On June 6, 2017, NSS Labs published its annual 2017 Next-Generation Firewall (NGFW) Test Report and Security Value MapTM (SVM). For the first time in five years, NSS Labs did not place SonicWall in its “Recommended” quadrant of the SVM. In response, SonicWall immediately resolved the identified issues, automatically updated our firewalls worldwide, and was then publicly retested by NSS Labs to place in its upper right quadrant.
The SonicWall team is excited to be a gold level sponsor at Black Hat USA, one of the world’s leading IT security events, which opens at Mandalay Bay in Las Vegas on July 22. Our booth number is 554 and we look forward to meeting you there. SonicWall will offer attendees information on the company’s suite of automated, real-time breach detection and prevention products and services, including the SonicWall Capture ATP cloud-based network sandbox which detects and stops ransomware, advanced persistent threats (APTs) and zero-day attacks.
Updated July 6, 2017, 11:51 AM PT
When the latest massive global cyber attack first hit on June 27, the security community observed that the payload behavior closely matched Petya ransomware, which emerged back in 2016, so we initially called this a variant. However, SonicWall Capture Labs researchers confirmed that this is definitely not Petya ransomware.
Updated June 28, 2017
As I type this, news reports continue to roll in about yet the latest massive global ransomware attack. This time, the payload appears to be a ransomware called Petya. SonicWall Capture Labs identified the original Petya variants in 2016. However, this time it appears to be delivered by Eternal Blue, one of the exploits that was leaked from the NSA back in April.
Every day our children, teachers and administrators log into the network at school. How can you ensure the data travelling across that network is secure from hidden threats and attacks such as ransomware? With SonicWall next-gen firewalls and DPI SSL inspection technology, IT administrators can find threats hidden in encrypted web traffic that cybercriminals don’t want you to discover across your K-12 network.
I often get asked, “Why should we implement SSL inspection? We just upgraded our security from stateful inspection to deep inspection. If something is encrypted, is it not encrypted for a reason, for being secure?” Let me explain…
Back in the day, network traffic was well behaved. If you were a software vendor and wanted to offer a new application, you had to sign up with IANA and get a reserved port for your application.
According to ITC (http://www.idtheftcenter.org) data breaches in the US increased 40% in 2016, and through the first four months of 2017 are up an additional 42% over the same period last year. Just over half of all breaches are caused by cyber attacks, defined by ITC as hacking, credit card skimming and phishing.
Email has been around since the 1970s. Today, everyone and every business uses email for their communications. To put things in perspective, according to Radicati group – 122 business emails were sent and received per user per day in 2015! That is a lot of email for humans to process without making a bad judgement call.
There is no end to the danger of cyber-criminal activities, as long as there is an underground marketplace that makes it almost impossible for authorities to intervene and enforce law and order. We continue to see our adversaries relentlessly going after money by developing and experimenting with different methods and tools against new and existing vulnerabilities, in preparation for the next phase of their business model.