) Bundle

The small- and medium-sized business (SMB) market is rapidly accelerating its adoption of converged managed IT services to alleviate headaches and prevent risks.

More and more businesses use cloud-based services for enterprise applications, processing or communications, placing an even higher priority on network performance and reliability. Yet many SMBs are facing a cybersecurity crisis.

Cyber threats are continuing to get more sophisticated and frequent; SMBs are becoming a more routine target. 61 percent of SMBs experienced a cyber breach in 2017, compared to 55 percent in 2016.

Most managed IT service providers recognize that SMBs don’t have the awareness, knowledge or resources to implement cyber defense mechanisms to effectively protect their data, devices and people. Furthermore, the cybersecurity services market has developed enterprise-class solutions aimed at large enterprise businesses because they have historically been prime targets.

“The challenge for MSPs is finding effective tools that pair well with internal processes to mitigate the risk of a cyber breach, threat of downtime or damage to customers’ reputation.”

There are incredible opportunities for MSPs to develop service options customized for SMBs to address cybersecurity woes while accommodating limited budgets. MSPs that are focused on this will continue to add real value to the services they are providing and strengthen customer relationships by building trust.

The challenge for MSPs is finding effective tools that pair well with internal processes to mitigate the risk of a cyber breach, threat of downtime or damage to customers’ reputation. If bundled intelligently, these services are any easy sell. No business owner wants to see their organization featured on the six o’clock news for a data breach.

Consider three foundational elements of an MSSP plan. These may consist of several individual services, but those services are aimed at protecting specific functions.

Data Protection

Just like their enterprise counterparts, small businesses have a growing data footprint. Storage keeps getting less expensive and many SMBs don’t have a data governance policy, causing the gigabytes to pile up.

Whether the data is stored on-premises or in the cloud, it’s important to have appropriate protections in place, but also the ability to restore data in the event of a disaster or cyberattack. Good MSSP bundles aimed at protecting data will include:

  • Content Filtering: Having a web filtering service to block inappropriate, unproductive or malicious websites is a major first step in preventing cyberattacks.
  • Email Security: Implement secure email solutions to protect SMBs from email-borne threats, such as ransomware, zero-day attacks and spear-phishing attempts, and comply with regulatory mandates to encrypt sensitive emails.
  • Backup & Disaster Recovery: Ensure that an SMB’s data is effectively backed up; whether it lives on a workstation, on-premises device or in the cloud. Being able to restore information that has been compromised is the best insurance policy.

Device Protection

Endpoint devices come in all shapes, sizes and flavors, but the quantity of devices continues to grow. This means that there are more potential intrusion points than ever before. It’s important for a good MSSP bundle to include services aimed at protecting and monitoring endpoint devices.

  • Endpoint Management: MSSPs should have a comprehensive inventory of all devices associated with an SMB customer. Good endpoint management solutions will allow MSSPs to push updates and security patches as they are released to ensure that endpoints stay hardened.
  • Endpoint Security: It almost goes without saying, but having a solid antivirus endpoint security solution in place is still one of the best defenses for protecting endpoint devices.
  • Endpoint Rollback: Mistakes happen. Phishing emails are opened. Malicious links are clicked. But MSSPs can add value for their customers by using endpoint protection solutions that include automated rollback features for those events when a device is compromised.

People Protection

The human element is the most difficult to control and the hardest to protect. But it is critical.

Provide convenient and easy pathways for people to adopt sound security behavior. A consistent security awareness culture makes it easier for users to be aware of security threats. Consider the following bundled services as part of your MSSP offering.

  • Virtual Private Network (VPN): Provide a secure lane for all SMB endpoints to work over a VPN connection. A VPN client may route back to the customer’s network if there are on-premises connectivity demands, or it may be more generic VPN connection to an MSSP’s gateway. VPNs are prevalent and not just for workstations anymore. Modern VPN services offer clients for just about any type of endpoint and are especially important for mobile devices.
  • Policies & Procedures: Provide template policies and procedures to your SMB customers. Again, many of them are leaving IT management, including governance, up to you. Providing basic templates for things like password management, backup and user provisioning is an easy way to get them to create a more robust security awareness culture.
  • Security Awareness Training: For SMBs that subscribe to your MSSP bundle, provide them with routine threat awareness and simple tips and tricks to enforce that security awareness culture.

