Cybersecurity News & Trends – 04-30-21

This week, attacks by cybercriminals in Russia and China made headlines — and the U.S. government is mobilizing to fight back.

SonicWall in the News

‘A Perfect Score’: SonicWall Capture ATP Aces Latest ICSA Lab Test, Finds More ‘Never-Before-Seen’ Malware Than Ever — Company Press Release

• SonicWall Capture Advanced Threat Protection (ATP) sandbox service with Real-Time Deep Memory Inspection™ (RTDMI) received a perfect score in the latest ICSA Labs Advanced Threat Defense test for Q1 2021.

Industry News

Here's what Russia's SVR spy agency does when it breaks into your network, says U.S. CISA infosec agency — The Register

• Following attribution of the SolarWinds supply chain attack to Russia's APT29/Cozy Bear, the U.S. CISA infosec agency has published a list of the spies' known tactics.

Ransomware crooks threaten to ID informants if cops don’t pay up — Ars Technica

• Ransomware operators have delivered a stunning ultimatum to Washington, D.C.’s Metropolitan Police Department: pay them $50 million, or they’ll leak the identities of confidential informants to street gangs.

Navy SEALs to Shift From Counterterrorism to Global Threats — Security Week

• U.S. Navy SEALs are undergoing a major transition to improve leadership and expand their commando capabilities to battle threats from global powers like China and Russia.

Cyberspies target military organizations with new Nebulae backdoor — Bleeping Computer

• A Chinese-speaking threat actor has deployed a new backdoor in multiple cyber-espionage operations, spanning roughly two years and targeting military organizations from Southeast Asia.

Suspected Chinese hackers are breaking into nearby military targets — Cyberscoop

• The suspected PLA hackers are back in action.

Microsoft Weighs Revamping Flaw Disclosures After Suspected Leak — Bloomberg

• Microsoft Corp. may revise a program that shares coding flaws in its products with other companies after a sprawling cyberattack against thousands of Microsoft Exchange email clients.

U.S. warns of Russian state hackers still targeting U.S., foreign orgs — Bleeping Computer

• The FBI, the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency warned of continued attacks by Russian-backed APT 29 hacking group against U.S. and foreign organizations.

Law enforcement delivers final blow to Emotet — Cyberscoop

• Law-enforcement officials are sending a specially crafted file to infected machines.

Selling of Mobile Phone Data Presents Security Risk for U.S. Armed Forces — The Wall Street Journal

• Apps show troop movements buried in data available for purchase: a “major risk to national security.”

Ransomware's perfect target: Why one industry needs to improve cybersecurity, before it's too late — ZDNet

• Dependencies on just-in-time supply chains and sometimes out-of-date technology make shipping and logistics an ever-more-tempting target for cybercriminals.

Apple’s ransomware mess is the future of online extortion — Ars Technica

• Hackers want $50 million in exchange for not releasing schematics they stole from an Apple supplier.

China could 'control the global operating system' of tech, warns UK spy chief — ZDNet

• The head of the UK's intelligence service warns that the West must be prepared to face a world where technology is developed and controlled by states with “illiberal values.”

New cryptomining malware builds an army of Windows, Linux bots — Bleeping Computer

• A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads.

ToxicEye: Trojan abuses Telegram platform to steal your data — ZDNet

• This recently discovered RAT is using bots to propagate across Telegram channels.

In Case You Missed It

• SonicWall Capture ATP Receives Perfect Score in ICSA Labs ATD Certification — Kayvon Sadeghi
• A Look Back: SonicWall Reflects on its 42nd CRN Award — Lindsey Lockhart
• Cybercrime on Campus: How Education Became Attackers’ Biggest Target — Amber Wolff
• Understanding the Difference Between Azure Firewall Services and SonicWall NSv — Stefan Brunner
• Clear and Present Danger: Why Cybersecurity is More Critical than Ever — Debasish Mukherjee