• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • Daily Security Bytes
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

For the Love of InfoSec, Don’t Over-Expose Administrative Management Portals

March 28, 2022 By Corey Nachreiner

When talking to IT and Security professionals, everyone seems to know they shouldn’t overly-expose management portals. And yet, every year we learn some new statistic showing tens of thousands of devices or software products with management portals exposed on the Internet. In hopes of changing this trend, this article talks about why management portals sometimes get exposed and … [Read more...]

Sharing Cyclops Blink Threat Intelligence with the Community

March 23, 2022 By Corey Nachreiner

At WatchGuard, we understand the importance of sharing threat intelligence with the information security (infosec) community when safe and appropriate. Not only does this information sharing help to directly defend against known threats, but it also helps the community at large learn from the attacks found in the wild, and appropriately adjust detection and defense strategies. … [Read more...]

5G Didn’t Break Your Car

March 2, 2022 By Trevor Collins

5G didn't put malware on these Mazda’s entertainment systems but many Seattle Mazda drivers couldn't change their radio station after turning it to the local NPR station, KUOW. As one reddit user put it, "the whole audio system and Bluetooth just keeps trying to reboot." Some users also reported they couldn't use their backup cameras. This fiasco started around January 24th … [Read more...]

SpoolFool: Windows Print Spooler Fooled Again

February 23, 2022 By Ryan Estes

Microsoft's monthly Patch Tuesday already occurred this month, so you know what that means - more disclosed vulnerabilities. This iteration of patches included fixes for a combined 70 vulnerabilities, including one zero-day. Thankfully, none of these fall into Microsoft’s “critical” category. However, there are four Elevation of Privilege vulnerabilities targeting the Windows … [Read more...]

New Oski Stealer Variant, “Mars Stealer”, Targets Credentials, Crypto, and 2FA

February 8, 2022 By Ryan Estes

In early 2020, during the emergence of the COVID-19 pandemic, researchers discovered a novel malware named Oski Stealer, capable of stealing browser data such as cookies, history, payment information, and autofill information, as well as cryptocurrency wallets, login credentials of applications, and Authy 2FA information. It can also take screenshots of your desktop and perform … [Read more...]

Next Page »

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Most Exploited Vulnerabilities of 2021
  • The REturn of REvil?
  • 195 CISA Guidance for MSPs
  • Building Security Strategies with Matt Lee

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • WatchGuard Launches PSIRT Page
  • Building Security Strategies with Matt Lee
  • CISA Guidance for MSPs
  • The REturn of REvil?
  • Most Exploited Vulnerabilities of 2021
View All

Search

Archives

Copyright © 2022 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use