The most effective MSSP program is dependent on partnerships. Partnerships between SMBs and their IT partners, but also partnerships between MSSP providers and solutions providers. MSPs that bundle services to offer an MSSP will be well-suited to work with security vendors able to offer a comprehensive spectrum of services for their SMB customers.

About ProviNET

ProviNET is a SonicWall SecureFirst Gold Partner. For nearly three decades, ProviNET has delivered trusted technology solutions for healthcare organizations. Whether it’s a single project or full-time onsite work, ProviNET designs and implements customized solutions so healthcare organizations can focus on core services.

ProviNET’s tight-knit group of experienced, industry-certified personnel are focused on customer satisfaction. They are a reputable organization, fulfilling immediate IT needs and helping plan for tomorrow. They are ready to put their extensive knowledge to work for healthcare, developing strategies and solving challenges with the latest technology.

To learn more about ProviNET, please visit www.provinet.com.

Workplace Cybersecurity Is Everyone’s Responsibility

The cyberthreat landscape is changing. An increasing number of cyberattacks are executed using sophisticated tactics. Earlier this year, SonicWall warned that malware volume increased 102 percent in the first half of 2018 compared to that of 2017.

The report also notes a significant increase in cyberattacks that leverage new variants of malware, including ransomware and encrypted threats. Further, attacks are becoming highly targeted, for example baseStriker and PhishPoint target Office 365 users.

Attackers are evolving to take advantage of workplace technology trends, including the cloud and BYOD. These trends empower workforces to be mobile and productive as demanded by today’s 24/7 hyper-connected reality. Unfortunately, these behavior changes are significantly expanding the attack surface area for cybercriminals to exploit.

“Attackers are evolving their tactics to take advantage of workplace technology trends, including the cloud and BYOD.”

Today, network security means more than just safeguarding data, applications and infrastructure. Employees are not only resources that need protection, but also weaknesses or valuable assets for a stronger cybersecurity posture.

It is, of course, essential for organizations to have necessary security in place to monitor and protect attack surface areas. But no security product can be a silver bullet to stop all cyberattacks. It is necessary to educate and empower the last and most crucial line of defense: your employees.

Build a Culture of Cybersecurity Awareness

Employees are a key resource for an organization. As driving revenue is the primary objective, safeguarding the organization must also become one of the main responsibilities for employees. With the right frameworks and security awareness training programs in place, they can also be an effective layer of defense — a human firewall.

By extending these responsibilities to all employees, organizations can prevent sophisticated cyberattacks, saving the organization from financial, legal and reputation damages.

Creating cybersecurity awareness and training programs must include what employees must be aware of, what they need to watch out for, what best practices should be leveraged and how to follow them. It also must be easy to report security incidents. These programs must be delivered efficiently, measured and be easy to use.

Since the cyber threat landscape is evolving, the “human firewall” needs continuous signature/intelligence updates in terms of the new threats and how to identify and stop them. This is modern cybersecurity awareness.

Stop the No. 1 Cyberattack Vector: Email

But cybercriminals also know to target the human element to execute attacks. Email is the No. 1 threat vector used by cybercriminals today; more than 90 percent of attacks start with a phishing campaign.

Modern phishing tactics can trick even the savviest users. Attacks that use fake login pages, impersonation and business email compromise (BEC) are difficult to detect and block as these emails do not contain malware.

Organizations would benefit from taking a human-centric approach to email security and include user training and awareness to spot and avoid clicking on phishing email threats. Organizations should train employees to:

Embrace security as one of their key responsibilities. Beware of sudden changes in business practices. For example, email requests for transfers of funds.
Treat any suspicious email with caution. Review the signature and legitimacy of the request.
Look at domain names from suspicious emails. Confirm requests for transfers of funds or confidential information, such as W-2 records.
Exercise extra caution if an email is from a free, web-based account. Do not use the “Reply” option to respond to any business emails. Instead, use the “Forward” option and either type in the correct email address or select it from the email address book to ensure the intended recipient’s correct email address is used.
Check for spelling mistakes and grammatical errors.

