Welcome to Watchguard Online Support and Customer Services. Please read the online Knowledge Base or submit a ticket and one of our team will be happy to deal with your request. You may also call our Watchguard team on +44(0)3300 881114

Search the Portal

Recent Articles

JAN21
Log4j Becomes The Highest Detected Vulnerability Days After Release

[image] Log4Shell attacks have spread throughout the Internet due to the ease with which attackers can perform them. The WatchGuard Threat Lab sees a sample of these attacks from our customers’ perspectives when they opt to provide anonymized...

Security Updates by Trevor Collins
JAN20
The Death of the Carding Marketplace

This week on the podcast we give a quick update to the Log4Shell saga after the researchers detected the first significant campaign that uses the critical vulnerability. After that, we dive in to the world of carding marketplaces where cybercriminals buy and sell stolen credit card information and discuss possible reasons for why these marketplaces […] Read More - The Death of the Carding Marketplace

Security Updates by Marc Laliberte
JAN11
Is Cybersecurity Vocational?

This week on the podcast we give an update on log4j2 and it’s most recently-disclosed vulnerabilities before covering a recent report on credential stuffing by the New York Attorney General. Then, we discuss this recent article in DarkReading on whether or not cybersecurity jobs should be considered professional or vocational. Read More - Is Cybersecurity Vocational?

Security Updates by Marc Laliberte
DEC2021
HP iLO and the Newly Discovered iLOBleed Rootkit

[image] Iranian researchers at Amnpardaz security firm have discovered rootkits in HPs iLO (Integrated Lights-Out) management modules. These optional chips are added to servers for remote management and grant full high-level access to the...

Security Updates by Josh Stuifbergen
DEC2021
Post-Purchase Monetization of the TV and Your Diminishing Privacy

[image] The internet came by storm. Yes, for years it wasn’t accessible to the major populace, but over time it found its way into the office, school, home, and now more specifically into the living room. With the evolution of the internet came...

Security Updates by Josh Stuifbergen
DEC2021
Give Us Your SSN, Your Email Password, and Your Dream Job

[image] Every so often, there is a phish that stands out because of its brazenness. Today, we came across a bank phish that requested a few verification details: Username and Password Social Security Number Email address and email password used...

Security Updates by Josh Stuifbergen
DEC2021
Active Compromises of vCenter Using The Log4J Vulnerability

[image] Much of what we see exploiting the log4j2 vulnerability, CVE-2021-44228, appears like a scan for the vulnerability, not necessarily exploitation. However, our own honey pot https://github.com/WatchGuard-Threat-Lab/log4shell-iocs has seen...

Security Updates by Trevor Collins
DEC2021
Log4Shell Deep Dive

[image] This week we take a deep dive into CVE-2021-44228, better known as Log4Shell, a critical vulnerability in the massively popular log4j2 logging library for Java applications. We discuss how the flaw came about, how it works, and why this...

Security Updates by Marc Laliberte
DEC2021
Bluetooth Is Safe Enough For You

[image] Politico published a short piece about Kamala Harris’s hesitancy with Bluetooth devices. They considered this a bit amusing, perhaps considering her paranoid based on their tone. While the article’s content was light, it did discuss some...

Security Updates by Josh Stuifbergen
DEC2021
Our 2022 Security Predictions

[image] As we move in to the end of the year it’s time for us to discuss WatchGuard Threat Lab’s 2022 cybersecurity predictions. While many of our predictions tend to come off as extreme, they’re all grounded in the trends that we’ve been...

Security Updates by Marc Laliberte
DEC2021
Critical RCE Vulnerability in Log4J2

[image] [Updated 13-12-2021: Additional information for WatchGuard customers] On Thursday, security researchers disclosed a critical, unauthenticated remote code execution (RCE) vulnerability in log4j2, a popular and widely used logging library...

Security Updates by Marc Laliberte
NOV2021
2021 Security Predictions Grading

[image] Its getting to be the end of the year which means its time to take a look back at WatchGuard Threat Lab’s 2021 security predictions and give ourselves a grading on how well we did! On this episode, we’ll go through our 8 predictions for...

Security Updates by Marc Laliberte
NOV2021
Dangers of Bicubic Interpolation In Pictures

[image] We have seen interpolation in the news concerning a recent court case. Here we cover what interpolation does to an image, not only because of the recent news but also because face recognition uses interpolation to better recognize a face...

Security Updates by Trevor Collins
NOV2021
CISA Alert Tips Off Adversaries

[image] This week on the podcast we discuss how a recent CISA alert on specific threat actor activity tipped off a separate adversary, leading to a new wave of attacks against vulnerable systems across multiple industries. We also cover the...

Security Updates by Marc Laliberte
NOV2021
The Evolution of Phishing: A WatchGuard Real-World Example

[image] Phishing is a type of social engineering attack where threat actors attempt to trick users into providing sensitive information via email. Typically, this involves creating a phishing campaign where threat actors will send the same...

Security Updates by Ryan Estes
NOV2021
Trojan Source

[image] On this week’s episode of the podcast, we cover a newly discovered method for hiding malicious source code in plain sight, CISA’s new Known Exploited Vulnerabilities Catalog, and action from the US Department of Commerce on the Pegasus...

Security Updates by Marc Laliberte
NOV2021
Face Recognition Removed from Facebook But Added to Metaverse

[image] Facebook’s face recognition has one of the largest training databases in the world, built from photos that users have uploaded since Facebook’s inception, but that database’s time may be coming to an end. In a blog post on Facebook they...

Security Updates by Trevor Collins
NOV2021
The Security Conscious NRA Breached by Russian Hacking Group

[image] The NRA has found itself in the middle of a potential breach and ransomware attack. This happened last week after the Russian hacking group Greif reportedly gained access. Greif has close ties to Evil Corp (another advanced hacking group...

Security Updates by Trevor Collins
NOV2021
Stealing Make-believe Money

[image] This week on the podcast, we cover a heist of over $130 million worth of cryptocurrency from a distributed financial (DeFi) organization and have an in depth discussion on why cryptocurrency-related platforms continue to suffer...

Security Updates by Marc Laliberte
OCT2021
Nobelium Threat Group Sets Sights on IT Providers

[image] The Microsoft Threat Intelligence Center (MSTIC) detected attacks by the Nobelium group targeting IT services providers. The intent was to “gain access to downstream customers” such as Cloud Service Providers (CSP) and Managed Service...

Security Updates by Josh Stuifbergen