Tag: cyber threat

Updating 2021 Cyber Threats – Ping Podcast – Episode 51

Episode 51: Updating 2021 Cyber Threats

If you’ve followed cybersecurity – or even just general – news lately, you’ve probably heard about some pretty major ransomware attacks. Just how bad has ransomware been in 2021? Brook Chelmo joins us in updating 2021 cyber threats as he discusses what SonicWall has found in its 2021 Cyber Threat Report Mid-Year Update. And spoiler alert – it’s been bad. Brook also takes us through other highlights of the report, including which parts of the world are seeing the most activity, some dips in malware and non-standard port attacks, and continued improvement in never before seen threat detection.

Get the latest update to the SonicWall 2021 Cyber Threat Report.

In headlines, we discuss an app designed to catch and expose website flaws. And then, we hear about a couple of ransomware re-emergences? Finally, we discuss a group that’s addressing harassment in the cyber security career field.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, Overcast, Amazon Music, TuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please rate and review us wherever you listen. And remember to subscribe or follow where you can to get the latest episodes as soon as they’re released

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

SonicWall’s 2021 Cyber Threat Report – Ping Podcast – Episode 41

Episode 41: SonicWall’s 2021 Cyber Threat Report

SonicWall’s 2021 Cyber Threat Report is here. And we mark the occasion by taking a spin through the highlights of this document to get an expansive look at the cyber threat landscape. Brook Chelmo with SonicWall discusses why the report calls 2020 cybercriminals’ perfect storm, as abrupt shifts to remote work and other pandemic-related factors opened many new avenues for hackers to exploit. We talk about the continued rise in ransomware, the unwelcome return of cryptojacking, ongoing IoT security concerns, and much more.

Follow along while you listen by getting your own copy. Find the SonicWall 2021 Cyber Threat Report.

In headlines, we discuss a Microsoft Exchange breach that some are calling one of the largest hacks ever. And then, we hear about indictments related to a crime chat service. And finally, they’ve come for the beer! Is there no line?

Blog Banner General Buy Now Red-High-Quality

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week, and our knowledge hub.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Predicting 2021 Cyber Threats – Ping Podcast – Episode 34

Episode 34: Predicting 2021 Cyber Threats

While knowing the cyber threats of today is important, being prepared for the cyber threats of tomorrow is vital. That’s where WatchGuard’s Marc Laliberte and his team come in. Marc joins us on our latest Ping Podcast to discuss WatchGuard’s 2021 Cybersecurity Predictions. He tells us what to look out for, with many attacks focusing on the surge in remote work vulnerabilities. He also tells us why businesses without multifactor authentication (MFA) should expect a breach. In addition, he shares another prediction about potentially dangerous electric car charging stations. Plus, we take a brief look back at the 2020 Cybersecurity Predictions, and see how they were influenced by the coronavirus pandemic.

Get more from Marc at Secplicity or check out his podcast The 443!

Our Ransomware Reckoning segment spotlights a Thanksgiving holiday attack that caused Baltimore schools to close.

In headlines, get a glimpse of how many cyber threats an average home user faces. And then, hear about the bust of an international business email compromise ring in Nigeria. Finally, learn about cyber threats to DNA that could lead to bioterrorism.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). And now we’re on Amazon Music, too! Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Cyber Threats in the Time of Corona – Ping Podcast – Episode 27

Episode 27: Cyber Threats in the Time of Corona

When 2020 began, the cyber threat landscape – and the world – looked much different. But as summer winds down and the coronavirus pandemic wears on, not only has day to day life been affected, but so too has cybersecurity. To go over the emerging corona-related hazards – and others that aren’t going away – Andrew and Kevin welcome back SonicWall’s Brook Chelmo. Brook discusses SonicWall’s 2020 Cyber Threat Report Mid-Year Update, which captures threats like coronavirus-themed phishing & malware strains. Additionally, we talk about ransomware’s increasing targeting of schools, governments, and other soft targets, plus the added security risk of remote work. On top of that, there are  still IoT (Internet of Things) vulnerabilities, and many other returning favorites.

Get the SonicWall 2020 Cyber Threat Report Mid-Year Update.

In cybersecurity headlines, we continue the COVID-19 theme to discuss some top coronavirus online scams. Then we go over a Microsoft survey showing how the pandemic has accelerated network security’s digital transformation. And finally, we embrace the DarkSide for a new ransomware threat.

But wait, there’s more! We debut a new segment (hosted by a new Andrew) called Ransomware Reckoning. Getting the spotlight this time is an attack on Jack, Jack Daniels that is.