Spot Sophisticated Phishing Attacks

Want to brush up on your ability to spot a phishing attack? Take SonicWall’s quick Phishing IQ test or download our exclusive brief, “How to Stop Email Spoofing.”

Monitor and Manage Shadow IT

According to Gartner, by 2020 one-third of security breaches will be the result of shadow IT. The ease of SaaS adoption and deployment leads to the following problems:

  • Losing control over sensitive corporate data traversing through public or hybrid clouds and data centers introduces new risks such as unauthorized access, malware propagation, data leakage and non-compliance.
  • Balancing security budgets, shadow IT practices and employee productivity.

To address the above challenges, IT administrators need Cloud Access Security Broker (CASB) solutions to provide visibility for what applications are being used and where. This will help them better understand the overall risk posture.

To mitigate the risks of shadow IT and embrace productivity, both organizations and employees must understand the agreement on what constitutes a legitimate application allowed for official use. Employees must be trained to use judgement so that they do not upload sensitive or confidential data into cloud-based applications.

Protect Endpoints, Especially When Outside the Perimeter

Workforces today rely on the same device for business and personal use, resulting in intermingling of business and personal data and applications. This creates an increased risk of security breaches for organizations, including:

  • Unauthorized users gaining access to company data and applications
  • Malware-infected devices acting as conduits to infect company systems
  • Interception of company data in transit on unsecured public Wi-Fi networks
  • Compliance with audit and regulatory requirements
  • Loss of business data stored on devices if rogue personal apps or unauthorized users gain access to data

To ensure proper safety, employees must be educated on the risks an endpoint poses to an organization, especially when those devices are frequently used from home, mobile or public networks. This can start with the basics such as:

  • Lock mobile devices when not in use.
  • Don’t use USB drives you don’t trust.
  • Update all software, operating systems and malware signatures.
  • Use secure VPN connections when accessing corporate resources over unsecured networks.
  • Install next-generation anti-virus (NGAV) to stop the latest threats.

Cybersecurity: Our Shared Responsibility

As cyberattacks evolve, organizations need to take a human-centric approach to security. Cybersecurity is everyone’s job. It’s a shared responsibility. It’s critical that structures, guidelines and processes are in place to make employees care and be responsible to remain safe online while at work.

Organizations will greatly benefit by incorporating user awareness and training programs to educate and empower employees who will form a critical line of defense. Cybersecurity is never finished. Make it core to company culture.


About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct. 1-5: Make Your Home a Haven for Online Safety
  • Oct. 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct. 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct. 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.

Infographic: Ransomware’s Devastating Impact on Real-World Businesses

Still relatively new to the cyber threat landscape, ransomware continues to be one of the high-profile malware types that grab headlines. It’s one part Hollywood-style drama mixed with the “mystery” of cryptocurrencies and the seemingly personal nature of ransomware attacks.

But it’s not hyperbole. Ransomware remains one of the most malicious cyberattacks that can cripple a business. SonicWall’s new infographic highlights composite data that demonstrates how ransomware impacts businesses’ ability to operate.

So, how do you prevent your organization from being severely disrupted by ransomware? The best approach is to use multiple layers that deliver automated, real-time breach detection and prevention. While this isn’t an exhaustive list of all security options, these cornerstone tactics will mitigate most of today’s most malicious cyberattacks, including ransomware.

How to Block Ransomware

Businesses have no choice but to proactively mitigate ransomware attacks. But is there a proven approach that can cost-effectively scale across networks and endpoints? Four key security capabilities make full ransomware protection possible.

  1. Next-Generation Firewall

    Detect and prevent cyberattacks with power, speed and precision.
    Next-generation firewalls (NGFW) are one of your first lines of defense against hackers, cybercriminals and threat actors.

    For example, SonicWall firewalls deliver real-time, cloud-based threat prevention, while augmenting the security from on-box deep packet inspection of SSL traffic (DPI-SSL). And all new SonicWall firewalls integrate with our award-winning network sandbox for advanced threat protection.

