Posts

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

“A leader has to be passionate about their work be able to motivate their teams to be equally passionate” With Bill Conner – Authority Magazine

  • Bill Conner, CEO of SonicWall, is interviewed about his career, from his days loading shipping containers all the way to his current role.

Cryptomining Malware Steals Fortnite Gamers’ Bitcoins and Personal Data – SC Magazine (UK)

  • As malware continues to target Fortnite players, SonicWall’s Lawrence Pingree talks about the probable future of kinetic ransomware.

Chart of the Day: Google Plus Never Got off the Ground – Real Money

  • SonicWall CEO Bill Conner weighs in with his thoughts on the importance, or not, of the Google Plus breach.

Cyber Security News

Pentagon Struggling to Meet Cyber Challenges, as Modern Warfare Goes High Tech – The Washington Times

  • The Pentagon wants to avoid another “Beast of Kandahar” situation but is struggling to keep its cybersecurity stronger than its attackers.

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom – Bloomberg

  • Accusations that China are inserting spying chips into US companies’ hardware are still being made and are spreading to other companies.

Medtronic Disables Pacemaker Programmer Updates Over Hack Concern – Reuters

  • There have been no documented reports of the vulnerability being exploited but the company are taking no chances with peoples’ hearts.

Vietnam Cyber Law Set for Tough Enforcement Despite Google, Facebook Pleas – Reuters

  • Companies will be required to store a wide range of user data and set up offices inside the country.

Heathrow Airport Fined £120,000 Over USB Data Breach Debacle – ZDNet

  • A memory stick with unencrypted private data of airport employees was found by a member of public last year.

Payment-Card-Skimming Magecart Strikes Again: Zero out of Five for Infecting E-Retail Sites – The Register (UK)

  • The British Airways and Ticketmaster attacking toolkit Magecart isn’t going away, this time turning up in a plugin called Shopper Approved that is used by hundreds of e-commerce sites.

This Cryptojacking Mining Malware Pretends to Be a Flash Update – ZDNet

  • The much-maligned Flash software now has the added problem of an imposter program that uses a victim’s computer to mine for the Monero cryptocurrency.

In Case You Missed It

How to Stop Malware-Created Backdoors

Hackers have been placing backdoors into systems for years for a variety of purposes. We have all read the stories about backdoors being installed in retailers to siphon payment card information; a PSI DSS and reputation nightmare.

Backdoors also have been deployed in government and higher education institutions to gather intellectual property, such and defense and trade secrets. Medical institutions pay out settlements due to HIPAA violations caused by these forms of malware every year.

A perfect example of a backdoor-creating malware is Calisto. This backdoor trojan is designed for macOS (many executives use Macs) and attempts to install itself in different folders until it finds a home and then enable accessibility authorization.

If this can be accomplished, it will open a backdoor to the hacker to control the entire system. In most cases, this malware fails (due to protections placed on new Macs) but can leave behind system vulnerabilities.

So, how do you stop such an aggressive form of malware? It’s important to know that not all trojans are alike.

Some will create a customized payload every time it lands on a new system to avoid future attacks being blocked by signatures. SonicWall stops known backdoors on our next-generation firewalls (NGFW) and can test and find new versions of backdoor malware with the Capture Advanced Threat Protection (ATP) sandbox service.

But for threats that land on the endpoint, the key is using advanced artificial intelligence (AI) that can detect the malware’s presence on the endpoint. Does it try to bypass antivirus? Does it embed itself in a directory it shouldn’t? Does it attempt to download something from a command and control (C&C) server? These are just some of the ways Calisto can be identified.

To properly stop Calisto and other backdoor-building malware, download the exclusive tech brief: Protecting macOS Endpoints from Calisto. The brief will explore:

  • Origin of Calisto
  • Why SIP enablement is not enough
  • How the malware delivers its payload
  • Secondary steps the malware will take to ensure execution
  • Proven solutions for stopping Calisto

 

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Facebook Hack: People’s Accounts Appear for Sale on Dark Web – The Independent (UK)

  • SonicWall CEO Bill Conner shares his thoughts on the fallout from the recent Facebook hack.

The A-Z of Security Threats 2018 – ITPro

  • SonicWall’s Laurence Pingree mans the letter E in this alphabet of cybersecurity threats for 2018.

