Introduction At the turn of the year, we were alerted to a doppelganger domain impersonating WatchGuard’s Mobile VPN with SSL, delivering a malicious spoofed client to steal credentials. Navigating directly to the doppelganger domain resulted in a benign informational WatchGuard VPN page. However…
The UK has taken one of the most decisive steps yet in the global fight against ransomware. Following a summer of attacks that disrupted healthcare, retail, and legal services, the government has confirmed that a targeted ban on ransom payments and a universal reporting requirement will become law…
WatchGuard has recently received reports of a cyber crime campaign underway where a weaponized version of a free PDF editor software “AppSuite PDF Editor” has been distributed to multiple sites for users to unknowingly download and run on their systems. It has been made aware of that the threat…
Sometimes supposedly small things make a huge difference. This can also be true in cyber security configurations. In recent weeks, multiple partners described very similar cyber attacks their customers faced, and in some cases, the criminals were unfortunately even successful in compromising…
What is Encrypted Client Hello? Encrypted Client Hello (ECH) is a TLS protocol extension that encrypts the initial "Client Hello" message in the TLS handshake, concealing the domain name a user is trying to access from network observers, enhancing privacy and security. This article explains this TLS protocol extension and the impact it has on the content filtering settings on your network security devices.
At the beginning of April, WatchGuard received a report from a customer in the hospitality business describing a new phishing campaign targeting their staff. The attack starts with the threat actor opening a reservation request with the hotel, which they then cancel by email, citing a bad review for…
While the world was captivated by the first Harry Potter movie, cybercriminals were busy launching one of the first major web server worms. What Was Happening in the World: The 9/11 attacks in the United States profoundly shifted global security policies, increasing focus on cybersecurity and…
Publication: Dr. Joseph L Popp Jr and The First-Ever Ransomware – The AIDS Trojan If you work in information security or the computer science field, there's a good chance you've heard of the first-ever ransomware – the AIDS Trojan. There's also a chance you know the basics of that story. An…