How to listen

Listen to Ping – A Firewalls.com Podcast using the player above…

Or just about anywhere you prefer to listen to podcasts (Apple Podcasts, Pandora, Spotify, Google Podcasts, Stitcher, OvercastTuneIn, iHeart, Pocket Cast, Castro, Castbox, PodchaserYouTube, and of course via RSS, to name a few). Moreover, please remember to subscribe or follow where you can to get the latest episodes as soon as they’re released. And please rate and review us as well!

Missed our previous episodes? You can get them anywhere you listen to podcasts, or go to our full episode list.

Learn even more about network security through our blog, which features new content every week.

New episodes are usually released every other Wednesday. Have a special request for a topic or a question for our network engineers to address? Email us at podcast@firewalls.com and it could be on our next show. Thanks in advance for any listens, follows, subscribes, reviews, comments, shares, and generally spreading the word!

Preparing for the Tempest: SonicWall’s 2020 Cyber Threat Report

The Past is Prologue

As Shakespeare once wrote, “the past is prologue.” When it comes to cybersecurity, knowing the recent past – and trends in the threat landscape – is vital to protecting your network against the latest and greatest hazards. And so the past – as in 2019 – is prologue in the 2020 SonicWall Cyber Threat Report. The report is prepared by SonicWall’s Capture Labs threat research team. It provides an in depth look at the cyber threats of 2019 to help businesses, governments, and organizations of all sizes better prepare to stop the threats of 2020. Let’s take a look at some of the highlights of the Cyber Threat Report.

SonicWall 2020 Cyber Threat Report

Ransomware Shifts Strategy

The good news: Ransomware attacks were down in 2019 – 6% in fact – from the all-time high recorded in 2018. There were a grand total of 187.9 million last year. The less good news? Well, you probably saw it in the news. There was an increase in targeted attacks, hitting government networks, power grids, and even schools & hospitals. Attackers more and more are focusing on quality over quantity, looking for targets that are most likely to pay rather than blanketing all corners of the connected world.

Just how many of these targets were hit last year? It’s probably under-reported because victims can be hesitant to reveal a breach. But more than 140 state and local governments were successfully targeted for the year, and over 600 schools and hospitals – just through September. The Cyber Threat Report warns, however, that the average individual can still be a target, too. Researchers note that ransomware operators are more willing than ever to have a dialog and negotiate with their victims to get a payout. They’ll even use things like sextortion scams, a form of blackmail that suggests the attacker has compromising information or images that they’ll release unless the victim pays.

IoT Malware on the Rise

You down with I-o-T? Yeah, probably! While internet of things devices are hardly Naughty By Nature, they’re becoming more and more ubiquitous. As in, if you’re reading this, there’s virtually zero chance you don’t use some type of IoT device(s) in your everyday life. But with that popularity comes greater exposure. In 2019, the Cyber Threat Report indicates there were 34.3 million IoT malware attacks. Oh, and those attack numbers – much like the number of IoT devices – are trending up.

Security has not initially been a priority for most IoT device manufacturers. With no standards in place, devices commonly come with out-of-the-box vulnerabilities like weak or hard-coded passwords, unsecured interfaces, and a lack of secure update mechanisms. An otherwise secure network with vulnerable IoT devices may be leaving a backdoor wide open for hackers to access data.

Encrypted Threats Continue Growth

While transport layer security (TLS) and its predecessor, secure sockets layer (SSL) encryption standards are largely meant for good, bad actors are always looking to spoil the fun. Encryption when used for wholesome purposes ensures privacy and protects data. But hackers use this encryption against a network, sending malicious packers to obfuscate malware files. That can get them through a network’s standard defenses. The Cyber Threat Report shows our aforementioned bad actors sent 3.7 million malware attacks over TLS/SSL traffic in 2019, 27.3% more than the year prior. Why is this technique on the rise? Many firewall appliances don’t have the capability or power to detect, inspect, and stop attacks sent through encrypted traffic.

Defenses Are Improving, Too

Most of this Cyber Threat Report analysis is probably giving you anxiety, so let’s end on a positive note. The forces for good are continually improving their (which also means your) defenses against these hazards. Security advances include faster identification – and in turn faster mitigation – of zero-day threats. For instance, SonicWall is able to ID never-before-seen malware variants about 2 days before malware repository VirusTotal receives samples. Also noted are advancements made in deep memory inspection technology to combat side-channel attacks among others. In SonicWall’s case, that technology is a part of its Real-Time Deep Memory Inspection (RTDMI) engine. You can get a taste of it with a new SOHO 250 or TZ350 bundle. The report additionally spotlights growing momentum of perimeter-less security as traditional boundaries go by the wayside. This includes the introduction of the secure access service edge (SASE), which would combine software and service-based security solutions.

