Posts

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

DHS Has New Cyber Collaboration Center, But Private Companies May Hesitate to Share — Law.com

  • SonicWall CEO Bill Conner discusses the challenges faced by the new DHS National Risk Management Center initiative in relation to cooperation from the private sector.

ADT Acquires MSSP SDI, Eyes Small Business Cybersecurity Market Growth — MSSP Alert

  • ADT, the monitored security and home and business automation solutions provider, has acquired Secure Designs Inc. (SDI), a well-known MSSP and SonicWall partner that manages firewall equipment for small business customers.

The Changing Data Security Landscape — Database Trends and Applications

  • The SonicWall 2018 Cyber Threat Report is used in an analysis of the overall risk landscape for cybersecurity.

SonicWall to expand product engineering facility in India — ETCIO

  • Debasish Mukherjee, Country Manager India & SAARC SonicWall sat down with ETCIO to discuss the country’s expansion in Bangalore, India.

Cyber Security News

The Sensors That Power Smart Cities Are a Hacker’s Dream — Wired

  • Research from IBM Security and data security firm Threatcare that looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes.

Network of 15,000 bots used to spread cryptocurrency giveaway spam via Twitter — SC Magazine

  • A recently developed methodology for identifying Twitter bot accounts in large quantities turned up a cryptocurrency scam botnet operation found to leverage at least 15,000 bots to submit bogus tweets and likes.

Internet of Things Adoption to Rise Despite Security, Data Integration Challenges — The Wall Street Journal

  • Firms continue to adopt Internet of Things technologies, but believe large-scale deployments and returns on investment may take longer than expected to materialize due to ongoing security and implementation challenges.

iPhone Chipmaker Blames WannaCry Variant for Plant Closures — Bloomberg

  • Taiwan Semiconductor Manufacturing Co. blamed a variant of the 2017 WannaCry ransomware for the unprecedented shutdown of several plants, as it ramps up chipmaking for Apple Inc.’s next iPhones

Atlanta’s Reported Ransomware Bill: Up to $17 Million — Bank Info Security

  • The cost of the city of Atlanta’s mitigation and subsequent IT overhaul following a massive SamSam ransomware infection earlier this year could reach $17 million.

In Case You Missed It

SonicWall at Black Hat 2018

Now in its 21st year, Black Hat USA promises to bring together 17,000 information security experts to provide attendees with the very latest in cyber research, development and trends. This six-day event begins with four days of training for security practitioners of all levels (Aug. 4-7) followed by the two-day main event including briefings, business hall, arsenal and more (Aug. 8-9).

SonicWall is excited to be attending this year’s Black Hat event in Las Vegas. We’ll be providing attendees with hands-on experiences and showcasing our newest solutions. Visit us at Booth 564 in the Shoreline Hall to chat with our experts and explore the latest in security trends, threat intelligence and powerful cyber security solutions that help protect organizations in a fast-moving cyber arms race.

Live Demos

The SonicWall booth will feature five demo stations showcasing products across our entire portfolio, including the new SonicWall Capture Security Center. Our security experts will be on hand to take you through our Capture Cloud Platform, Capture ATP with Real-Time Deep Memory Inspection™ , Capture Client and our the newest next-generation firewall (NGFW) solutions.

Featured Presentations

Join our in-booth team to hear our featured presentation: “Keeping pace with the ever-changing threat landscape.” Our experts will go inside SonicWall Capture Labs telemetry data to provide insight into the advances being made by both security professionals and cybercriminals. In this session we’ll dig into the data, provide actionable insights and share our vision for automated real-time breach detection and prevention.

Each day, SonicWall will be joined by a special guest speaker: Daniel Bernard, VP of Business & Corporate Development, at SentinelOne. Learn how SonicWall and SentinelOne together ensure automatic remediation of malicious attacks, such as ransomware, in the event of infection by reversing system and file modifications.