100 People You Don’t Know but Should 2018 – CRN

  • Congratulations to John Mullen, included in the CRN 2018 list.

UK and Allies Accuse Russia of Cyber Attack Campaign – ComputerWeekly

  • SonicWall CEO Bill Conner encourages global co-operation following the UK National Cyber Security Centre (NCSC) directly linking Russia with cyberattacks.

Cyber Security News

National Cybersecurity Awareness MonthOfficial Website

  • October marks the 15th annual National Cybersecurity Awareness Month (NCSAM). Follow the activity online using the hashtags #NCSAM and #CyberAware.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

  • Hardware hacks are rare but, if successful, the payoff for them can be huge. Both Amazon and Apple may have been the victim of such a hack.

Meet Torii, a New IoT Botnet Far More Sophisticated Than Mirai Variants  – ZDNet

  • A very sophisticated Internet of Things botnet has been found and experts are impressed, “The author is not your average script kiddie.”

BUPA Fined $228,000 After Stolen Data Surfaces on Dark Web – BankInfoSecurity

  • British data-protection regulators are taking a dim view of companies who are not exercising good cybersecurity practises.

Gwinnett Medical Center Investigates Possible Data Breach – ZDNet

  • A security incident has led to a possible leak of patient information online.

Facebook Hack Puts Thousands of Other Sites at Risk – The New York Times

  • The Facebook hack has major implications for any site that uses Facebook as a login tool.

Malware Scam Targets Fortnite Cheaters and Their Bitcoin Wallets – CNET

  • If you’re looking to cheat at Fortnite then you are at risk of being cheated yourself.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

SonicWall Firewalls Named A 2018 Gartner Peer Insights Customers’ Choice – SonicWall Blog

  • With 122 reviews and a 4.3 rating, SonicWall is recognized as a 2018 Gartner Peer Insights Customers’ Choice for Unified Threat Management, reflecting commitment to partners and customers in providing top-tier cyber security solutions, along with an exceptional customer experience to support it.

SonicWall NSa Series Wins Cybersecurity Breakthrough Award as Best Firewall Solution – SonicWall Blog

  • This recognition brings SonicWall to a total of 42 industry honors so far in 2018.

SonicWall CEO Bill Conner On Cybersecurity Trends CEOs Should Know – Chief Executive Magazine

  • SonicWall CEO Bill Conner talks about the cybersecurity trends that CEOs should be paying attention to in this profile by Chief Executive Magazine.

ChannelPro Weekly Podcast: Episode #089 – Mimeographs Are Extinct. Are You? – Channelpro Podcast

  • SonicWall TZ500 Wireless-AC Gen 6 Firewall is the tech pick of the week.

Cyber Security News

Uber Settles Data Breach Investigation for $148 Million – NYTimes

  • In 2016, not wanting to expose a leak, Uber paid big money to a hacker who had gained access to 600,000 driver’s names and license numbers.

Pennsylvania Senate Democrats paid $700,000 to recover from ransomware attack – ZDNet

After falling victim to a ransomware attack, Pennsylvania Senate Democrats refused to pay the $30,000 ransomware demand, opting instead to pay over $700,000 to Microsoft to rebuild its IT infrastructure.

President Trump Unveils America’s First Cybersecurity Strategy in 15 Years – The White House

  • The White House has announced a new National Cyber Strategy that they are calling the first Cybersecurity Strategy in 15 years.

Some Credential-Stuffing Botnets Don’t Care About Being Noticed Any More – The Register (UK)

  • The “low and slow” covert method of malicious logins previously employed has been replaced by some bots with pure volume; one US credit union saw almost 9 thousand attempts per hour.

Qualcomm Accuses Apple of Stealing Its Secrets to Help Intel – Reuters

  • It’s a long-running patent drama but Qualcomm have filed papers against Apple saying they used Qualcomm software and log files without permission to “improve the sub-par performance of Intel’s chipsets.”

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Business Live – BBC

  • SonicWall CEO Bill Conner appears live discussing cybersecurity on the flagship BBC business program.

Security Success in 2018 and Beyond – Channelnomics

  • SonicWall is a winner in the 2018 Channelnomics Security Awards for the Best Security Partner Program

SonicWall CEO rallies partners to fend off non-standard ports threat – Computer Weekly

  • At the PEAK 2018 event in London, SonicWall CEO Bill Conner takes time to talk to Computer Weekly about the growth in cyberattacks through non-standard ports and what SonicWall is doing to defeat them.

