In an operation headed by the US Federal Bureau of Investigation (FBI) and Australian Federal Police (AFP), international law enforcement agencies managed to gather 27 million encrypted messages used for criminal communications, through an elaborate operation that involved development and distribution of a custom communications application for modified … [Read more...]
Ubiquitous for all the Wrong Reasons
Ubiquiti may have a lot to answer to after recent allegations of their possible downplaying of January’s breach. The allegation involves an attacker gaining access to Ubiquiti’s Amazon Web Services (AWS) account via an employee’s account with root (read/write admin or higher permissions) level access to all of Ubiquiti’s AWS accounts. The whistleblower alleged that the … [Read more...]
DevilXploit and Website Defacement
Sporting and competition are a mainstay of the human spirit. And in that spirit, we find new ways to compete. A classic example of this is website defacement, where a malicious hacker compromises a website and uses the page itself to show off their conquest. A WatchGuard customer recently submitted a domain that they flagged for phishing. We visited the page … [Read more...]
iOS Security Primer
There is a considerable amount of attention geared towards traditional computer security, especially for Windows PCs. As Mac’s have been a small portion of the total active users it makes sense that attackers have focused their effort on Windows operating systems. Therefore, Windows exploits tend be pervasive in the news leaving some to believe Mac’s “don’t get viruses”. That … [Read more...]
SolarWinds Catch-Up
Swift new developments have continued to pour out on the SolarWinds breach. Under normal circumstances it is difficult to keep up to date on the news and especially so with a story that continues to grow. Nevertheless, the Threat Lab team at WatchGuard has been keeping an eye out on the latest updates. Beyond the major players such as FireEye, Microsoft, CISA, and SolarWinds, … [Read more...]
