Three stories, one theme: control planes, supply chains, and human workflows remain high-leverage targets. This Secplicity blog follows the sequence and details covered by Marc Laliberte and Corey Nachreiner in The443 Podcast Episode 360. 1) Cisco Catalyst SD-WAN 0-Day (CVSS 10): What happened Cisco…
Introduction At the turn of the year, we were alerted to a doppelganger domain impersonating WatchGuard’s Mobile VPN with SSL, delivering a malicious spoofed client to steal credentials. Navigating directly to the doppelganger domain resulted in a benign informational WatchGuard VPN page. However…
At the beginning of April, WatchGuard received a report from a customer in the hospitality business describing a new phishing campaign targeting their staff. The attack starts with the threat actor opening a reservation request with the hotel, which they then cancel by email, citing a bad review for…