Time Presentation
Wednesday
10:30 a.m.- 2 p.m. Keeping Pace with the Shifting Threat Landscape
2 p.m. Special Guest Speaker: Daniel Bernard, VP, SentinelOne
2:30-6:30 p.m. Keeping Pace with the Shifting Threat Landscape
Thursday
10.30 a.m. – 2 p.m. Keeping Pace with the Shifting Threat Landscape
2 p.m. Special Guest Speaker: Daniel Bernard, VP SentinelOne
2:30 p.m.- 4:30 p.m. Keeping Pace with the Shifting Threat Landscape

It wouldn’t be Vegas without a little magic and the chance for some winnings. Each day at Booth 564, in addition to our demos and presentations, we’ll have exclusive giveaways and even an illusionist. Join us and leave armed with the best cybersecurity information and some exclusive SonicWall swag like power banks, webcam covers, pens, notebooks and even fake bitcoin.

To keep up with us at the show, follow @SonicWall on Twitter and look for the hashtag #BHUSA.

Business Hall Hours

Mandalay Bay, Las Vegas | Booth 564

  • Wednesday, August 8: 10 a.m.- 7 p.m. PDT
  • Thursday, August 9: 10 a.m.- 5 p.m. PDT

Business Hall Access

  • Briefings Pass and/or Trainings Pass holders have unlimited access to the Business Hall and all Features
  • A Business Pass is available for purchase to individuals without Briefings and/or Trainings Passes and grants unlimited access to the Business Hall and all Features.

All Times PDT

Helpful resources

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

As Malware, Ransomware Surge in 2018, SonicWall Raises Alarm on Encrypted Threats and Chip-Based Attacks

  • SonicWall publishes a mid-year update of 2018 SonicWall Cyber Threat Report, finds more than 5.99 billion total malware attacks, up 102 percent, in the first six months of 2018.

Ghostbusters 2: how to deal with Spectre, the sequel – SC Magazine (UK)

  • Lawrence Pingree, SonicWall’s VP of Product Management discusses the possibilities of future exploits built on the Spectre vulnerability

Big Enterprise or Small Business, It Doesn’t Matter: Hackers Are Coming for You, Right Now – Joseph Steinberg

  • Quotes from a 2017 interview between Bill Conner and Joe Steinberg are resurfaced to explain that about half of all cyber-attacks are on small businesses.

Cyber Security News

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders – The Register

  • An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers’ NPM login tokens.

Hackers are selling backdoors into PCs for just $10 – ZDNet

  • Cyber criminals are offering remote access to IT systems for just $10 via a dark web hacking store — potentially enabling attackers to steal information, disrupt systems, deploy ransomware and more.

Senators press federal election officials on state cybersecurity – The Hill

  • Senators on Wednesday pressed top officials from the U.S. Election Assistance Commission (EAC) about their efforts to boost state cybersecurity election systems, with a focus on whether each state should have a mechanism in place to audit their results.

Cryptocurrency service Bancor robbed of billions; MyEtherWallet users targeted via malicious VPN Chrome extension – SC Magazine

  • Cryptocurrency token conversion service Bancor disclosed yesterday that hackers stole millions in funds from one of its online wallets, while Etherium crypto wallet service MyEtherWallet warned that hackers may have compromised anyone who accessed its service while using the free VPN service Hola and its Chrome extension.

Breach department: Unauthorized party accesses Macys.com and Bloomingdales.com customer accounts – SC Magazine

  • For nearly two months, an unauthorized party reportedly used stolen usernames and passwords to log into the online accounts of certain Macys.com and Bloomingdales.com customers.

In Case You Missed It

Ransomware Surges, Encrypted Threats Reach Record Highs in First Half of 2018

To ensure organizations are aware of the latest cybercriminal attack behavior, today SonicWall published a mid-year update to the 2018 SonicWall Cyber Threat Report.

“The cyber arms race is moving faster than ever with bigger consequences for enterprises, government agencies, educational and financial institutions, and organizations in targeted verticals,” said SonicWall CEO Bill Conner in the official announcement.

