WatchGuard’s Q1 2017 Internet Security Report found that two out of the top-ten most popular malware threats were malicious JavaScript. That’s right, while JavaScript may be well known for its many handy, legitimate uses, it’s also a popular obfuscation method that can allow cybercriminals to stealthily deliver malware via email or the web. Why is it so popular? One major … [Read more...]
Packet Capture on AWS ~ New Solutions to Old Problems
Security professionals often attach a packet capture security appliance to a span port on hardware network equipment to capture network packets in a data center. On AWS customers do not have access to span ports and physical networking equipment. This led some security professionals to believe it is not possible to implement a packet capture solution on AWS. In fact, packet … [Read more...]
Using Firewall Policies to Auto-Block Rogue Hosts on External Networks
Automatically preventing all traffic from hosts that attempt to connect to blocked ports can help prevent further malicious actions from those IP addresses as explained in Auto-Blocking Suspicious Hosts Found in Traffic Logs. After posting that article, one WatchGuard customer sent me a note about using the auto-block feature to help prevent DDoS attacks. By reducing the … [Read more...]
Become a Better Cybersecurity Pro by Abandoning These Bad Habits
We all have our faults, and can sometimes get stuck in our ways – no one is perfect after all. But in the world of information security, bad habits can lead to costly and unnecessary troubles for your company. In a recent article, TechRepublic outlines 10 habits cybersecurity pros need to break, and features advice from industry experts on how to overcome them. The story … [Read more...]
Carbon Black Data Leaks – A Good Reminder to Protect Keys
A security firm published a blog post today explaining how they compromised an endpoint security system. The vendor, Carbon Black, responded in a blog post explaining that this feature is off by default and customers receive a warning when they turn it on. Setting aside the topic of responsible disclosure for the moment, take a look at this statement in the research firm’s … [Read more...]