  2. Network Sandbox

    Identify and stop unknown attacks in real time.
    A network sandbox is an isolated environment on the firewallthat runs files to monitor their behavior. SonicWall Capture Advanced Threat Protection (ATP) is a multi-engine sandbox service that holds suspicious files at the gateway until a verdict can be achieved.

    Capture ATP also features Real-Time Deep Memory InspectionTM (RTDMI). RTDMI is a memory-based malware analysis engine that catches more malware, and faster, than behavior-based sandboxing methods. It also delivers a lower false-positive rate to improve security and the end-user experience.

  3. Email Security

    Filter email-borne attacks before they hit your network.
    Secure email solutions deliver comprehensive inbound and outbound protection from advanced cyberattacks, including ransomware, phishing, business email compromise (BEC), spoofing, spam and viruses. Proven solutions will be available in on-premise email security appliances and hosted secure email.

    SonicWall Email Security also integrates with Capture ATP to protect email from advanced threats, such as ransomware and zero-day malware.

  4. Advanced Endpoint Client Security

    Block ransomware before it compromises user devices.
    Traditional antivirus (AV) has been trusted for years to protect computers. This was a sound approach when the total number of signatures required numbered in the hundreds of thousands. Today, millions of new forms of malware are discovered each month.

    To protect endpoints from this endless onslaught of malware attacks, SonicWall recommends using a next-generation antivirus (NGAV) solution that can monitor the behavior of a system to look for malicious activities, such as the unauthorized encryption of your files.

    For example, SonicWall Capture Client delivers advanced malware protection and additional security capabilities for SonicWall firewall

Ransomware remains one of the most damaging cyberattacks to businesses. Follow these four ransomware protection best practices to help ensure ransomware does not impact your ability to operate.

Capture Client Endpoint Protection: What’s New in Version 1.5

In April 2018, SonicWall released Capture Client 1.0 featuring a next-generation, behavior-based antivirus (AV) engine, reporting and management, trusted certificate management, and endpoint enforcement on modern SonicWall firewalls. Despite landing with great enthusiasm as a superior upgrade over previous SonicWall AV clients, this was just the beginning.

In September 2018 we will release Capture Client 1.5, a next-generation endpoint antivirus solution. This blog will cover the five core missions of the release:

  • Expanded visibility and control
  • Better white/blacklisting
  • Automated malware analysis and response
  • Enriched threat intelligence
  • General enhancements

Expanded Visibility and Control

Capture Client will support Microsoft Windows servers. Furthermore, the cloud-based management console how allows persistent visibility and control of managed servers, irrespective of whether they are on premise or in a hosted private/public cloud.

Better White/Blacklisting

With a full application inventory, administrators will be able to easily — with one-click action — whitelist known good applications to minimize any false positives and proactively ensure a good user experience when deploying Capture Client.

No longer will there be a need to remember the path, executable name or even the hash value of the file. Just select the application to whitelist (even specific to a version) and off you go. In a similar fashion, administrators will be able to leverage blacklisting capabilities to disallow the running of unauthorized application in the environment.

Automated Malware Analysis and Response

Capture Client Advanced will integrate with SonicWall Capture Advanced Threat Protection (ATP), the network sandbox featuring RTDMI, which examines the behavior of suspicious files to discover new malware.

If you are paying attention, you’re thinking, “But doesn’t Capture Client continuously monitor the system for suspicious behavior?”

Yes, but a network sandbox can manipulate code and do things with files that an endpoint with antivirus is not supposed to do, like strip apart sequences in memory or fast-forward malware into the future. This is designed to find malware, such as Trojans, before they execute, and save people time from remediation, such as rolling the endpoint back to a state before the malware was downloaded and/or activated (e.g., malware with timing delays).

Enriched Cyber Threat Intelligence

Every business day, Capture ATP receives over 1.5 million requests to analyze suspicious files. To analyze that volume of files, the following process is followed:

  1. In order to make it as efficient as possible, every file is given a hash (unique identifier).
  2. Next, it checks to see if there is a verdict for the same hash.
  3. Then it completes a community check of over 60 virus scanners to better understand if the research community knows anything about the file.
  4. It is only after that investigation do we funnel the file automatically into the behavior-based engines of Capture ATP to process the file in question.

