Recently, some individuals received emails that used Brexit to trick them into opening malicious office document attachments. The document’s authors must have been watching the news carefully because the file’s name was Brexit 15.11.2018.docx and the emails came around the same time as the release of the Brexit plan. Looking at the Document, we see the author of the document is … [Read more...]
WatchGuard’s Q1 2018 Internet Security Report
Today, we’re pleased to announce the release of WatchGuard’s Internet Security Report for Q1 2018! Every quarter, WatchGuard’s Threat Lab looks forward to diving into Firebox Feed data from tens of thousands of live Firebox appliances across the globe to produce a report on the latest security threats cybercriminals are using against small to midsize businesses (SMBs) and … [Read more...]
WatchGuard’s Q4 2017 Internet Security Report Released; Malicious Office Document Usage on the Rise
Today, WatchGuard Technologies released its quarterly Internet Security Report covering Q4 2017. Every quarter we examine anonymized data from our Firebox UTM appliances all across the world and report on the most common malware variants and network attacks that our appliances block. This gives valuable real-world information on the most common network and computer threats … [Read more...]
WatchGuard’s Q3 2017 Internet Security Report
Today, we’re pleased to announce the release of WatchGuard’s Internet Security Report for Q3 2017! Every quarter, WatchGuard’s Threat Lab looks forward to diving into Firebox Feed data from tens of thousands of live Firebox appliances across the globe to produce a report on the latest security threats cybercriminals are using against small to midsize businesses (SMBs) and … [Read more...]
Indicators of RDP Brute Force Attacks
I have been investigating an incident involving two EC2 instances on AWS that were infected with ransomware, cryptocurrency miners, and other types of malware. Sounds scary, right?! Well actually, the approaches that the attackers took to get onto the hosts do not appear to be that sophisticated, and this type of attack could occur in any environment, not just in the cloud. … [Read more...]
