On March 18th, 2021, the DNSWatch Tailored Analysis Team received an email from an internal WatchGuard employee who deemed the email as suspicious. The initial email included an attachment with the title Attachment_57904. A DNSWatch Analyst performed an initial assessment of the file in search of any malicious indicators or behaviors only to discover that the file was a heavily … [Read more...]
Analyzing a Fileless Malware Loader
Thanks to WatchGuard’s Panda Adaptive Defense 360 zero-trust service, WatchGuard Threat Lab was able to identify and stop a sophisticated fileless malware loader before execution on the victim’s computer. Upon further detailed analysis by our attestation team, we identified several recent browser vulnerabilities that the malware targeted as part of its exploit chain. Malware … [Read more...]
Identifying an Existing APT Intrusion
Last month while onboarding a new customer to Panda EDR with the Orion threat hunting console, WatchGuard Threat Lab discovered an existing advanced persistent threat (APT) on the organization’s network. WatchGuard Threat Lab investigated the incident and were able to identify much of the threat actor’s tools, techniques and procedures including several indicators of compromise … [Read more...]
Catching a Rookie Mistake in a Facebook Phish
WatchGuard’s DNS-level protection and filtering service, DNSWatch, receives and processes numerous phishes every day. Many of these phishing attempts are monotonous and lack any unique qualities. However, periodically, the DNSWatch Tailored Analysis team triages a phishing attempt that stands out more than others. This short post will show a real-world phish that DNSWatch … [Read more...]
New Research Reveals Sexist Tendencies in Facial Recognition Tech
Recently Amazon, Microsoft, and others have taken a step back to review the use of their own face recognition software. Some users of this technology may use only face recognition to identify a person. This idea that you only need the face recognition software to identify a person doesn’t allow for errors in the programming and we all know that programs have errors. Understand … [Read more...]