Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

WatchGuard

The CUPS Vulnerability- The 443 Podcast - Episode 308

This week on the podcast, we cover the "9.9/10 severity vulnerability affecting most Linux systems" that a researcher disclosed last week and what it means for Linux systems administrators. We then discuss a research post into Kia's remote control systems that allowed one researcher to compromise any Kia in the last decade by just knowing their license plate number. We end with a new act that was just introduced into the US Senate with a goal to secure the healthcare industry.

Living-off-the-land Attacks: The Challenge and WatchGuard Advanced EPDR

In cybersecurity, "Living-off-the-land" (LotL) attacks have become increasingly difficult to detect. These attacks exploit legitimate system tools like PowerShell, WMI, or Office macros instead of relying on external malware, allowing attackers to move stealthily within a network. Traditional security measures struggle to identify these attacks, as they use trusted, digitally signed tools. LotL attacks appeal to cybercriminals because they evade detection and reduce the risk of being traced.

The 443 Podcast - Episode 307 -How To Deanonymize the TOR Network

This week on the podcast, we discuss how German law enforcement managed to deanonymize and arrest users on the TOR network. After that, we discuss why the US government is trying to ban Chinese-manufactured car hardware. We then end with a cool research article on chaining open redirect and iframe issues into a 1-click vulnerability that grants attackers access to arbitrary Google Docs files. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

Zero Trust Models Against Emerging Threats

Cybercriminals have become more sophisticated than ever and have access to many tools to carry out their attacks. It's important to understand that cybersecurity is not a one-and-done task, but rather an ongoing process that requires constant assessment and improvement. This is why the cybersecurity industry is evolving rapidly, embracing new protection methods that integrate AI-powered technologies and services to automatically detect threats and stay one step ahead of advanced attacks.

The 443 Podcast - Episode 306 -Kicking EDR Out of the Kernel

This week on the podcast, we discuss Microsoft's recent Windows Endpoint Security Ecosystem Summit and what it means for the future of endpoint security on the Windows platform. After that, we cover a research post on a malware campaign using Google Sheets as a command and control channel before ending with a chat about the US federal government's push to classify cybersecurity as a national service role.

Understanding the Differences Between DORA and NIS 2

Two significant pieces of European legislation stand out as cybersecurity regulations evolve: the Digital Operational Resilience Act (DORA) and the NIS 2 Directive. Both aim to enhance cybersecurity but target different sectors and have distinct objectives and requirements.

Advanced Access Control with Network Access Enforcement

Learn how to enhance your network security with WatchGuard's powerful Network Access Enforcement feature. Discover how to restrict access to your network based on device health and compliance, as well as protect against unauthorized connections and malicious threats. Improve overall network performance and security with Advanced Access Control with Network Access Enforcement.

Zero Trust + AI: fewer alerts, guaranteed security

Excessive cybersecurity alerts are not a trivial matter; they pose a real challenge that directly impacts business security strategies. Too many notifications generate stress on IT teams, which are increasingly being reduced in size while facing a heavier burden of tasks. This situation can lead to urgent alerts being overlooked, putting system security at risk.

The White House Tackles BGP Security | The 443 Podcast

This week on the podcast, Corey Nachreiner and Marc Laliberte discuss guidance published by the US White House Office of the National Cyber Director that lays out a roadmap for addressing key security concerns in the BGP routing protocol. Before that, Corey and Marc cover a security research post from Jfrog detailing a new python package hijacking method under active exploitation as well as an analysis of the Microsoft Windows Wi-Fi driver remote code execution vulnerability patched last June.