The WatchGuard Security Team spends a lot of time chasing ransomware extortion groups throughout the dark web. So, it only fits that one of the newer ransomware extortion groups is named Endurance Ransomware. It appears this "group" is one individual known as IntelBroker, who has allegedly breached…

This past week, a hacker by the name of ChinaDan allegedly breached the Shanghai National Police (SHGA) database and has put the nearly 23 TB of data up for sale for 10 bitcoin (BTC), or a little over $200k USD as of this writing. ChinaDan claims the data contains “information on 1 Billion Chinese…

The LockBit ransomware group has unveiled a new website – LockBit 3.0 – to host their ransom extortions and data leaks. The website includes several new features, including an unprecedented bug bounty program to assist the group in securing their site; acceptance of the privacy cryptocurrency, Zcash…

In early 2020, during the emergence of the COVID-19 pandemic, researchers discovered a novel malware named Oski Stealer, capable of stealing browser data such as cookies, history, payment information, and autofill information, as well as cryptocurrency wallets, login credentials of applications, and…

Log4Shell attacks have spread throughout the Internet due to the ease with which attackers can perform them. The WatchGuard Threat Lab sees a sample of these attacks from our customers’ perspectives when they opt to provide anonymized threat intelligence data from their Fireboxes. This limited data…

[Updated 13-12-2021: Additional information for WatchGuard customers] On Thursday, security researchers disclosed a critical, unauthenticated remote code execution (RCE) vulnerability in log4j2, a popular and widely used logging library for java applications. CVE-2021-44228 is a full 10.0 on the…