Recent news of BGP hijacks shows attackers are increasingly using this attack method. In WatchGuard’s 2019 security predictions, we predicted that a BGP exploit could take down substantial portions of the internet this year. But how could this happen? If you are unfamiliar with BGP it might make it hard to understand how someone could accidentally send traffic to one location … [Read more...]
Brexit Email Tricks Users Into Downloading Malware
Recently, some individuals received emails that used Brexit to trick them into opening malicious office document attachments. The document’s authors must have been watching the news carefully because the file’s name was Brexit 15.11.2018.docx and the emails came around the same time as the release of the Brexit plan. Looking at the Document, we see the author of the document is … [Read more...]
Bleedingbit Bleeds Bluetooth
A new Bluetooth vulnerability called Bleedingbit came out yesterday, affecting Bluetooth APs if they use a Texas Instruments chip. With many IoT devices using Bluetooth including TVs, cellphones, locks, and modern cars there are a lot of potential devices that could be exploited. Before we dive in, if you are a WatchGuard customer, you're probably wondering if you are … [Read more...]
High-Tech Lock, Low-Tech Security
Last week, BoxLock showed off their high-tech security lock that includes a bar code scanner on the ABC show Shark Tank. The lock was designed for applications where you would want to allow third party access to the protected area. For example, a delivery driver can open the lock by scanning a package bar code, and the lock would take care of marking the package as delivered. A … [Read more...]
California Bill Increases Default Password Security
California has taken steps to increase the password security on new devices made after January 1 2020. Senate Bill No. 327 forces manufactures to create unique passwords for each device or force the user to create a new password on their first login. This only applies to devices that are accessible outside the local network. (1) The preprogrammed password is unique to … [Read more...]
