WatchGuard telemetry identified a campaign associated to Grandoreiro that uses the DLL Side-Loading technique abusing four different softwares, targeting banks in Portugal. Also, it was identified cases of a known campaign that uses a malicious VBS to deliver the malware, targeting companies in…
Long weekends are good for people. They're also useful for attackers. That's not fearmongering. It's an operational reality. Threat actors understand how businesses work. They know when staffing is lighter, when response times may be slower, and when IT and security teams are more likely to be…
For many small and midsize businesses across Latin America, cybersecurity is no longer a future concern. It is a present operational risk. Episode 368 of The 443: Security Simplified features WatchGuard’s Marc Laliberte and Corey Nachreiner in conversation with Paul Harris, CEO of BGLA and Futurity…
A newly disclosed Windows zero-day, dubbed RedSun, is the latest reminder that attackers do not need to break in if they can simply escalate. Discussed in Episode 367 of The 443 podcast, this vulnerability highlights how trusted system processes can be manipulated to gain full system-level access…
WatchGuard telemetry identified two different phishing campaigns targeting Greek, Spanish, Slovenian, Bosnian and Latin and Central American companies, that use different techniques to delivery FormBook malware. FormBook is a data-stealing malware that targets Windows systems, primarily distributed…
Artificial intelligence is no longer just a productivity multiplier. It is becoming a force multiplier for cybersecurity, and potentially for cyber risk. In Episode 366 of The 443, Marc Laliberte and Corey Nachreiner discuss three developments that together paint a clear picture of where the…
Fraud is nothing new. It is a reality that some people will take advantage of the trusting and even minimally naïve. Last year, in a moment of high stress and low sleep, even I, a 25-year Cyber Security veteran, was duped by a phone call from the “FBI” claiming my involvement in identity theft…
Most organizations are still focused on stopping attackers at the perimeter. But that’s not how modern attacks are working anymore. In Episode 364 of the 443 Podcast, three stories stood out not as isolated incidents, but as signals of a broader shift in how attackers operate: A potential US ban on…
In Episode 363 of The 443 Podcast, Corey Nachreiner speaks with Kristen Yang, Cybersecurity Analyst & Investigations Lead, about the threats security teams should be paying closest attention to right now. The conversation reinforces an uncomfortable truth for defenders: many successful attacks still…
WatchGuard telemetry identified some malicious files being downloaded by victims, and almost all of them originated in Venezuela, indicating a possible malicious campaign targeting companies in this country. The malicious files are distributed via phishing emails that have a SVG file with a filename…