Since 45 percent of all requests are unique, the third and fourth processes eventually create hundreds of thousands of new verdicts every business day that we instantly apply in the second step listed above.

This growing database is then leveraged by Capture Client administrators to conduct manual checks of suspicious files on computers with Capture Client without the need to manually upload the file for analysis. This will return a near-instant verdict (for previously evaluated files) and will help mitigate any compliance issues for potentially sensitive files.

General Enhancements

Beyond the delivery of more features without a change to price, multiple stability and user-experience enhancements will be added to Capture Client 1.5, including:

  • Attack Execution Visualization – For threats that are detected during execution, the Capture Client console will show an advanced visualization of all the indicators of attack associated with the threat and how it progressed through its lifecycle.
  • Advanced Network Visualization – A unique network map will show admins the status of endpoints behind SonicWall firewalls that are enforcing the clients and allowing for drill down into device status, threat events and response actions.
  • Alerting and Notifications – Addition of email-based alerting for threat events as a foundation for admin notifications, reducing the need for “eyes-on-glass” monitoring.
  • Threat Analysis UX Improvements – Multiple enhancements will be made to the user experience of the threats page, providing more information about the threats, its lifecycle stage, indicators of attack and easy-to-understand threat response actions.
  • Client Improvements – Improved install/uninstall/upgrade experience for Capture Client and its modules.

Capture Client Endpoint Protection

To learn more about SonicWall Capture Client endpoint protection, download the in-depth data sheet. It explores the solution’s key capabilities, including advanced malware protection, continuous behavioral monitoring, workflow automation, cloud-based management and more.

Capture Security Center: Knowledge, Visibility & Control of Your Cyber Security Ecosystem

For many organizations, the fear of being targeted by cybercriminals runs deep, especially as news of the latest high-profile cyberattacks dominate the headlines. Managing security and responding to cyber risks and events are major issues organizations face on a daily basis.

In May 2018 alone, the average SonicWall customer faced 2,302 malware attacks — a 56 percent year-over-year increase. Of those, on average, 62 were ransomware attacks, which are well known for forcing entire organizations to cease operations.

Insufficient visibility and knowledge of these risks within the network fabric compounds the problem. This makes it nearly impossible for security teams to detect and uncover unsafe network and user activities, and calibrate security policies at the speed and accuracy they need to maintain a robust security posture.

Making matters worse, organizations are burdened with managing and operating complex and fragmented security silos. Administrations are often cumbersome and labor-intensive.

Tasks and processes are generally uncorroborated and non-compliant. This level of technology fragmentation and operation disarray has businesses demanding for an integrated approach for security, management and reporting, analytics and real-time threat intelligence.

Unified Security Governance, Compliance & Risk Management

To help organization in that effort, SonicWall is expanding the capabilities of the Capture Security Center to deliver the foundation for a unified security governance, compliance and risk management strategy.

Capture Security Center offers the ultimate in visibility, agility and capacity to govern entire SonicWall security operations and services with greater clarity, precision and speed — all from one simple, common cloud interface that can be accessed from any location and any web-enabled device.

The integration-friendly nature of the Capture Security Center is ideal for a variety of organizations and use cases, including distributed enterprises and service providers that are adopting cloud computing for cost efficiencies.

Now, these organizations can easily manage their complete security ecosystem with single-sign-on access to license, provision and manage their network, endpoint and cloud security services. This includes:

New Enhancements to Capture Security Center

Capture Security Center simplifies and automates various tasks to promote tighter security coordination while reducing the complexity, time and expense of performing security operations and administrations. Key Capture Security Center updates include:

