Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week on the podcast, Corey Nachreiner and guest host Ryan Estes, from WatchGuard’s malware analysis team, cover the cybersecurity news for last week. We chat about AI-based site cloaking tools on the underground, how Domain Tools found potentially unwanted executables hiding in DNS TXT records, and a Chinese state-sponsored set of targeted phishing campaigns going after the Taiwanese semiconductor industry and its supply chain. Join us to learn more and discuss how we can protect ourselves from similar threats.

This week on the podcast, Corey Nachreiner and guest host Ryan Estes from WatchGuard’s malware analysis team explore WatchGuard’s recently released Q1 Internet Security Report (ISR). As always with the ISR, we highlight the top malware, network attacks, and malicious domains that our products see, but with our guest host, the author of the Endpoint section, we dive much deeper into all the threats arriving at our customers’ endpoints. Listen in for the latest threat landscape trends and some practical tips to stay safe from the most recent threats.

Cybersecurity decision-makers face a growing challenge: defending against a rising tide of threats without drowning in operational complexity. Designed for large security teams, SIEM platforms often introduce more chaos than clarity, burdening small teams with high costs, complex deployments, and overwhelming data. In this webinar, Stephen Helm and Ricardo Arroyo will discuss the core differences between SIEM and XDR (Extended Detection and Response) and explain why XDR is emerging as the smart, scalable choice for modern MSPs and lean IT security teams.

First, we look back at Microsoft’s major shift to remove endpoint protection from the Windows kernel. When we first covered it, it was a proposed change—now it's happening, and the implications are big. Next, we revisit a segment on GPT-4o and how generative AI is fueling the next wave of social engineering attacks. It's smarter, faster, and more convincing than ever. And finally, a refresher on the arrest of a Scattered Spider leader. While that made headlines, the group's activity hasn’t slowed down, they're still very much on the radar, as we discussed just last week.

Think building a SOC is out of reach? Think again. With MDR and AI working together, MSPs can now deliver 24/7 protection through what’s becoming an autonomous SOC – one that scales without increasing overhead or alert fatigue. This webinar will show how the modern SOC is already within reach, and how to start offering it. You’ll learn.

This week, we discuss a phishing technique that uses a powerful and risky Microsoft 365 configuration setting. After that, we round up everything we know about the Marks & Spencer breach from April and the lessons that all MSPs can learn from it. After that, we quickly cover a new series of vulnerabilities in a popular Bluetooth chipset that could let attackers gain full control over your headphones.

Join WatchGuard CSO Corey Nachreiner and Director of Security Operations Marc Laliberte as they discuss key findings from the WatchGuard Threat Lab’s Q1 2025 Internet Security Report. They’ll cover the latest malware and network attack trends targeting small and mid-sized enterprises and defensive tips you can take back to your organization to stay ahead of modern threat actor tactics.

This week on the podcast, we cover a recent blog post from Google's Threat Intelligence Group on a financially motivated threat actor's latest techniques for stealing data. After that, we dive into the Model Context Protocol (MPC) that organizations have been rapidly adopting to add functionality to their AI deployments and all of the security risks that it introduces. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.