Secplicity Blog
Cybersecurity Headlines & Trends Explained
The Spec Is Back, But Nobody Told Security
What happens when AI makes Waterfall agile? A few weeks ago, I was sitting with one of our engineering VPs while he walked me through his workflow in Cursor. Before writing a single line of code, he spent a meaningful amount of time using Cursor to craft a feature specification, a detailed natural…
Why CVE Grading Still Matters for Vulnerability Management
Vulnerability management has never been just about finding flaws. It is about understanding which flaws matter most, which ones attackers are likely to exploit, and which ones security teams need to prioritize before they become a real business risk. That is why CVEs, CVSS scores, and vulnerability…
TimbreStealer Malware Targets Mexico Companies with Advanced Evasion Techniques
WatchGuard telemetry identified a campaign associated to TimbreStealer, which is known to target companies based in Mexico. This research, conducted by Euler Neto and Cristóbal Tárraga, describes behaviors similar to those observed in a previous campaign documented by Cisco Talos in 2024, which uses…
The WatchGuard Geopolitical Cyber Report: Iran-Affiliated Cyber-Espionage Against Global High-Value Organizations
TL;DR: Iran-linked MuddyWater, also known as Seedworm, is using trusted software, DLL side-loading, and legitimate tools to quietly spy on high-value organizations across manufacturing, aviation, finance, education, government, and public sector environments. This campaign is not focused on…
NoisyS0cks: Undocumented SOCKS5 Pivot Framework Giving Ransomware Affiliates a Foothold Inside Networks
The WatchGuard Attestation Team has uncovered an undocumented pivot framework written in Golang that opens a Smux-multiplexed SOCKS5-style pivot channel on each compromised host using one of two interchangeable transports: KCP-over-UDP with DTLS obfuscation or Noise-over-TCP with TLS obfuscation…
AI Export Controls, FortiBleed Credentials, and Windows Zero-Days: What Security Teams Should Take Away
Artificial intelligence, exposed edge devices, and vulnerability disclosure are colliding in ways that security teams can no longer treat as separate risks. In Episode 375 of The 443: Security Simplified, WatchGuard’s Marc Laliberte and Corey Nachreiner unpack three timely cybersecurity stories: the…