Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Endpoint Security

Introducing the LimaCharlie Query Language (LCSQL) BETA

This is an early introduction to the LimaCharlie Query Language (LCQL): a SQL-like language designed to allow users to quick and easily leverage historical telemetry and search across their entire fleet. It is an exciting new capability that enables a whole new class of use cases.

The 443 Episode 227 - CISA Warns of Weaponized RMM Software

On today's episode, we cover a recent Department of Justice operation that resulted in taking down a major ransomware organization. After that, we cover two recent publications from CISA, the first on malicious use of legitimate RRM software and the second giving guidance to K-12 on how to address cybersecurity concerns. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

The Simply Cyber Report: January 30, 2023

Microsoft has started blocking the execution of XLL add-ins downloaded from the Internet. The hacking group DragonSpark is leveraging Golang source code interpretation to evade detection. Threat actors are turning to Sliver to replace more popular frameworks Cobalt Strike and Metasploit. Over 4,500 WordPress sites have been hacked and Emote malware makes a comeback.

Data protection: stricter rules call for an advanced security posture

Data privacy is still unfinished business for many companies. With data privacy laws expanding and tightening globally, compliance has become a complicated process that affects all areas of an organization. Gartner predicts that by 2024, 75% of the world's population will have their data covered by some privacy regulation.

The 443 Episode 226 - Report Roundup

This week on the podcast, we cover key findings from three individual reports published last week. In the first report we'll dive into the world of blockchain analysis looking for illicit transactions. In the second report, we'll cover the state of SMB security. The final report includes a discussion of overall financial crime involving stolen payment card information. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

Distributed and remote operations: key concepts for unified security

The concept of the network perimeter has expanded dramatically in recent years. Many modern organizations operate in a distributed model, with branch locations and endpoints deployed outside of a physical office. But anything connecting to the corporate network is a potential vector for attackers, who can make their way into the network core (and potentially gain access to an organization’s “crown jewels”) by first compromising a branch office or an endpoint.


Watering hole attacks vs. advanced endpoint protection

In a watering hole attack, threat actors usually have to follow a series of steps. First, they need to research the target and make sure they know the type of website the potential victim frequents. Then, they attempt to infect it with malicious code so that when the victim visits it, the website exploits a vulnerability in the browser or convinces them to download a file that compromises the user device.


The Limitations of Endpoint Detection and Response (EDR)

Every IT environment – whether it’s on-prem or in the cloud, and regardless of how it’s designed or what runs in it – is made up of endpoints. That’s why Endpoint Detection and Response, or EDR, has typically been one of the pillars of cybersecurity. EDR helps businesses monitor each of their endpoints for security risks so that they can detect problems before they escalate to other endpoints.

Webinar: Top Security Threats Worldwide: Q3 2022 - 17 January 2023

Join WatchGuard CSO Corey Nachreiner and Director of Security Operations Marc Laliberte as they discuss key findings from the WatchGuard Threat Lab’s 2022 Q3 Internet Security Report. They’ll cover the latest malware and network attack trends targeting small and midsized enterprises and defensive tips you can take back to your organization to stay ahead of modern threat actor tactics.

The 443 Episode 225 - The RCE Vulnerability That Wasn't

This week on the podcast we cover a recently-disclosed vulnerability in the popular JavaScript library JsonWebToken. After that, we give an update to weaponizing ChatGPT, the currently free Artificial Intelligence chat bot that has made waves since it's release in November. We round out the episode with a wave farewell to Windows 7 and Windows 8.1 and what the end of extended support means for businesses.