Want to Learn More?

Visit our Threat Dictionary to get updated on some of the latest cyber threats out there today. Shop for SonicWall security solutions like firewalls, web application firewalls, and cloud app security to name a few. And get your very own copy of the full 2020 Cyber Threat Report to dig into all the nitty gritty details yourself.
 

The Firewalls.com Threat Dictionary: Know Your Enemy

Meet the Firewalls.com Threat Dictionary

Network security education & firewall know-how are essential to our modus operandi here at Firewalls.com. Cyber security doesn’t stop at choosing the right appliance or service subscription. Small businesses can benefit greatly from understanding the types of threats they face on a daily basis. Recognizing how breaches happen, where vulnerabilities occur, and how best to prevent them can arm even tech newbies with the knowledge to keep their data secure.

That’s why Firewalls.com developed our new Threat Dictionary. Any frequent follower will have noticed the addition of a new tab on our humble blog’s top navigation row.  Our Threat Dictionary provides digestible overviews of the most common security threats so that firewall admins and small business owners know exactly what they’re dealing with. Plus, we tell you which security solutions are built to address each threat!

Firewalls Threat Dictionary

 

We cover topics from Advanced Persistent Threats to Zero-Day Exploits, and everything in between. We’ll continually expand our library of security threats so that you’re always well-informed about the latest perils to your data!

View the Firewalls.com Threat Dictionary

Looking for More Network Security Wisdom?

We’ve got a ton of great content to consume if you’re looking to boost your security savvy.  Check out some of the additional resources we’ve whipped up for you below:

Cyber Security Glossary – Learn the lingo of cyber security with our Cyber Security Glossary. Unpack the abbreviations so you can talk tech with the best of ’em.

Configuration QuickStart Checklist – Looking to tackle a configuration yourself? Do-It-Yourselfers and Consultants rejoice, this checklist from Firewalls.com will be there every step of the journey. In-depth setting options assist you in leaving no stone unturned.

Firewall Buyers Guides – If you’re shopping for SonicWall, Sophos, or Fortinet firewalls, but want a bit more info about bundle options or series comparisons, our buyer’s guides are built for you. Demystify the brand terms and get a clear picture of the products you’re purchasing.

Firewalls.com YouTube Channel – We break down the features of some of our best-selling firewalls, provide step-by-step tutorials for solving some of your biggest security puzzles, and give greater depth to some of our blog content. Subscribe for regular updates!

5 Big Takeaways from the SonicWall 2018 Cyber Threat Report

The 2018 SonicWall Cyber Threat Report was just released and we’re here to break down this massive report into bite-size morsels for you to chew on. Each year, SonicWall Capture Labs publishes an in-depth look at the trends, changes, & tech that shaped the cyber threat landscape over the previous year and they use their findings to predict the volatile threat landscape that organizations can expect to traverse in the coming year. Predict your own cyber security future by understanding these 5 key takeaways from the 2018 Cyber Threat Report.

1. Ransomware

Wave goodbye to the cyber security war that you once knew. No, it’s not over. It’s just a little different now. Despite headline-worthy attacks rocking Europe and North America, 2017 was a year of retreat and regroup for threat actors. No longer happy to play the numbers game, criminals have instead turned their focus towards innovation. While overall ransomware attacks dropped, the number of unique variants increased in 2017.

The number of ransomware attacks detected in 2017 by SonicWall Capture Labs totaled 183.6 million, a 71% drop compared to 2016. Nonetheless, of those detected hits, SonicWall discovered one never-before-seen variant for every 250 known threats it encountered. This means that ransomware is becoming more versatile. In 2018, expect the trend to continue, meaning your organization will be defending from fewer attempts, but each attempt will be smarter and more cunning than previous years.

What does this mean for me?

If you’re not already using a cloud-based sandbox, 2018 is the year to jump on the wagon. Zero-day threats may well become the new norm, meaning you’re only partially protected if you still depend on signature updates and patches. As the threat landscape shifts from quantity to quality, it is paramount that organizations stay ahead of the wave.

2. Malware

Where ransomware has taken a step back to catch its breath, malware filled the void in 2017, rebounding from the significant dip witnessed in 2016. From 2015 to 2016, malware attacks dropped from 8.19 billion occurrences to 7.87 billion, a statistic initially interpreted as a signal that malware was on the decline. 2017, however, saw a roaring return with over 9.32 billion malware attacks logged by SonicWall Capture Labs.

Malware in 2017 did have some unique features compared to past specimens. With the fall from grace of Adobe Flash sweeping a huge category of vulnerabilities and exploits into the trash, malware authors designated Microsoft as their new punching bag. Attacks against old targets like Acrobat Reader and Reader DC are down. Meanwhile, attacks targeting Word, Excel, and other Office products are ramping up.

