WatchGuard Security Center

126 Episodes

Reverse

Kaseya & PrintNightmare

2021-07-12--:--

This week on the podcast we cover the Kaseya mass ransomware incident from July 7. While the event is still ongoing, we already have evidence for how the attack occurred and exactly what the threat actors did on affected endpoints. In this episode we dive in to the details around the incident and defensive tips […] Read More - Kaseya & PrintNightmare

A Market for Lemons?

2021-07-0756:31

We recorded this episode before news of the massive attack against Kasaye users broke on Friday. Suffice to say, next week’s episode will give a full debrief of the incident including how it happened, who it affected, and what all MSPs can learn from it. In the meantime, check out Corey’s post on the Kaseya […] Read More - A Market for Lemons?

Q1 2021 Internet Security Report

2021-06-29--:--

Its that time of year again! This week on the podcast, we cover the latest internet security report from the WatchGuard Threat Lab. We’ll go over the latest trends in malware and network attacks targeting WatchGaurd customer networks through the first quarter of the year, as well as defensive tips for all organizations. Read More - Q1 2021 Internet Security Report

Dark Web Bake Sale

2021-06-21--:--

This week on the podcast we discuss an often overlooked item for sale on underground forums, authentication cookies. Before that though, we’ll cover a few surprising stats from a recent ransomware study by Cybereason and an update from NATO on cyber warfare. Read More - Dark Web Bake Sale

Anom

2021-06-15--:--

This week on the podcast, we discuss operation Trojan Shield, a multi-year program where the FBI in partnership with international law enforcement agencies developed and distributed an encrypted communications application on the underground that gave them full access into criminal messages. We’ll also cover the latest news from the recent Colonial Pipeline and JBS ransomware […] Read More - Anom

Atomic Flashcards

2021-06-07--:--

This week on the podcast, we take a look at how soldiers unknowingly leaked highly-sensitive information about the United States’ foreign nuclear arsenal and discuss how we can reprogram humans to not make similar mistakes. We also cover the latest major ransomware incident targeting manufacturing and industrial control, a damning privacy admission from Google’s own […] Read More - Atomic Flashcards

An Epic Battle

2021-05-26--:--

This week on the podcast we cover an epic battle between a video game giant and a tech behemoth that has the potential to change mobile security forever. After that, we cover updates to several recent security events including the SolarWinds breach, the attempted poisoning of the Oldsmar, FL water supply, and the ransomware attack […] Read More - An Epic Battle

Oil for Ransom

2021-05-1837:29

This week on the podcast we cover the ransomware attack against Colonial Pipeline which left the east coast of the United States in fear of gas shortages for more than a week. We’ll discuss the threat actors behind it, how they possibly got in, and what the response was from Colonial and the United States […] Read More - Oil for Ransom

21 Nails

2021-05-12--:--

This week on the podcast we cover a 12 year old vulnerability in Dell’s firmware update driver impacting hundreds of millions of servers, workstations and tablets. Then, we dive in to 21 nails, a collection of vulnerabilities in the Exim Mail Transfer Agent (MTA) which has wide use across the internet. We’ll go over a […] Read More - 21 Nails

What Is Same-Origin Policy?

2021-05-03--:--

This week on the podcast, we mourn a Dan Kaminsky, a well-loved hacker responsible for identifying one of the biggest vulnerabilities in the history of the internet. Then, we continue our dive into web app security standards with a discussion on Same-Origin Policy and Cross Origin Resource Sharing (CORS) and how they help protect us […] Read More - What Is Same-Origin Policy?

Cellebrite Good Times

2021-04-28--:--

This week on the podcast, we cover Signal CEO Moxie Marlinspike’s analysis of a phone forensic analysis tool made by the grey-hat hacking organization Cellebrite. Before that though, we cover another solved mystery from the SolarWinds Orion saga. Read More - Cellebrite Good Times

On A Tuesday

2021-04-21--:--

This week on the podcast we cover a couple of major events from April’s Patch Tuesday including four new remote code execution vulnerabilities in Exchange Server and some additional developments in the saga of March’s Exchange Server exploits. Read More - On A Tuesday

Combating Disinformation with Nina Jankowicz Rewind

2021-04-14--:--

This week on the podcast, we go back to one of our favorite episodes from last year near the start of the pandemic where we sat down with security expert Nina Jankowicz to discuss what the rapid change to remote work would mean for security. Read More - Combating Disinformation with Nina Jankowicz Rewind

Q4 2020 Internet Security Report

2021-04-08--:--

Its that time of year again! This week on the podcast we dive in to the latest internet security report out of the WatchGuard Threat Lab. We’ll cover the latest trends in malware, both at the perimeter and the endpoint, as well as network attacks and malicious domains. Additionally, we’ll recap the top security incident […] Read More - Q4 2020 Internet Security Report

What Is Content Security Policy?

2021-03-30--:--

This week on the podcast we take a look at Content Security Policy, a web app security standard designed to combat Cross Site Scripting attacks against websites and web apps. Before that though, we’ll cover the latest security news including a resurgence in ransomware attacks and the long overdue death of TLS versions 1.0 and […] Read More - What Is Content Security Policy?

Defense Tips from a Pentester

2021-03-23--:--

This week on the podcast we cover key findings from the 2020 FBI Internet Crime Report and the latest reflective amplification vector for DDoS attacks. Then, we discuss a recent blog post from penetration tester Fabian Mosch that details the top weaknesses they target during their engagements. You can read more from Fabian here. Read More - Defense Tips from a Pentester

Popping Webmail Shells

2021-03-17--:--

This week on the podcast we take a deep dive into the Exchange Server vulnerabilities that Microsoft issued an emergency patch for after discovering foreign adversaries were actively exploiting the flaws in the wild. We’ll go over the vulnerabilities, how they work, and give some tips for defending against similar attacks in the future. Read More - Popping Webmail Shells

Hacked by Cosmic Rays

2021-03-09--:--

This week on the podcast we cover Gootkitand Gootloader, two oddly-named pieces of an evasive trojan that researchers have been watching evolve into a fileless threat. We also discuss the security benefits and drawbacks of Apple’s closed-door approach to security. Finally, we end with some research on what happens when a cosmic ray causes your […] Read More - Hacked by Cosmic Rays

Microsoft Says “Regulate Us”

2021-03-03--:--

This week on the podcast we cover an upcoming Chrome browser update with important behind-the-scenes changes, a 9.8/10 severity vulnerability in VMWare vCenter, and a plea from Microsoft for more breach disclosure regulation in the wake of the SolarWinds breaches. Read More - Microsoft Says “Regulate Us”

RIPE for the Taking

2021-02-24--:--

This week on the podcast, we chat about an authentication attack against one of the world’s internet address registrars, another Russian threat actor targeting a popular IT software company, and research on a credential theft trojan and its delivery methods. Read More - RIPE for the Taking

#box-pro-ellipsis-177621402267620{-webkit-line-clamp:2;}WatchGuard Security Center