Cyber Security News

“Lawful intercept” Pegasus spyware found deployed in 45 countriesZDNet

  • New research data shows that the malware that can be found in both IOS and Android devices has been deployed by governmental regimes worldwide.

The Cyberthreats That Most Worry Election OfficialsThe Wall Street Journal

  • States and counties are busy preparing for the upcoming elections with drills and simulations of potential cyberattacks. The Wall Street Journal documents some of the biggest cyberthreats and what is being done to prevent them.

Equifax IT staff had to rerun hackers’ database queries to work out what was nicked The Register (UK)

  • An auditor’s report recently made public exposes in detail the number of avoidable missteps that led to the hack of Equifax in May to July 2017.

Hackers peddle thousands of air miles on the Dark Web for pocket moneyZDNet

  • Over on the Dark Web cyberattackers are undercutting the market with cheap frequent flyer miles, including 100,000 British Airwaves air miles for sale for as little as $144.

New Defense cyber strategy gives military power on preventative cyberattacksThe Hill

  • The US cyber defense strategy is moving increasingly towards an aggressive stance, with attack being the best form of defense.

There’s a song about cybersecurity from the Chinese governmentAbacus News

  • China celebrates Cybersecurity Week by releasing a patriotic song praising their digital defenses.

In Case You Missed It

Importance of Resiliency in Network Security

In life we hear stories about people who are able to recover from difficult situations. They’re often referred to as being “resilient.” Resiliency can also be applied to network security, albeit in a slightly different context. In both cases it’s a good thing to be.

As noted in our mid-year 2018 SonicWall Cyber Threat Report, network threats, such as malware and ransomware attacks, are on the rise compared to 2017. Cybercriminals are persistent in their efforts to find new methods to launch their attacks.

But it’s not just the quantity of attacks that are on the rise. New threats are increasing as well. Some of these are variants spawned from earlier malware or ransomware code, such as WannaCry and Locky. Others are malware cocktails that combined pieces of code from several different variants.

Absorb, Reorganize and Refocus

One of the best and often under-valued ways to protect against these threats is to have a network security solution that is extremely resilient. This doesn’t mean that your firewall is good at picking itself back up off the ground after it’s been defeated by an attack.

According to NSS Labs, a third-party source known for its independent, fact-based cybersecurity guidance, “The resiliency of a system can be defined as its ability to absorb an attack and reorganize around a threat. A resilient device will be able to detect and prevent against different variations of the exploit.”

A key component of this definition is the device’s ability to identify attacks that use evasion techniques to avoid being detected and stopped. Another is protection over time. Some attacks are launched and then quickly disappear. Others, however, are reintroduced over the years, whether in their original form or as a variant.

A resilient firewall will continue to block a threat that was launched previously in addition to current and future variants. Failure to be resilient increases the chance your network is open to an attack. The odds may be small, but it’s still possible. Remember, not every hacker is writing the latest code. Some are new to the game and stick to older, established attacks.

Blocking Never-before-seen Variants

NSS Labs released the 2018 Next-Generation Firewall Group Test results with 10 network security vendors participating in the testing. SonicWall submitted the NSa 2650 next-generation firewall (NGFW), which performed very well in both security effectiveness and value (TCO per protected Mbps), earning the “Recommended” rating for a fifth time.

One particular area in the security effectiveness testing where the NSa 2650 shined was its resiliency to a range of never-before-seen exploit variants. The NSa 2650 achieved a block rate of over 90 percent, outperforming every other firewall except one. In many cases, the difference was significant, with over half of the firewalls scoring only in the 65-75 percent range.

Exploit Block Rate by Year – Recommended Policies
2018 NSS Labs Next-Generation Firewall Comparative Report: Security

So, is having a firewall with high resiliency really that important? Research from both SonicWall and NSS Labs indicates that there are quite a few aging attacks still out there in circulation. They may not be as sophisticated as today’s threats, but they remain active. You need to be protected against them.

What’s more, some threat actors launch multi-pronged attacks comprised of the core malware plus a series of variants. The idea is that your firewall may stop one, but not all.

