Welcome to Watchguard Online Support and Customer Services. Please read the online Knowledge Base or submit a ticket and one of our team will be happy to deal with your request. You may also call our Watchguard team on +44(0)3300 881114

Search the Portal

Recent Articles

OWASP Update

[image] This week on the podcast we discuss the first update to the OWASP Top 10 since 2017. OWASP servers as an excellent resource for improving web application security so we’re excited to run through the latest refresh of their top security...

Security Updates by Marc Laliberte
Azure Linux VMs Vulnerable Due to Pre-Installed Agents

[image] Update 1: OMI agent is not installed on Azure FireboxV/Cloud instances (September 17th, 2021): We reviewed our FireboxV/Cloud instance for Azure and confirmed that the OMI agent cannot be installed on the image. We recommend reviewing...

Security Updates by Josh Stuifbergen

[image] This week on the podcast we cover ProxyWare, a form of malware that monetizes your internet access for the benefit of the attacker. After that, we discuss ChaosDB, a vulnerability that could have enabled any Azure user to gain full...

Security Updates by Marc Laliberte
Stop Following Me – Rewind

[image] This week on the podcast we dig back in the archives to 2019 where we discussed how web servers manage to track users across sites using browser fingerprinting methods. Even though some improvements like removing third-party cookies have...

Security Updates by Marc Laliberte
PolyNetwork Heist

[image] This week on the podcast we cover one of the largest cryptocurrency heists in history, with a surprising twist of an ending! Before that we’ll chat about the latest T-Mobile data breach and what we can learn about protecting user...

Security Updates by Marc Laliberte
Mobile Carriers Leak 123 million Customer Records in One Week

[image] Over the last week we saw 70 million AT&T customers and 53 million T-Mobile customers have their personal data leaked to hackers. While we didn’t find any connections between these two breaches the timing of the incidents is strange...

Security Updates by Trevor Collins
DEF CON 29 Recap

This week on the podcast we chat about a few of our favorite presentations from the 2021 edition of the DEF CON security conference out of Las Vegas. If haven’t checked them out yourself, visit the DEF CON YouTube channel or media.defcon.org to view this year’s and all previous year’s content. Read More - DEF CON 29 Recap

Security Updates by Marc Laliberte
Supply Chain Attacks Through an IDE

[image] David Dworken, a Google security researcher, presented a recent Defcon talk about how he found over 30 vulnerabilities in various Integrated Development Environments (IDEs) over the course of a few months of research. Many believe that...

Security Updates by Trevor Collins
ProxyShell, Exchange Servers Under Attack Again

[image] With the 2021 editions of the BlackHat and DEF CON security conferences all wrapped up, one of the presentation that made the biggest waves was the latest research from Orange Tsai of Devcore Security Consulting. Tsai was the researcher...

Security Updates by Marc Laliberte

[image] This week on the podcast, we chat about a recent report from Qrator that highlights some of the massive weaknesses in the backbone of the internet. After that, we discuss a recent research blog post from Yan (@bcrypt) showing her work in...

Security Updates by Marc Laliberte
Defcon Talk Timeless-Timing-Attacks

[image] A recent Defcon talk by Tom Van Goethem and Mathy Vanhoef, “Timeless Timing Attacks” made significant progress on ways to create timing attacks over a network. Timing attacks work by extracting data form devices based on how long it...

Security Updates by Trevor Collins
What Is Zero-Trust Security?

[image] This week on the podcast we talk Zero-Trust. What is it? How do you implement it? And why should all IT professionals work towards updating their networks to this security architecture? We’ll answer all that and more after a quick Kaseya...

Security Updates by Marc Laliberte
What to Make of the Biden Administration’s New ICS Cybersecurity Initiative

[image] Yesterday, the Biden Administration unveiled a new initiative to help improve the cybersecurity stance of the industrial control systems (ICS) that manage the nation’s critical infrastructure. As recent events (like the Colonial Pipeline...

Security Updates by Corey Nachreiner
Why So SeriousSAM

[image] This week on the podcast we cover the latest Microsoft Windows privilege escalation vulnerability, SeriousSAM aka HaveNightmare. Before that, we discuss NSO Group and their spyware software known as Pegasus and whether private...

Security Updates by Marc Laliberte
Section 230 – Rewind

[image] With the White House announcing this month that it plans to investigate potential changes to Section 230, the safe harbor laws that enable websites to moderate content without risk of liability for content they fail to remove, we wanted...

Security Updates by Marc Laliberte
REvil Hasn’t Gone Anywhere (Probably)

[image] Many of the recent high-profile ransomware attacks like those against Acer, JBS and more recently, customers of Kaseya, have been the work of the ransomware as a service group REvil. After the most recent attack that exploited multiple...

Security Updates by Trevor Collins
The PrintNightmare Saga Continues to Frustrate System Administrators

[image] Update 1: Third PrintNightmare CVE published (July 16th, 2021): Microsoft published CVE-2021-34481 on July 15th for a local privilege escalation vulnerability. The third Print Spooler service vulnerability is considered separate from...

Security Updates by Josh Stuifbergen
Kaseya & PrintNightmare

[image] This week on the podcast we cover the Kaseya mass ransomware incident from July 7. While the event is still ongoing, we already have evidence for how the attack occurred and exactly what the threat actors did on affected endpoints. In...

Security Updates by Marc Laliberte
A Market for Lemons?

[image] We recorded this episode before news of the massive attack against Kasaye users broke on Friday. Suffice to say, next week’s episode will give a full debrief of the incident including how it happened, who it affected, and what all MSPs...

Security Updates by Marc Laliberte
Breaking Alert: MSP Targeted Ransomware Attack (Kaseya Supply Chain Attack)

[image] Managed Service Providers (MSPs), especially ones using Kaseya VSA, should read this and take action as soon as possible. High-level Summary: On Friday, July 2, some MSPs using the on-premises version of Kaseya VSA suffered ransomware...

Security Updates by Corey Nachreiner