Cyber threat intelligence is a key weapon in organizations’ fight against criminal organizations within the fast-moving cyber arms race. The mid-year update outlines key cyberattack trends and real-world threat data, including:

Data for the annual SonicWall Cyber Threat Report is gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than 1 million security sensors in nearly 200 countries and territories.

“SonicWall has been using machine learning to collect, analyze and leverage cyber threat data since the ‘90s,” said Conner. “This commitment to innovation and emerging technology is part of the foundation that helps deliver actionable threat intelligence, security efficacy and automated real-time bread detection and prevention to our global partners and customers.”

Get the Mid-Year Update

Dive into the latest cybersecurity trends and threat intelligence from SonicWall Capture Labs. The mid-year update to the 2018 SonicWall Cyber Threat Report explores how quickly the cyber threat landscape has evolved in just a few months.

GET THE UPDATE

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Breaking down SonicWall’s 12 new features for mid-tier enterprises — TechRepublic

  • Following the release of SonicWall’s latest product news, TechRepublic provides an overview of the features released. This article concludes that the new mid-tier offerings make SonicWall an option for companies of any sector and size.

Review: SonicWall TZ400 Provides Local Governments with Deep, Frontline Protection – StateTech

  • SonicWall’s firewall appliance is a strong choice for state and local governments watching the bottom line.

Cyber Security News

Sophos shares tank as revenues slow – UK Investor Magazine

  • Shares in cyber security group Sophos fall by a fifth as growth slows. The company’s shares fell by more than 20% as it said billings growth – an indicator of future revenues – in the three months to the end of June had slowed to just 6pc, or 2pc when adjusted for foreign currency changes.

New Virus Decides If Your Computer Good for Mining or Ransomware — The Hacker News

  • Researchers at Kaspersky Labs have discovered a new variant of Rakhni ransomware family, which has now been upgraded to include cryptocurrency mining capability as well.

Macro-based malware campaign replaces desktop and Quick Launch shortcuts to install backdoor — SC Magazine

  • Researchers have uncovered an unusual malicious macro-based malware campaign that effectively modifies infected users’ shortcut files so that they secretly download a backdoor program.

Trump nominates former Energy official to lead Homeland Security tech research arm — The Hill

  • President Trump announces that he is tapping William Bryan, an Army veteran and former Department of Energy official, to lead the Department of Homeland Security’s technology research and development arm.

Adidas Reports Data Breach — The Wall Street Journal

  • Adidas warned late on Thursday that hackers may have lifted customer data from its US website.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

SonicWall Targets Mid-Tier Enterprises with New Network Security Software and Appliances SiliconANGLE

  • Following the release of SonicWall’s latest product news, SiliconANGLE unpacks updates to the SonicWall Capture Security Center. This article also touches on the company’s six new firewall appliances.

Cyber Security News

Despite Caution Over Cryptocurrency, Investors are Bullish The New York Times

  • Initial coin offerings are raising billions for cryptocurrency start-ups, like the Russia messaging service Telegram, which raised nearly $2 billion.

Marketing Firm Exactis Leaked a Personal Info Database With 340 Million Records Wired

  • Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses.

Reality Winner, N.S.A. Contractor Accused in Leak Pleads Guilty The New York Times

  • Reality Winner, the former government contractor charged with leaking classified information, pleaded guilty in federal court Tuesday as part of a plea agreement reached with federal prosecutors.

Hotels, Airlines and Travel Sites Battle Bot Attacks ZDNet

  • Attackers in certain countries appear to have a particular focus on breaching organizations operating in the travel sector.

60,000 Android Devices Hit With Ad-Clicking Bot Ransomware SC Magazine

  • A new malicious Android app has infected at least 60,000 devices gaining the ability to extract some important information from each device along with installing some ad click malware.

New Fears Over Chinese Espionage Grip Washington The Hill

  • Lawmakers are scrutinizing the Pentagon over its efforts to keep military secrets safe from hackers, after Chinese actors allegedly breached a Navy contractor’s computer and collected data on submarine technology.

