Cybersecurity News & Trends

This week, a lot’s been up—including data loss, ransom demands, white-hat bounties, VPN sales and more.

SonicWall Spotlight

Test Platform Leaks Bank of America Clients’ COVID-19 PPP Loan Applications — SC Magazine

• BoA said the platform was designed to test application submissions of to the Small Business Administration — but the company soon realized client docs could be viewed by other lenders and third parties.

SonicWall’s Labs Threat Research Team Spot fake Aarogya Setu App Carrying Spyware Components — CRN India

• After the Covid-19 tracking app reached five million downloads within its first three days, it became a target for malware creators. According to SonicWall Labs Threats research team, fake Aarogya Setu apps containing spyware are now in circulation.

New Ransomware Is Spreading That Charges $1,300 In Bitcoin — Decrypt

• SonicWall researchers have discovered a new ransomware called Instabot that asks for ransom in bitcoin—and includes video instructions and a step-by-step manual to “help” victims comply.

Cybersecurity News

Israeli cyber chief: Major attack on water systems thwarted – The Washington Times

• According to Israel’s national cyber chief, the country has thwarted a major cyberattack against its water systems, and it’s believed that Iran is behind it.

Ransomware’s big jump: ransoms grew 14 times in one year – Bleeping Computer

• Ransomware has become one of the most insidious threats in the past few years, and the demands continue to climb: According to Bleeping Computer, ransom demands for more than $1 million are no longer rare.

Data Loss Spikes Under COVID-19 Lockdowns – Dark Reading

• Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their effectiveness.

DHS’s cyber division has stepped up protections for coronavirus research, official says – Cyberscoop

• “I just want you to know that we have stepped up our protections of HHS and CDC,” Bryan Ware told industry representatives Friday.

New Octopus Scanner malware spreads via GitHub supply chain attack – Bleeping Computer

• Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems.

Hong Kong demand for VPNs surges on heels of China’s plan for national security laws – Reuters

• Demand for virtual private networks in Hong Kong surged more than six-fold last Thursday as Beijing proposed tough new national security laws that some say could impact internet privacy.

States plead for cybersecurity funds as hacking threat surges – The Hill

• Cash-short state and local governments are pleading with Congress to send them funds to shore up their cybersecurity as hackers look to exploit the crisis by targeting overwhelmed government offices.

$100 million in bounties paid by HackerOne to ethical hackers – Bleeping Computer

• Bug bounty platform HackerOne announced that it has paid out $100,000,000 in rewards to white-hat hackers around the world.

‘Turla’ spies have been stealing documents from foreign ministries in Eastern Europe, researchers find – Cyberscoop

• According to researchers, a notorious group of suspected Russian hackers have used a revamped tool to spy on governments in Eastern Europe and quietly steal sensitive documents from their networks.

Ransomware deploys virtual machines to hide itself from antivirus software – ZDNet

• The operators of the RagnarLocker ransomware are running Oracle VirtualBox to hide their presence on infected computers inside a Windows XP virtual machine.

In Case You Missed It

• Why Securing Remote Work is Crucial To Ensuring Business Continuity – Agasthiamani Sankaran
• Securing Telecommuters with Expanded Endpoint Visibility and Control – Suroop Chandran
• ‘Boundless Cybersecurity’ Protects Organizations Mobilizing for the New Business Normal – Geoff Blaine
• The New Front in Hospitals’ Battle Against COVID-19: Ransomware – Amber Wolff
• SonicWall Unveils Partner Program Designed for MSSPs – Lindsey Lockheart

Amber Wolff

Senior Digital Copywriter | SonicWall

Amber Wolff is the Senior Digital Copywriter for SonicWall. Prior to joining the SonicWall team, Amber was a cybersecurity blogger and content creator, covering a wide variety of products and topics surrounding enterprise security. She spent the earlier part of her career in advertising, where she wrote and edited for a number of national clients.