The PRWIRE Press Releases https:// 2019-04-10T00:27:25Z The WatchGuard Cloud Platform Answers MSPs’ Demand for Simplified, Scalable Security Deployments, Management and Reporting 2019-04-10T00:27:25Z the-watchguard-cloud-platform-answers-msps-demand-for-simplified-scalable-security-deployments-management-and-reporting SEATTLE – April 9, 2019 – WatchGuard® Technologies, a global leader in network security and intelligence, secure Wi-Fi and multi-factor authentication, today unveiled the WatchGuard Cloud platform (https://www.watchguard.com/wgrd-partners/cloud-platform), which centralises security management and reporting from a single cloud-based interface. Built from the ground up to support and enable managed service providers (MSPs), WatchGuard Cloud reduces infrastructure costs, accelerates customer acquisition, and minimises time spent on reporting and operational tasks. “MSPs need a modern, cloud-hosted security solution that’s capable of providing powerful security insights, unlimited scalability and easy deployment processes,” said Andrew Young, SVP of product management at WatchGuard. “WatchGuard’s mission is to make cyber security simple, and this applies not just to end users, but also to the partners who deploy, configure, and manage our products and services. Simplicity is in our DNA, so we are extending that to our partners with the launch of WatchGuard Cloud.” The WatchGuard Cloud platform is the management platform of the future for MSPs because it simplifies how they protect their customers while enabling rapid, efficient and profitable growth. It delivers true multi-tier, multi-tenant capabilities, scaling automatically to allow MSPs to create and manage an unlimited number of customer accounts, deploy new WatchGuard appliances, manage and deploy WatchGuard applications, and gain valuable insights into a customer’s network. Key Features of the WatchGuard Cloud platform include: Limitless Account Management – WatchGuard Cloud is built on a multi-tier, multi-tenant architecture, allowing service providers to create and onboard any number and type of customer accounts, while ensuring separation of data between tenants and role-based access to information. Scalable Performance – The platform responds immediately and automatically to changing compute and storage requirements, allowing the platform to maintain high performance, running reports in seconds across terabytes of data while providing summarised insights. Inventory Allocation & Account Delegation – WatchGuard Cloud’s powerful inventory management features let service providers view and track licensing across all customers. They can also allocate and deallocate services to those customers on terms that fit their service models. Additionally, WatchGuard Cloud provides tenants with the ability to delegate access to another tenant, including control over duration and permissions. Automated Alerts & Notifications – As a centralised management interface, the WatchGuard Cloud platform allows users to quickly and easily configure alerts and notifications across all security applications, including visibility of Firebox UTM and AuthPoint multi-factor authentication events. MSSPs can access notifications on anything from customer licenses, usage or expirations to security and performance updates. Flexible Data Retention – WatchGuard Cloud offers a variety of data retention options — including 30 days with the WatchGuard Total Security Suite — removing the need to configure, deploy, maintain and scale servers and appliances for logging and reporting. Zero Infrastructure Requirements – As a cloud-hosted service, the platform has no hardware requirements for service providers to deploy, resulting in reduced cost and time spent deploying and maintaining servers either locally or in datacenters. Powerful Visibility and Reporting – Building upon the award-winning Dimension solution, WatchGuard Cloud comes equipped with more than 100 dashboards and reports that identify key network security threats, issues and trends, while accelerating users’ ability to set and enforce meaningful security policies. Platform and Data Security – Security of the centrally managed, cloud-hosted platform itself is a top priority for WatchGuard. Not only are user logins protected by advanced multi-factor authentication, but WatchGuard Cloud offers built-in security for data in transit, and at rest, which enables users to implement role-based access control and supports the logical separation of data between tenants, as well as partitions between subscriber accounts. “WatchGuard Cloud’s easy deployment, granular insight and cost-effectiveness has been a game-changer for our business,” said Carl Mazzanti, president of eMazzanti Technologies. “In the retail industry, delays, downtime and breaches can be impossible to come back from. Our customers have unrivalled peace of mind knowing that through the intuitive WatchGuard Cloud interface we can spin up new stores that are highly secure and