I have been investigating an incident involving two EC2 instances on AWS that were infected with ransomware, cryptocurrency miners, and other types of malware. Sounds scary, right?! Well actually, the approaches that the attackers took to get onto the hosts do not appear to be that sophisticated, and this type of attack could occur in any environment, not just in the cloud. … [Read more...]
The Problem with Hacking Back: It Might Be Your Network
The US government is considering allowing companies to “hack back” against cyber attackers. The Active Cyber Defense Certainty Act (ACDC) amends the Computer Fraud and Abuse Act to allow limited retaliatory strikes against cyber attackers. The full PDF amendment is available online. As noted in some comments in an article on the UK Register there is some skepticism about this … [Read more...]
Where in The World Is That Network Traffic Coming From?
In a past article, I explained how to auto-block hosts with a WatchGuard Firebox. Yesterday alone my logs showed over 100 IP addresses auto-blocked in one day on a Firebox used for testing purposes. The list included over 1000 blocked IP addresses. I also noticed the Firebox shows a limited number of blocked hosts so the total number of blocked hosts may be longer than what the … [Read more...]
WatchGuard’s Q2 2017 Internet Security Report
Today, we are releasing our Internet Security Report for Q2 2017. Each quarter, we analyze data from our Firebox UTM appliances deployed around the world in order to determine the latest computer and network security threats affecting small to midsize businesses (SMBs) and distributed enterprises. Additionally, in our latest report we analyze the WannaCry Ransomworm and discuss … [Read more...]
WatchGuard’s Q1 2017 Internet Security Report
Today, I am excited to announce our Internet Security Report for Q1 2017. Each quarter, we examine data from our UTM appliances around the world in order to analyze the latest computer and network security threats affecting small to midsize businesses (SMBs) and distributed enterprises. In our latest report, we evaluate the quarter’s top threats, provide an analysis of the CIA … [Read more...]
