On February 2nd, remote access software vendor AnyDesk disclosed they had been the victim of a cyberattack where an unknown threat actor obtained access to production systems. AnyDesk appears to have contained the incident before the adversaries were able to leverage their access into a supply chain…
A few days ago, I was scrolling through Twitter and came across a post by the MalwareHunterTeam briefly discussing a new Ransomware group - Rhysida. A lack of results from a Google search shows this is a newer group prepping to start operations. I grabbed a sample and downloaded it, and the…
This post arrives later than usual, but as they say, "Better late than never." Researchers and the media have highlighted various unique, interesting, or destructive vulnerabilities in the last few weeks. We decided to pick three of these vulnerabilities and talk about them. One was patched with…
Welcome to another iteration of Cybersecurity News. The fairly new and unorthodox, semi-monthly news article that highlights a handful of noteworthy cybersecurity-related stories and provides extra references and resources to do further research if you desire. We aim to solidify a more concrete…
Shortly after Putin launched his "special military operation" in Ukraine on February 24 th, 2022, researchers from ESET published information about two novel destructive malware families – HermeticWiper and ISAACWiper. HermeticWiper was part of a three-pronged campaign that included a worm and…
Sifting through the most recent cybersecurity-related news may seem daunting, and keeping up with the latest developments is arduous. However, the WatchGuard Threat Lab is happy to filter through the latest cybersecurity news and highlight some stories we believe are important, noteworthy, or…
In a sudden, stunning announcement today, the United States Department of Justice, the FBI, and federal agencies from 13 countries from Europol, announced the seizure of the transnational Hive ransomware operation. The seizure was part of a months-long operation that began in late July 2022 when the…
Regarding malware, breaches, and the overall threat landscape, 2023 is off to a dynamic start. Malvertising (malicious advertising) continues to be a successful attack vector for hackers, especially from sponsored ads via Google searches. Jon DiMaggio released his long-awaited Ransomware Diary…
The WatchGuard Security Team spends a lot of time chasing ransomware extortion groups throughout the dark web. So, it only fits that one of the newer ransomware extortion groups is named Endurance Ransomware. It appears this "group" is one individual known as IntelBroker, who has allegedly breached…