compliant, manage and monitor each location from anywhere, and always access in-depth insight into performance and security anomalies in real time.” The WatchGuard Cloud platform provides centralised management of security applications and strengthens MSPs’ ability to easily deliver differentiated, profitable services to their customers. For more information about the platform and how to get started today, visit: https://www.watchguard.com/wgrd-partners/cloud-platform Additional Resources Partner Brief: WatchGuard Cloud: https://p.widencdn.net/b73uox/Partner_Brief_WGClou Tech Brief: WatchGuard Cloud: https://www.watchguard.com/wgrd-resource-center/tech-brief/watchguard-cloud-en MSSP Brochure: https://www.watchguard.com/wgrd-resource-center/docs/watchguard-mssps-en About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. WatchGuard’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard, on Facebook <https://www.facebook.com/watchguardtechnologies, or on the LinkedIn Company page: http://www.linkedin.com/company/watchguard-technologies. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org ### WatchGuard Finds Attacks Targeting Leading Web Conference Solution Exploding in Popularity in Q4 2018 2019-03-21T18:29:43Z watchguard-finds-attacks-targeting-leading-web-conference-solution-exploding-in-popularity-in-q4-2018 SEATTLE, WASH – March 21, 2019 – WatchGuard® Technologies, a leader in advanced network security solutions, today issued its quarterly Internet Security Report for Q4 2018. It found that network attacks targeting a vulnerability in the Cisco Webex Chrome extension increased in popularity dramatically, rising to be the second-most common network attack after being almost non-existent in early 2018. Phishing campaigns showed a dangerous increase in sophistication in Q4, with new attacks utilising advanced methods such as threatening to release recordings of users visiting adult content online, customising emails for specific targets and creating fake banking login web pages. Based on data from tens of thousands of active WatchGuard Firebox appliances around the world, the complete report examines the top malware and network attacks targeting mid-market businesses and distributed enterprises today. “There was a noticeable increase in advanced phishing attacks targeting high-value information this quarter,” said Corey Nachreiner, CTO at WatchGuard Technologies. “Now more than ever, it’s vital for businesses to take the layered approach to security, and deploy solutions like WatchGuard’s DNSWatch that offer DNS-level filtering designed to detect and block potentially dangerous connections and automatically refer employees to resources that bolster phishing awareness and prevention. A combination of security controls and human training will help businesses avoid becoming hooked by phishing attacks.” The insights, research and security best practices included in WatchGuard’s quarterly Internet Security Report help organisations of all sizes understand the current cyber security landscape and better protect themselves, their partners and customers from emerging security threats. The top takeaways from the Q4 2018 report include: New network attack targets Cisco Webex Chrome extension – A new network attack targeting a remote code execution vulnerability in the Chrome extension for Cisco Webex exploded in popularity last quarter. This vulnerability was disclosed and patched in 2017, but WatchGuard detected almost no network attacks targeting it until now. Detections grew by 7,016 percent from Q3 to Q4. This spike shows just how important it is to install security patches as soon as they are available. New customised “sextortion” phishing campaign on the rise – A new “sextortion” phishing attack was the second-most common attack that our malware engines detected in Q4 2018, mainly targeting APAC. It accounts for almost half of all of the unique malware hashes detected in Q4 because the email phishing message is tailored to each recipient. The message claims the sender has infected the victim’s computer with a trojan and recorded them visiting adult websites. It threatens to send these compromising images to their email contacts unless they pay a ransom. WatchGuard saw a significant amount of this malware in Q4 and all users should be on the lookout for these fake emails. 