Welcome to Watchguard Online Support and Customer Services. Please read the online Knowledge Base or submit a ticket and one of our team will be happy to deal with your request. You may also call our Watchguard team on +44(0)3300 881114

Search the Portal

Recent Articles

APR8
Q4 2020 Internet Security Report

[image] Its that time of year again! This week on the podcast we dive in to the latest internet security report out of the WatchGuard Threat Lab. We’ll cover the latest trends in malware, both at the perimeter and the endpoint, as well as...

Security Updates by Marc Laliberte
APR1
Deobfuscating a Dropper for a ZLoader Trojan Variant

[image] On March 18th, 2021, the DNSWatch Tailored Analysis Team received an email from an internal WatchGuard employee who deemed the email as suspicious. The initial email included an attachment with the title Attachment_57904. A DNSWatch...

Security Updates by Ryan Estes
MAR31
Analysis of a Dridex Banking Trojan Phish

[image] At the beginning of March, as many Americans were eagerly awaiting another round of stimulus payments, news began to circulate about cybercriminals taking advantage of the American Rescue Plan offering financial assistance (payments and...

Security Updates by Abdul Samee
MAR31
Ubiquitous for all the Wrong Reasons

[image] Ubiquiti may have a lot to answer to after recent allegations of their possible downplaying of January’s breach. The allegation involves an attacker gaining access to Ubiquiti’s Amazon Web Services (AWS) account via an employee’s account...

Security Updates by Josh Stuifbergen
MAR31
WatchGuard Earns Another 5-Star Rating in CRN’s 2021 Partner Program Guide

[image] CRN has honored WatchGuard with a prestigious five-star rating in its 2021 Partner Program Guide. This is the eighth year in a row WatchGuard has achieved top marks in CRN’s definitive directory of the most rewarding partner programs for...

Security Updates by The Editor
MAR31
What Is Content Security Policy?

[image] This week on the podcast we take a look at Content Security Policy, a web app security standard designed to combat Cross Site Scripting attacks against websites and web apps. Before that though, we’ll cover the latest security news...

Security Updates by Marc Laliberte
MAR29
Fireboxes Detect HAFNIUM Attacks in the Wild

[image] Over the last few weeks, we continue to see HAFNIUM attacks against Exchange Servers through our threat intelligence. Our Firebox feed data shows Fireboxes identifying the signature almost every day over the HTTPS proxy. Yet, Many...

Security Updates by Trevor Collins
MAR29
Attempted PHP Backdoor Foiled

[image] The PHP Group, the collection of developers responsible for maintaining the reference source code and implementation for the popular web scripting language PHP, made the decision to retire their self-maintained code repository server and...

Security Updates by Marc Laliberte
MAR29
DevilXploit and Website Defacement

[image] Sporting and competition are a mainstay of the human spirit. And in that spirit, we find new ways to compete. A classic example of this is website defacement, where a malicious hacker compromises a website and uses the page itself to...

Security Updates by Josh Stuifbergen
MAR24
Alleged Acer REvil Ransomware Infection Breaks Record with $50+ Million Demand

[image] The REvil ransomware group has come to prominence recently by infecting networks around the world with ransomware and demanding large sums of money from their victims. The group commonly posts proof of their successful ransomware efforts...

Security Updates by Ryan Estes
MAR23
Defense Tips from a Pentester

[image] This week on the podcast we cover key findings from the 2020 FBI Internet Crime Report and the latest reflective amplification vector for DDoS attacks. Then, we discuss a recent blog post from penetration tester Fabian Mosch that details...

Security Updates by Marc Laliberte
MAR19
China Suspected of Targeting Email Server During Elections in Australia

[image] As reported by ABC Australia, an Australian government email server fell victim to what we suspect was the Exchange server vulnerability disclosed earlier this month. Officials detected Chinese hackers targeting Western Australia’s...

Security Updates by Trevor Collins
MAR17
Popping Webmail Shells

[image] This week on the podcast we take a deep dive into the Exchange Server vulnerabilities that Microsoft issued an emergency patch for after discovering foreign adversaries were actively exploiting the flaws in the wild. We’ll go over the...

Security Updates by Marc Laliberte
MAR9
iOS Security Primer

[image] There is a considerable amount of attention geared towards traditional computer security, especially for Windows PCs. As Mac’s have been a small portion of the total active users it makes sense that attackers have focused their effort on...

Security Updates by Josh Stuifbergen
MAR9
Hacked by Cosmic Rays

[image] This week on the podcast we cover Gootkitand Gootloader, two oddly-named pieces of an evasive trojan that researchers have been watching evolve into a fileless threat. We also discuss the security benefits and drawbacks of Apple’s...

Security Updates by Marc Laliberte
MAR8
Exchange Server Vulnerabilities Actively Exploited in the Wild

[image] (Updated 03/10/2021 to include defensive tips) As the cybersecurity community continues to reel with the sweeping effects of the SolarWinds attack, the Microsoft Threat Intelligence Center (MSTIC) has released information about another...

Security Updates by Ryan Estes
MAR3
Gab.com Leaks 70 Gigabytes of Usernames Hashed Passwords and More

[image] The alternative social media site Gab, favored by the political right-wing, leaked private information though a SQL injection vulnerability according to Gab.com. Gab CEO Andrew Torba initially denied the breach over the weekend but has...

Security Updates by Trevor Collins
MAR3
Microsoft Says “Regulate Us”

[image] This week on the podcast we cover an upcoming Chrome browser update with important behind-the-scenes changes, a 9.8/10 severity vulnerability in VMWare vCenter, and a plea from Microsoft for more breach disclosure regulation in the wake...

Security Updates by Marc Laliberte
FEB24
RIPE for the Taking

This week on the podcast, we chat about an authentication attack against one of the world’s internet address registrars, another Russian threat actor targeting a popular IT software company, and research on a credential theft trojan and its delivery methods. Read More - RIPE for the Taking

Security Updates by Marc Laliberte
FEB24
Oldsmar Water Treatment Plant Hack

[image] The water treatment system of the city of Oldsmar, FL has been in the news lately after attackers breached its control systems and increased the levels of sodium hydroxide. The targeted treatment plant provides water to businesses and...

Security Updates by Filza Hassan