In Case You Missed It

Capture Security Center: Knowledge, Visibility & Control of Your Cyber Security Ecosystem

For many organizations, the fear of being targeted by cybercriminals runs deep, especially as news of the latest high-profile cyberattacks dominate the headlines. Managing security and responding to cyber risks and events are major issues organizations face on a daily basis.

In May 2018 alone, the average SonicWall customer faced 2,302 malware attacks — a 56 percent year-over-year increase. Of those, on average, 62 were ransomware attacks, which are well known for forcing entire organizations to cease operations.

Insufficient visibility and knowledge of these risks within the network fabric compounds the problem. This makes it nearly impossible for security teams to detect and uncover unsafe network and user activities, and calibrate security policies at the speed and accuracy they need to maintain a robust security posture.

Making matters worse, organizations are burdened with managing and operating complex and fragmented security silos. Administrations are often cumbersome and labor-intensive.

Tasks and processes are generally uncorroborated and non-compliant. This level of technology fragmentation and operation disarray has businesses demanding for an integrated approach for security, management and reporting, analytics and real-time threat intelligence.

Unified Security Governance, Compliance & Risk Management

To help organization in that effort, SonicWall is expanding the capabilities of the Capture Security Center to deliver the foundation for a unified security governance, compliance and risk management strategy.

Capture Security Center offers the ultimate in visibility, agility and capacity to govern entire SonicWall security operations and services with greater clarity, precision and speed — all from one simple, common cloud interface that can be accessed from any location and any web-enabled device.

The integration-friendly nature of the Capture Security Center is ideal for a variety of organizations and use cases, including distributed enterprises and service providers that are adopting cloud computing for cost efficiencies.

Now, these organizations can easily manage their complete security ecosystem with single-sign-on access to license, provision and manage their network, endpoint and cloud security services. This includes:

New Enhancements to Capture Security Center

Capture Security Center simplifies and automates various tasks to promote tighter security coordination while reducing the complexity, time and expense of performing security operations and administrations. Key Capture Security Center updates include:

  • Integrated Threat Intelligence — Improve security outcomes from the firewall to the endpoint with integrated threat intelligence between the SonicWall Capture Advanced Threat Protection (ATP) sandbox service, Capture Client endpoint protection and SentinelOne threat databases.
  • Workflow Automation — Conform to customary firewall policy change management and auditing requirements of various regulatory mandates, such as PCI, HIPAA and GDPR.
  • Zero-Touch Deployment — Reduce time, cost and complexity associated with the installation, configuration and provisioning of firewalls at remote and branch office locations.
  • Flexible Reporting — Leverage more than 140 pre-defined report templates to gain awareness of network events, user activities, threats, operational and performance issues, security efficacy, risks and security gaps, compliance readiness and post-mortem analysis.
  • Intelligence-Driven Analytics — Use aggregation, normalization, correlation and contextualization of security data to empower security teams, analysts, auditors, boards, C-suites and stakeholders to discover, interpret, prioritize and implement intelligence-driven decisions.
  • Scalable Cloud Architecture — Scale Capture Security Center on demand to support thousands of SonicWall security devices under its management, regardless of location.

Predictable, Cost-Effective Security Management

With Capture Security Center, there is no upfront cost and no on-premise equipment. It is offered as a cloud-hosted solution with yearly subscription license options. With software updates and support included in an active subscription service, access to the latest innovations and enhancements is immediate.

This gives organizations and managed service providers (MSP) a unified security management, analytic and reporting platform without the financial risks or technical challenges of supporting a solely owned infrastructure.

Visit the Capture Security Center to access additional information and learn how it can enables security team take smarter security policy and control actions towards a sharper, safer, and compliant network environment.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cloud Encryption Market: Security to Remain Primary Factor for Adoption of Cloud Encryption Tech You n Me

  • This article reviews the cloud encryption market and how key players like SonicWall are releasing innovative new products, like the company’s range of cloud security products that includes the SonicWall Cloud Analytics application for deep security data analysis and automated breach detection.

