SonicWall is reporting of a breach in their devices, as three zero-day vulnerabilities have been announced. At least one has been exploited in the wild. The company has published fixes for the issue, and urge customers to upgrade immediately.
Meanwhile and unrelated, the REvil ransomeware gang is attempting to extort Apple. They want Apple to “buy back” stolen product blueprints, and have set a date of May 1 to pay the ransom. The announcement was timed for Apple’s Spring Loaded event. The gang has targeted Apple after Quanta Computer, an Apple business partner, refused to communicate with the gang. The gang reportedly accessed the plans via a breach of Quanta.
And, in escalating size, FireEye has indicated that Chinese hackers are believed to have compromised dozens of US government agencies, financial institutions, and defense contractors. This investigation is still in the early stages, as reported by the Washington Post.
Finally, just in case you thought it was totally over, there are two more malware variants tied to the Solarwinds Orion breach. The alert indicates that Russian-backed attackers were focusing on five known vulnerabilities.
Why do we care?
Extortion ware is my interest here. Rather than just ransom, the threat to release confidential data from Apple are downright scary. Now imagine your customer – or you – on the end of that threat. All it will take is the criminals systemizing that process, and they have long since proven themselves capable of that.
It’s why I care so much about the norms and changing. As government is changing their approach, that’s a key development.