  • Integrated Threat Intelligence — Improve security outcomes from the firewall to the endpoint with integrated threat intelligence between the SonicWall Capture Advanced Threat Protection (ATP) sandbox service, Capture Client endpoint protection and SentinelOne threat databases.
  • Workflow Automation — Conform to customary firewall policy change management and auditing requirements of various regulatory mandates, such as PCI, HIPAA and GDPR.
  • Zero-Touch Deployment — Reduce time, cost and complexity associated with the installation, configuration and provisioning of firewalls at remote and branch office locations.
  • Flexible Reporting — Leverage more than 140 pre-defined report templates to gain awareness of network events, user activities, threats, operational and performance issues, security efficacy, risks and security gaps, compliance readiness and post-mortem analysis.
  • Intelligence-Driven Analytics — Use aggregation, normalization, correlation and contextualization of security data to empower security teams, analysts, auditors, boards, C-suites and stakeholders to discover, interpret, prioritize and implement intelligence-driven decisions.
  • Scalable Cloud Architecture — Scale Capture Security Center on demand to support thousands of SonicWall security devices under its management, regardless of location.

Predictable, Cost-Effective Security Management

With Capture Security Center, there is no upfront cost and no on-premise equipment. It is offered as a cloud-hosted solution with yearly subscription license options. With software updates and support included in an active subscription service, access to the latest innovations and enhancements is immediate.

This gives organizations and managed service providers (MSP) a unified security management, analytic and reporting platform without the financial risks or technical challenges of supporting a solely owned infrastructure.

Visit the Capture Security Center to access additional information and learn how it can enables security team take smarter security policy and control actions towards a sharper, safer, and compliant network environment.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Galix Becomes SonicWall’s First Ever Platinum Partner in Africa IT News Africa

  • Galix, an IT services, infrastructure management and compliance company, has become the first ever African partner to receive SonicWall’s Platinum Partner status.

SonicWall Looks Beyond Firewalls to Bolster Cyber-Security eWeek

  • eWeek sits down with SonicWall CEO Bill Conner at RSA to discuss the company’s progress toward becoming a financially and operationally independent company in a written article and accompanying video interview.

Cyber Security News

US-North Korea Summit News Used as Lure in New Malware Campaign Dark Reading

  • North Korea’s Group 123, an advanced persistent threat actor responsible for several major malicious campaigns in recent years, is believed to be behind new malware activity targeting users in South Korea.

Researcher Finds Login Info for 92 Million MyHeritage Users on Private Server SC Magazine

  • A file named myheritage discovered on an outside private server contained the email addresses and hashed passwords of more than 92 million MyHeritage customers, the genealogy and DNA testing company’s CISO said.

Here’s a Transaction Transamerica Regrets: Transgressors Swipe Retirees’ Personal Info The Register

  • Financial house Transamerica has admitted hackers swiped some of its customers’ sensitive personal information, including social security numbers.

Ukraine Says Prevented Cyber Attack on NATO Country Embassy Reuters

  • Ukraine’s state security service (SBU) prevented a cyber attack on the embassy of a NATO country in Kiev, it said in a statement on Tuesday, without specifying which one.

Mich. County Official Falls for Phishing Scam, Quits The Detroit News

  • An official in a small Michigan county has resigned after being tricked into wiring $50,000 to an overseas bank account.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity 500 List, 2018 Edition Cybersecurity Ventures

  • SonicWall is announced as #36 on Cybersecurity Ventures Cybersecurity 500: 2018 Edition List which includes the world’s hottest and most innovative cybersecurity companies to watch in 2018.

British Businesses Facing Cyber Ransom Demands of up to £200,000 The Daily Telegraph

  • Cyber criminals are arming themselves with “malware cocktails”, expertly blended using old variants of malicious computer code. The new viruses are more potent than their predecessors because they have adapted to companies’ cyber defenses, like a digital version of antibiotic-resistant superbugs.

Securing Your Journey to Success With Innovation and Security: SonicWall Silicon Review

  • Recently announced as one of the 10 Best Security Companies in 2018, SonicWall is featured in an editorial highlighting the company’s history and success with CEO Bill Conner at the forefront.

10 Best Security Companies in 2018 Silicon Review

  • SonicWall is announced as one of the 10 Best Security Companies in 2018.

Cyber Security News

Cybercriminals on Average Have Seven-Day Window of Opportunity to Attack SC Magazine

  • Once a vulnerability is announced, the average attacker has a seven-day window of opportunity to exploit the flaw before a defender is even aware they are vulnerable, according to report from Tenable.