Second, threat actors have seemingly joined the green movement by making recycling a big aspect of malware lifecycles. No, we’re not talking about scraps of trash, but malware code itself being reused, rehashed, and rewritten. The SonicWall Cyber Threat Report refers to this phenomenon as “malware cocktails.” Such cocktails are created by mixing and matching snippets of code or functionality from several malware kits and splicing them into new Frankenstein-esque creations.

What does it mean for me?

Take your signature-based scans and toss them out the window. It’s high time you switch over to behavior scanning. Most cyber security brands worth their weight are relying more heavily on machine learning, deep system scans, and real-time protection. Both SonicWall’s Capture ATP & Sophos’ Sandstorm make use of the latest deep learning capabilities to identify, probe, and judge data in fractions of a second. Much like our response to ransomware above, the key to steering clear of a malware infection will be in an organization’s ability to stay dynamic.

3. SSL/TSL

Speaking of malware, another important shift in the threat landscape is malware’s ability to hide itself behind encryption. Encryption, specifically through SSL/TSL protocol, has accelerated, with over 60% of web traffic now encrypted. Soon, Google Chrome will begin marking all unencrypted pages as “not secure.” All signs point towards a future where SSL/TSL secured sites are the normal and malicious traffic is no exception.

What does it mean for me?

According to the report, organizations that lack the ability to inspect encrypted traffic missed, on average, over 900 attacks hidden by SSL/TSL encryption in 2017. In addition, many attack kits are leveraging custom encryption languages, making it even more problematic to parse out their payload.

Stateful inspection and bad policy configuration are no longer effective if you want to catch all of the attacks. In 2018, an organization will rely heavily on its ability to inspect encrypted traffic. It may be wise to get a second set of eyes to review your NGFW configuration to ensure your network is set up to deal with encrypted threats.

4. Internet Of Things

We wrote up a comprehensive article on IoT in 2017 that takes an in-depth look at the developments and dangers surrounding the Internet of Things. Since then, exploits with very scary names such as Meltdown and Reaper have emerged. Unfortunately, IoT-enabled products continue to be produced with little to no regard for cyber security. Expect to see the weaponization of IoT clusters for use in botnet DDoS attacks.

What does it mean for me?

Honestly, we’re not sure. The bad guys have not yet figured out how to best make use of this emergent attack vector. Whatever the future may hold for IoT, one thing we know for certain is that we will one day regret the short-sightedness of pumping all of these network-enabled devices into public hands with scant oversight of security risks. SonicWall Capture Labs has put forth at least one solution, which we’ll outline next.

5. Real-Time Deep Memory Inspection (RTDMI)

SonicWall has demonstrated its inventiveness over and over throughout the years with a strong portfolio of patents. Most notable is their patented Reassembly-Free Deep Packet Inspection, a method that allows simultaneous scanning of data chunks through multiple processing engines, changing DPI services of old from bottlenecks into high-speed security checkpoints. In 2018, SonicWall continued their proud tradition of innovation by opening new battlegrounds in the fight against cyber crime in advanced technologies such as IoT, chip-based threats, & mass market malware with the introduction of their patent-pending Real-Time Deep Memory Inspection.

There’s not a whole lot of information about RTDMI released so far, but the few snippets of features we were able to find hinted at potential capabilities. RTDMI is located in the Capture cloud and has been quietly operating for a few months now, so if you’re currently running Capture ATP you’re already under RTDMI’s silent watch.

RTDMI can detect and block malware that conceals its malicious behavior behind encryption. By scanning these encrypted threats in real time and forcing them to expose their intentions in processor memory, RTDMI promises to root out even the best disguised attacks. According to the threat report, the act of exposing, detecting, and blocking these kinds of advanced threats takes place in a timescale of under 100 nanoseconds.

What’s this mean for me?

Again, we’re not sure yet. But you should find this news reassuring at the least. RTDMI demonstrates that SonicWall is already working to solve the emerging threats of tomorrow. We’ll keep bugging SonicWall for more information on and we’ll let you know what we find out about this mysterious new patent-pending tech.

There is one common thread linking all of this information: set-it-and-forget-it is dead. Cyber safety in 2018 equates to dynamic, real-time, advanced tech focused efforts. Still relying on a legacy firewall or bare bones subscriptions? We recommend you start weighing your options. And if this all sounds expensive to you, consider softening the upfront costs by partnering with a Security-as-a-Service team where everything you need to stay secure is provided at a much lower cost monthly subscription.

READ THE FULL 2021 SONICWALL CYBER THREAT REPORT