To counter attacks, some security vendors create signatures that are specific to a particular exploit. These signatures typically don’t account for variants, however. And, over time, the signatures may be removed, leaving the firewall open to attack. Ideally, security vendors will create signatures that focus on the vulnerability and block the threat plus its variants — now and in the future.

If you’re not sure whether your firewall is resilient, or how it rates in security effectiveness and value, SonicWall can help. Visit SonicWall.com to download and read NSS Labs test reports, including the Security Value MapTM.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity and the future of work: How much can we predict? – Silicon Republic (Ireland)

  • SonicWall CEO Bill Conner, talking to Silicon Republic, shares his thoughts on battling the growth areas of cybercrime over the coming years.

US Indicts North Korean Over Sony, Bank and WannaCry Attacks – Infosecurity magazine

  • The U.S. Justice Department has formally charged a hacker in connection with cybercrimes that they are directly connecting to the North Korean government. SonicWall’s Bill Conner is featured as a security expert on the issue.

Cyber Security News

British Airways boss apologises for ‘malicious’ data breach – BBC

  • A week after the Air Canada security leak another major security breach in an Airline, this time British Airways, has been dominating news headlines. Names, email address and credit card information from over 380,000 transactions have been compromised.

Nope, the NSA isn’t sitting in front of a supercomputer hooked up to a terrorist’s hard drive – The Register

  • The Register talks about what exactly Government intelligence services want versus what it’s likely they will be able to get in the current digital climate.

The Case for a National Cybersecurity Agency – Politico

  • Gen. David Petraeus argues in Politico that national cybersecurity is in need of a complete overhaul with the creation of an independent National Cybersecurity Agency that reports directly to the President.

FIN6 returns to attack retailer point of sale systems in US, Europe – ZDNet

  • Point of Sale (POS) malware is really gathering steam. ZDNet have a report on a new campaign by a cybercriminal group called FIN6 who were previously known for selling credit card numbers on the Dark Web.

More U.S. Cities Brace for ‘Inevitable’ Hackers – The Wall Street Journal

  • After the city of Atlanta paid millions of dollars to ransomware attackers this year other U.S. Cities are considering their options on how to handle cyberattacks.

Obama-Themed Ransomware Also Mines for Monero – BankInfoSecurity

  • They’re calling it Barack Obama’s Everlasting Blue Blackmail Virus and it doubles as a cryptocurrency miner on top of being ransomware.

In Case You Missed It

Infographic: Ransomware’s Devastating Impact on Real-World Businesses

Still relatively new to the cyber threat landscape, ransomware continues to be one of the high-profile malware types that grab headlines. It’s one part Hollywood-style drama mixed with the “mystery” of cryptocurrencies and the seemingly personal nature of ransomware attacks.

But it’s not hyperbole. Ransomware remains one of the most malicious cyberattacks that can cripple a business. SonicWall’s new infographic highlights composite data that demonstrates how ransomware impacts businesses’ ability to operate.

So, how do you prevent your organization from being severely disrupted by ransomware? The best approach is to use multiple layers that deliver automated, real-time breach detection and prevention. While this isn’t an exhaustive list of all security options, these cornerstone tactics will mitigate most of today’s most malicious cyberattacks, including ransomware.

How to Block Ransomware

Businesses have no choice but to proactively mitigate ransomware attacks. But is there a proven approach that can cost-effectively scale across networks and endpoints? Four key security capabilities make full ransomware protection possible.

  1. Next-Generation Firewall

    Detect and prevent cyberattacks with power, speed and precision.
    Next-generation firewalls (NGFW) are one of your first lines of defense against hackers, cybercriminals and threat actors.

    For example, SonicWall firewalls deliver real-time, cloud-based threat prevention, while augmenting the security from on-box deep packet inspection of SSL traffic (DPI-SSL). And all new SonicWall firewalls integrate with our award-winning network sandbox for advanced threat protection.

  2. Network Sandbox

    Identify and stop unknown attacks in real time.
    A network sandbox is an isolated environment on the firewallthat runs files to monitor their behavior. SonicWall Capture Advanced Threat Protection (ATP) is a multi-engine sandbox service that holds suspicious files at the gateway until a verdict can be achieved.

    Capture ATP also features Real-Time Deep Memory InspectionTM (RTDMI). RTDMI is a memory-based malware analysis engine that catches more malware, and faster, than behavior-based sandboxing methods. It also delivers a lower false-positive rate to improve security and the end-user experience.