Deadly Attacks Feared as Hackers Target Industrial Sites The Hill

  • The hacking threat to critical infrastructure in the United States and beyond is growing larger, with nation states and other malicious actors looking to gain a foothold in sensitive technologies to conduct espionage and potentially stage disruptive or destructive attacks.

U.S. Judge Dismisses Kaspersky Suits to Overturn Government Ban Reuters

  • A U.S. federal judge on Wednesday dismissed two lawsuits by Moscow-based Kaspersky Lab that sought to overturn bans on the use of the security software maker’s products in U.S. government networks.

BackSwap Banking Malware Bypasses Browser Protections With Clever Technique SC Magazine

  • A new banking malware called BackSwap has replaced tricky conventional browser injections with a simpler browser manipulation technique.

Over 5K Gas Station Tank Gauges Sit Exposed on the Public Net Dark Reading

  • It’s been three years since researchers first discovered automated tank gauges (ATGs) at some 5,000 US gas stations exposed on the public Internet without password protection, and a recent scan found 5,635 locations were vulnerable to the same issue.

In Case You Missed It


Upcoming Webinars & Events

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Real-Time Cyber Threat Intelligence Is More Critical Than Ever Forbes

  • SonicWall CEO Bill Conner discusses the importance of organizations utilizing real-time cyber threat intelligence as the cybersecurity landscape grows increasingly dangerous.

SonicWall Splits from Quest, Surpasses Financial Objectives Dark Reading

  • Dark Reading breaks down SonicWall’s recent momentum announcement, touching on the company’s newfound financial and operational independence, as well as innovations on the partner and customer front

SonicWall Boasts 60% YOY Partner Deal-Registration Increase Channel Partners

  • Due to SonicWall’s recent announcement, the company is featured for its success in the channel with the SecureFirst program which enabled partner deal registrations to hit a year-over-year increase of 60 percent.

Cyber Security News

VPNFilter Malware With Bricking Capabilities Poses Major Threat After Infecting 500,000+ Networking Devices SC Magazine

  • A potentially highly-destructive malware is estimated to have infected at least 500,000 networking devices in at least 54 countries since as far back as 2016, in what could be the prelude to a massive attack potentially capable of cutting off the internet from hundreds of thousands around the world.

U.S. Launches Criminal Probe into Bitcoin Price Manipulation Bloomberg

  • The Justice Department has opened a criminal probe into whether traders are manipulating the price of Bitcoin and other digital currencies, dramatically ratcheting up U.S. scrutiny of red-hot markets that critics say are rife with misconduct, according to four people familiar with the matter.

UK Threatens to Name and Shame State Backers of Cyber-attacks The Guardian

  • In a speech referring to Russian and North Korean “campaigns of intrusion”, Jeremy Wright QC called for international sanctions to be applied against countries that exploit cyberspace for illegal purposes.

Cyber Amendments to Watch in the House’s Defense Authorization Bill Nextgov

  • The House Rules Committee is considering more than a dozen cyber-focused amendments to the National Defense Authorization Act, a must-pass policy bill.

Intel Responds to Spectre-Like Flaw in CPUs Threat Post

  • Intel acknowledged that its processors are vulnerable to another dangerous speculative execution side channel flaw that could give attackers unauthorized read access to memory.

In Case You Missed It


Upcoming Webinars & Events

May 30
Webinar
11 a.m. PDT
Identify and Stop Malware in the Quickest and Most Accurate Way Possible
> Register Now

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New DHS National Cybersecurity Framework Sets Goals, Milestones — MSSP Alert

  • As a result of the recent elimination of the White House cybersecurity coordinator role, SonicWall CEO Bill Conner is featured for his perspective and insight into what the move implies for the future of cybersecurity policy.

SonicWall Pushes Capture Cloud Platform with Endpoint Security — Chinabyte.com

  • SonicWall’s recent updates including the company’s new Capture Cloud Platform, enhanced RTDMI technology and more are featured in this article.

