This week on the podcast, we go back to one of our favorite episodes from last year near the start of the pandemic where we sat down with security expert Nina Jankowicz to discuss what the rapid change to remote work would mean for security. … [Read more...]
Q4 2020 Internet Security Report
Its that time of year again! This week on the podcast we dive in to the latest internet security report out of the WatchGuard Threat Lab. We'll cover the latest trends in malware, both at the perimeter and the endpoint, as well as network attacks and malicious domains. Additionally, we'll recap the top security incident from Q4, the Solar Winds Breach, and what it means for … [Read more...]
Deobfuscating a Dropper for a ZLoader Trojan Variant
On March 18th, 2021, the DNSWatch Tailored Analysis Team received an email from an internal WatchGuard employee who deemed the email as suspicious. The initial email included an attachment with the title Attachment_57904. A DNSWatch Analyst performed an initial assessment of the file in search of any malicious indicators or behaviors only to discover that the file was a heavily … [Read more...]
Analysis of a Dridex Banking Trojan Phish
At the beginning of March, as many Americans were eagerly awaiting another round of stimulus payments, news began to circulate about cybercriminals taking advantage of the American Rescue Plan offering financial assistance (payments and other aids) as part of COVID-19 relief. We got a hold of some of these phishing emails and upon scrutiny, we found the email imitates the IRS, … [Read more...]
Ubiquitous for all the Wrong Reasons
Ubiquiti may have a lot to answer to after recent allegations of their possible downplaying of January’s breach. The allegation involves an attacker gaining access to Ubiquiti’s Amazon Web Services (AWS) account via an employee’s account with root (read/write admin or higher permissions) level access to all of Ubiquiti’s AWS accounts. The whistleblower alleged that the … [Read more...]