Cybersecurity News & Trends – 07-10-20

This week, phishing dominated the headlines, as threat actors targeted Office 365 users and senior executives.

SonicWall Spotlight

Contact tracing apps: “It’s better to do it right than quick” — Verdict

• This podcast on contact tracing technology includes commentary from Bill Conner, who discusses different types of security policies and why security and privacy are of paramount importance.

'Our direct-touch approach is disrupting the market' - SonicWall's new Ireland boss on becoming more than just a firewall vendor — Channel Partner Insight (UK)

• Ireland Country Manager Tristan Bateup said SonicWall's channel team in Ireland has been restructured to bring more roles into the country. "We've now got people in place in country from a sales and marketing, sales and engineering and obviously a country lead perspective.”

Cybersecurity News

Over 5 Billion Unique Credentials Offered on Cybercrime Marketplaces — Security Week

• More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials.

Researchers connect Evilnum hacking group to cyberattacks against Fintech firms — The Register

• New report puts a microscope on Evilnum, including its tools, techniques and potential ties to other cyberattackers.

Conti ransomware uses 32 simultaneous CPU threads for blazing-fast encryption — ZDNet

• The Conti ransomware also abuses the Windows Restart Manager component to unlock apps and free up their data for encryption.

Persuasive Office 365 phishing uses fake Zoom suspension alerts — Bleeping Computer

• A new phishing campaign targets Microsoft Office 365 corporate users with notices that their Zoom accounts have been suspended, with the end goal of stealing Office 365 logins.

Citrix tells everyone not to worry too much over its latest security patches. NSA's former top hacker disagrees — The Register

• Rob Joyce, former head of the NSA's Tailored Access Operations elite hacking team, warns it's time for admins to get busy to ensure protection from several exploitable issues, including unauthenticated access and RCE.

Vast Phishing Campaign Hits Microsoft Users in 62 Countries — Bloomberg

• Microsoft Corp. customers were targeted in a massive phishing campaign that has sought to defraud users in 62 countries since December, with recent emails attempting to exploit the pandemic.

North Korean hackers linked to web skimming (Magecart) attacks, report says — ZDNet

• After hacking banks and cryptocurrency exchanges, orchestrating ATM cash-outs, and deploying ransomware, North Korean hackers have now set their sights on online stores.

Cerberus Banking Trojan Unleashed on Google Play — Threat Post

• The Cerberus malware can steal banking credentials, bypass security measures and access text messages.

Looks Like Russian Hackers Are on an Email Scam Spree — Wired

• A group dubbed "Cosmic Lynx" uses surprisingly sophisticated methods — and targets big game.

Hackers are trying to steal admin passwords from F5 BIG-IP devices — ZDNet

• Threat actors have already started exploiting the F5 BIG-IP mega-bug, attempting to steal administrator passwords from the hacked devices

New Mac ransomware is even more sinister than it appears - Ars Technica

• ThiefQuest or EvilQuest can grab passwords and credit card numbers.

In Case You Missed It

• ‘3 & Free’ Promotion: The Easiest Way to Upgrade Your SonicWall Firewall for Free — Robert (Bob) VanKirk
• SonicWall EMEA 2020 Virtual Partner Events — Terry Greer-King
• COVID-19 Ushers in a New Era of Cybersecurity for Higher Ed — Bill Conner
• A Brief History of COVID-19 Related Attacks, Pt. 1 — Dmitriy Ayrapetov
• SonicWall’s Online Community Connects Cybersecurity Professionals — Micah Vorst