  3. Email Security

    Filter email-borne attacks before they hit your network.
    Secure email solutions deliver comprehensive inbound and outbound protection from advanced cyberattacks, including ransomware, phishing, business email compromise (BEC), spoofing, spam and viruses. Proven solutions will be available in on-premise email security appliances and hosted secure email.

    SonicWall Email Security also integrates with Capture ATP to protect email from advanced threats, such as ransomware and zero-day malware.

  4. Advanced Endpoint Client Security

    Block ransomware before it compromises user devices.
    Traditional antivirus (AV) has been trusted for years to protect computers. This was a sound approach when the total number of signatures required numbered in the hundreds of thousands. Today, millions of new forms of malware are discovered each month.

    To protect endpoints from this endless onslaught of malware attacks, SonicWall recommends using a next-generation antivirus (NGAV) solution that can monitor the behavior of a system to look for malicious activities, such as the unauthorized encryption of your files.

    For example, SonicWall Capture Client delivers advanced malware protection and additional security capabilities for SonicWall firewall

Ransomware remains one of the most damaging cyberattacks to businesses. Follow these four ransomware protection best practices to help ensure ransomware does not impact your ability to operate.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Air Canada Presses Reset After App Security Snafu – Infosecurity Magazine

  • SonicWall CEO Bill Conner talks to Infosecurity Magazine about the wider implications of the Air Canada app data breach.

T-Mobile, Sprint both hit by Security Breaches ahead of Merger – MSSP Alert

  • In an article detailing the recent T-Mobile and Sprint security breaches ahead of the announced mega-merger, SonicWall’s Bill Conner is featured as a security expert providing perspective on the significance of these security breaches for companies.

Fortnite app for Android let hackers hijack players’ phones, Google warn – The Independent (UK)

  • SonicWall’s VP of Product Management Lawrence Pingree is featured providing commentary to the recent Fortnite vulnerability and the risk organizations face as Fortnite continues to grow.

Cyber Security News

The Untold Story of NotPetya, the Most Devastating Cyberattack in History – Wired

  • In 2017 there was a massive cyberattack that caused billions of dollars of damage worldwide, including almost completely wiping out the systems of a one of the biggest international shipping firms. This is the full story of NotPetya.

Artificial Intelligence Is Now a Pentagon Priority. Will Silicon Valley Help – New York Times

  • The Pentagon and Silicon Valley eye each other up and try and find a common ethical middle ground so they can work together.

ThreatList: Ransomware Attacks Down, Fileless Malware Up in 2018 – Threat Post

  • Cybercrime changes but never goes away.

Give yourselves a pat on the back, top million websites, half of you now use HTTPS – The Register

  • 51.8 percent of the top million websites ranked by Alexa are now using HTTPS, with a little help from Google Chrome and a shaming website.

How Mindfulness Can Help Prevent Hacks, and Four More Cybersecurity Tips – University of Virginia Today

  • This blog might be what you need if all this cybercrime news is getting you down.

In Case You Missed It

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

SonicWall Email Security Wins Coveted 2018 CRN Annual Report Card (ARC) Award  — Ganesh Umapathy

  • SonicWall Email Security solution has been named the overall winner at the CRN Annual Report Card, this is the third award it’s won this year so far.

Industry Reactions to Foreshadow Flaws: Feedback Friday — SecurityWeek

  • SonicWall’s Bill Conner was featured amongst industry professionals for his insight on the Foreshadow flaw.

Cyber Security News

US airports’ new facial recognition tech spots first imposter — Engadget

  • Facial Recognition has only been used for 3 days in Dulles airport and has already caught an imposter.

After the Bitcoin Boom: Hard Lessons for Cryptocurrency Investors — New York Times

  • The current digital currency bust could be a sign that the always volatile virtual currency market is on a permanently downward trend.

Super-mugs: Hackers claim to have snatched 20k customer records from Brit biz Superdrug — The Register

  • British Cosmetics firm Superdrug argue with hackers over whether or not they were hacked and whether or not the hack affected 20,000 or 386 customers.

Hackers steal more than $1M from global economy in a single minute: analysis — The Hill

  • A new report has worked out that $1 million is stolen every minute through cybercrime and is pushing to make “Evil Internet Minute” happen.

In Case You Missed It