Cybersecurity Sourcebook 2018 Looks at Evolving Data Threat Landscape — Database Trends & Applications

  • This article explains the serious need to safeguard data using key SonicWall threat data. Specifically, they’ve included stats sharing that cyberattacks are becoming the number-one risk to businesses, brands, operations, and financials, and that there were 9.32 billion malware attacks in total in 2017, representing an 18.4% increase over 2016.

Cyber Security News

Brutal Cryptocurrency Malware Crashes Your PC When Discovered — ZDNet

  • The malware, dubbed WinstarNssmMiner by 360 Total Security researchers, has been used in half a million attempted attacks leveraged at PCs in only three days.

What Makes ZTE a Cybersecurity Threat? Congress Wants to Know — CNET

  • Congress wants a detailed explanation on what cybersecurity threats the Chinese phone company poses.

Mexico Central Bank Says Hackers Siphoned $15 Million from Five Companies — Reuters

  • Mexico’s central bank said on Wednesday that a cyber attack had sucked around 300 million pesos ($15.33 million) in fraudulent transfers from five companies, but it was unclear how much thieves had managed to pull out in cash.

Former CIA Software Engineer ID’ed as Suspect in Vault 7 Leaks — SC Magazine

  • The former CIA software engineer believed to have leaked the CIA’s Vault 7 hacking tools is already behind bars at the Metropolitan Correctional Center in New York City, after being indicted for possessing child pornography.

DHS Issues More Medical Device Cybersecurity Alerts — GovInfo Security

  • The Department of Homeland Security has yet again issued a warning about cybersecurity vulnerabilities in medical devices. These warnings have come after independent researchers, or the companies themselves, have reported the problems.

Cybersecurity Whistleblowers are Growing Corporate Challenge — The Wall Street Journal

  • Signals from the U.S. Securities and Exchange Commission over how seriously it takes cybersecurity, combined with a Supreme Court ruling on whistleblower protections, are putting pressure on companies to be more careful about how they deal with potential tipsters, lawyers say

In Case You Missed It


 

 

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity Sourcebook 2018 Looks at Evolving Data Threat Landscape Database Trends & Applications

  • This article explains the serious need to safeguard data using key SonicWall threat data. Specifically, they’ve included stats sharing that cyberattacks are becoming the number-one risk to businesses, brands, operations, and financials, and that there were 9.32 billion malware attacks in total in 2017, representing an 18.4% increase over 2016.

FBI Calls Attention to ‘BEC’ Scams CRN

  • In an article detailing the rise of BEC scams by the FBI, SonicWall President and CEO Bill Conner is quoted for his insight on the issue noting that technology such as DPI SSL can help as a preventative to potential breaches.

New Product Awards The American Business Awards

  • In this rundown of award winners, SonicWall is named Silver Winner in the category New Product or Service of the Year for its Capture Advanced Threat Protection Sandbox Service.

Cyber Security News

Phishing Threats Move to Mobile Devices Dark Reading

  • Mobile devices are emerging as a primary gateway for phishing attacks aimed at stealing data. Users are 18 times more likely to be exposed to a phishing attack than to malware.

FCC Says ‘Net Neutrality’ Rules Will End on June 11 Reuters

  • The FCC in December repealed the Obama-era “net neutrality” rules, allowing internet providers to block or slow websites as long as they disclose the practice. The FCC said the new rules will take effect 30 days from Friday.

Android Security: Malicious Apps Sneak Back Into Google Play After Tweaks ZDNet

  • Symantec researchers have discovered malware in Google Play, the official Android app marketplace, after it had previously been removed.

FBI Says Internet Crimes Caused Reported Losses of $1.42 Billion in 2017 The Washington Times

  • The FBI’s Internet Crime Complaint Center (IC3) received 301,580 complaints last year from individuals reporting a combined total of roughly $1.42 billion in related losses, according to the office’s 2017 Internet Crime Report.

Publicly Disclosed Breaches Down Drastically in Q1 2018 Dark Reading

  • Risk Based Security is reporting a significant drop in publicly disclosed breaches. Q1 2018 has been the quietest first quarter since 2012.

In Case You Missed It


Upcoming Webinars & Events

May 30
Webinar
11 a.m. PDT
Identify and Stop Malware in the Quickest and Most Accurate Way Possible
> Register Now

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now