Sophos XG vs SonicWall NS: Top NGFWs Compared eSecurity Planet

  • In an article detailing the strengths and weaknesses of top vendor next-generation firewalls (NGFWs), the SonicWall NSA is featured in comparison to the Sophos XG.

Cyber Security News

How a Few People Took Equifax to Small Claims Court Over Its Data Breach and Won The New York Times

  • After 145 million Americans’ financial information was exposed last year, some of them won cases against the credit reporting agency in local courts.

Script Kiddie Goes From ‘Bitcoin Baron’ to ‘Lockup Lodger’ After DDoSing 911 Systems The Register

  • Randall Charles Tucker was given a 20-month sentence Tuesday after pleading guilty earlier this year to one count of felony intentional damage to a protected computer. He had faced as many as 41 months.

New Phishing Scam Reels In Netflix Users To TLS-Certified Sites — Threat Post

  • Researchers are warning of a new Netflix phishing scam that leads victims to sites with valid Transport Layer Security (TLS) certificates.

Korean Cryptocurrency Exchange Bithumb Loses More Than $30 Million in Hack The Wall Street Journal

  • Seoul-based bitcoin exchange Bithumb said Wednesday it had lost over $30 million as the result of being hacked, the second cyberattack in two weeks to hit a major South Korean cryptocurrency exchange as safety concerns hamper the industry and weigh on prices.

This New Windows Malware Wants to Add Your PC to a Botnet – or Worse ZDNet

  • Dubbed Mylobot after a researcher’s pet dog, the origins of the malware and its delivery method are currently unknown, but it appears to have a connection to Locky ransomware – one of last year’s most prolific forms of malware.

China-Based Hackers Breached Satellite, Defense Firms: Study The Hill

  • China-based hackers infiltrated satellite operators, defense contractors and telecommunications companies in the U.S. and southeast Asia, according to researchers at Symantec Corp.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

CEO Spotlight- Bill Conner, SonicWall 1080 KRLD Radio

  • Bill Conner and David Johnson sit down and discuss SonicWall’s momentum, attack vectors threatening business and what’s happening in cybersecurity today on David’s CEO Spotlight radio segment.

Brightstar is the first SonicWall MSSP in India CRN.in

  • The recent SonicWall and Brightstar India partnership news continues to garner coverage featuring the launch of Security as a Service (SeCaaS) in the region.

“Digital Infrastructure Is Critical In Transforming a City and Creating a Sustainable Smart Ecosystem” BWSmart Cities

  • SonicWall’s Debasish Mukherjee, Country Manager India & SAARC, explains how crucial digital infrastructure is in transforming the cities of the future and how the role of new-age trends — like IoT, cloud and machine learning — drive the growth of the network security market.

Cyber Security News

Intel Chip Flaw: Math Unit May Spill Crypto Secrets to Apps–Modern Linux, Windows, BSDs Immune The Register

  • A security flaw within Intel Core and Xeon processors can be potentially exploited to swipe sensitive data from the chips’ math processing units.

U.S. warns World Cup attendees of Russian hacking risks The Washington Times

  • World Cup attendees risk having their personal data compromised by hackers, state-sponsored or otherwise, the head of the U.S. National Counterintelligence and Security Center warned ahead of the annual soccer tournament starting in Russia this week.

Luckymouse Threat Group Strikes National Data Center to Exploit Government Website ZDNet

  • Researchers say the Chinese threat actors behind the campaign aimed to compromise government resources.

UK Watchdog Issues $330K Fine for Yahoo’s 2014 Data Breach Tech Crunch

  • Another fallout from the massive Yahoo data breach that dates back to 2014: The UK’s data watchdog issued a £250,000 (about $334,000 USD) penalty for violations of the Data Protection Act 1998.

FBI Announces Arrrest of 74 Email Fraudsters ZDNet

  • Police have carried out a worldwide wave of arrests that have seen 74 people detained and over $16 million in purloined funds seized by suspected whalers or business email compromise (BEC) fraudsters.

