At WatchGuard, we understand the importance of sharing threat intelligence with the information security (infosec) community when safe and appropriate. Not only does this information sharing help to directly defend against known threats, but it also helps the community at large learn from the attacks found in the wild, and appropriately adjust detection and defense […]
Read More - Sharing Cyclops Blink Threat Intelligence with the Community
Last week we came across ransomware with unique evasion techniques in a new variant, or possibly a copycat, of the MedusaLocker ransomware. MedusaLocker ransomware, first seen in September 2019, came with a batch file to evade detection. Batch files contain script commands running in a Command Prompt on Windows machines and have the .bat […]
Read More - MedusaLocker Ransomware Will Bypass Most Antivirus Software
Intro HTTP Strict Transport Security (HSTS) is an HTTP security mechanism that allows web sites to declare themselves as accessible only via secure connections and for users to direct user agents (UAs), or your browser, to interact with web sites only over a secure connection. A “secure connection” in this case means an SSL/TLS encrypted HTTP […]
Read More - HSTS – A Trivial Response to sslstrip
WatchGuard’s Threat Lab (previously the LiveSecurity Threat Team) is a group of threat researchers committed to discovering and studying the latest malware and Internet attacks. The Threat Lab team uses data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide analysis and practical security advice about the top threats on the Internet.