Hackers Target Payment Transfer System at Chile’s Biggest Bank, ‘Take $10M’  — The Register

  • Banco de Chile has become the latest victim in a string of cyberattacks targeting the payment transfer systems of banks. Hackers reportedly used a variant of the complex KillDisk wiper malware to distract attention before targeting systems linked to the SWIFT inter-bank transfer network.

In Case You Missed It

Ransomware, Variants, Snipers & Kung Fu

The 2018 SonicWall Cyber Threat Report reported a 71.2 percent decline in the number of ransomware attacks, but a 101.2 percent increase the number of ransomware variants. Let me ask you, is this good news or bad?

If this was a military battle, would you celebrate the news the enemy reduced the number of machine guns by nearly three quarters but doubled the number of snipers? Perhaps, but now you’d have to keep your head lower and stay out of sight.

2016 saw a flood of “spray-and-pray” ransomware attacks as hackers were taking advantage of soft defenses and low levels of employee awareness. In fact, in 2016 SonicWall blocked nearly 640 million ransomware attacks; that was over 1,200 ransoms not seen (or paid) each minute.

Because of this intense pressure, organizations around the globe bolstered their defenses and education efforts. Simply put, we got tired of getting beat up for our lunch money and took Kung-Fu lessons.

Attackers retool ransomware strategies

In 2017, attackers retooled with new exploits. From that, WannaCry, NotPetya and Bad Rabbit were born. Each were designed to be malware cocktails that infected a system and then move on to the rest of the network through shared drives. But these are just three of the 2,855 variants SonicWall created defenses for in 2017 alone.

With these new malware cocktails in the wild, threat actors targeted specific roles within companies through social engineering. Instead of annoying thousands of people with a small ransom with a shrinking chance they will pay, many switched to hard-hitting attacks with larger demands.

Unique Ransomware Signatures

One such instance was the city of Atlanta, where the SamSam ransomware variant affected five out of 13 city departments and shut down systems for 10 days. Fortunately, the $51,000 ransom went unpaid but the damages to systems, lost files and productivity far outweigh the demand.

How to stop ransomware attacks, avoid ransom payouts

So, what can we do in this period of the threat landscape? Employee awareness for social engineering attacks (e.g., phishing attempts) still needs to drastically improve. Strong password hygiene also needs to be in place to block attacks like SamSam that work off of guessed passwords.

From there, we need ransomware protection technology in place that stops attacks. Here are two core technologies have may not have thought of recently:

  1. Implement a network sandbox that can identify and stop unknown attacks.

    A network sandbox is an isolated environment on the firewall that runs files to monitor their behavior. SonicWall Capture Advanced Threat Protection (ATP) is a multi-engine sandbox service that holds suspicious files at the gateway until a verdict can be achieved.

    Capture ATP also features Real-Time Deep Memory InspectionTM (RTDMI). RTDMI is a memory-based malware analysis engine that catches more malware, and faster, than behavior-based sandboxing methods. It also delivers a lower false-positive rate to improve security and the end-user experience. Learn about its ability to find and block malicious PDFs and Office documents.

  2. Use advanced endpoint client security

    For years, companies deployed traditional anti-virus (AV) on their computers, which was fine when the total number of signatures they had to write and update numbered in the hundreds of thousands. Last year, SonicWall discovered 58 million new forms of malware that take time to signature and push to defense points like firewalls.

    Even if these are pushed within 24 hours, it leaves a gap that new and advanced malware can walk right through. I recommend using a next-generation anti-virus (NGAV) solution that can monitor the behavior of a system to look for malicious activities, such as the unauthorized encryption of your files. For example, SonicWall Capture Client delivers advanced malware protection and additional security synergies for SonicWall firewall users.

On top of these two new forms of technology, please follow best practices when securing and managing your networks, such as network segmentation.

Download the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

READ THE FULL REPORT