16.5 percent of all Fireboxes were targeted by CoinHive cryptominer – The most widespread malware variant in Q4 came from the popular CoinHive cryptominer family, showing that cryptomining remains a popular attack type. Two of the top ten most common pieces of malware detected in Q4 were also cryptominers, carrying over from past quarters. A major phishing attack leverages a fake bank page – Another widespread piece of malware in Q4 sent a phishing email with a fake, but highly realistic Wells Fargo login page to capture victim emails and passwords. Overall, WatchGuard saw a rise in sophisticated phishing attacks targeting banking credentials in Q4. One ISP’s filtering error routed Google traffic through Russia and China for 74 minutes – The report includes a technical analysis of a Border Gateway Protocol (BGP) hijack in November 2018 that inadvertently sent most of Google’s traffic through Russia and China for a short time. WatchGuard found that a Nigerian ISP called MainOne made a mistake in their routing filters, which then spread to Russian and Chinese ISPs and caused much of Google’s traffic to be routed through these ISPs unnecessarily. This accidental hijack highlights how insecure many of the underlying standards that the internet is based on are. A sophisticated attack targeting these flaws could have potentially catastrophic consequences. Network attacks rise after historic lows in mid-2018 – Network attacks rose 46 percent by volume and 167 percent in terms of unique signature hits in Q4 compared to Q3. This follows a trend seen in previous years with attacks ramping up during the holiday season. The Q4 ISR also includes a granular analysis of source code for the Exobot banking trojan. This highly sophisticated malware attempts to steal banking and financial information from Android devices. The WatchGuard Threat Lab’s analysis includes a list of the 150 sites such as Amazon, Facebook Paypal and Western Union that Exobot can automatically target, as well as a detailed look at the UI an attacker using Exobot would use to push commands to infected devices. These finding are based on anonymised Firebox Feed data from over 42,000 active WatchGuard UTM appliances worldwide. In total, these Fireboxes blocked over 16 million malware variants (382 per device) and approximately 1,244,000 network attacks (29 per device) in Q4 2018. For more information, download the full report here: https://www.watchguard.com/wgrd-resource-center/security-report-q4-2018 To access live, real-time threat insights by type, region and date, visit WatchGuard’s Threat Landscape data visualization tool (https://www.secplicity.org/threat-landscape/) today. Subscribe to The 443 – Security Simplified podcast at www.secplicity.orgwherever you find your favourite podcasts. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. WatchGuard’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit: www.watchguard.com For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook (https://www.facebook.com/watchguardtechnologies) or on the Linkedin Company (https://www.linkedin.com/company/watchguard-technologies) page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. WatchGuard Expands Secure Wi-Fi Portfolio with 802.11ac Wave 2 Access Point for Midsize Enterprises 2019-03-06T00:46:58Z watchguard-expands-secure-wi-fi-portfolio-with-802-11ac-wave-2-access-point-for-midsize-enterprises SEATTLE – March 5, 2019 – WatchGuard® Technologies, a global leader in network security, secure Wi-Fi and network intelligence, today unveiled a new secure, 802.11ac Wave 2 access point (AP), the latest in its family of secure Wi-Fi products. The AP125offers major performance improvements over Wave 1 APs, giving midmarket and distributed enterprise organisations secure, enterprise-grade wireless network performance without the high cost associated with most Wave 2 APs. When APs are managed with WatchGuard Wi-Fi Cloud, businesses gain access to the industry’s most sophisticated and reliable Wireless Intrusion Prevention System (WIPS) technology. It also offers a powerful location-based analytics engine equipped with customisable reports for automated inbox delivery, guest engagement tools with social authentication, intelligent network visibility and troubleshooting, and a highly-scalable cloud-based management system. “Simply put, Wave 1 APs can’t provide the level of security, network resource distribution or scalability and management that organisations need today, and most competing Wave 2 APs can’t automatically detect and prevent the six known Wi-Fi threat categories,” said Ryan Orsi, director of product management for Wi-Fi at WatchGuard. “This is extremely problematic for low-traffic environments like restaurants, medical offices, small K-12 schools that still require secure, high-performing Wi-Fi access to function. Our new indoor AP is designed specifically to meet these needs, offering industry-leading security through our patented WIPS technology, performance and scalability that can’t be beat, all at a price that’s accessible for organisations of any size.” “When customers ask for Wi-Fi, they want to make an investment into a future-proof infrastructure with the best technology available,” said Jean-Pierre Schwickerath, head of IT, HILOTEC AG. “With the 2x2 Wave 2 AP125, we found the perfect match for these SMB requirements: it has a small footprint, a most attractive price, and easy installation, configuration and management of the whole network out of WatchGuard’s Wi-Fi Cloud. With this powerful little beast, we can deliver and guarantee a high quality Wi-Fi network, protected by WIPS, which will make the customer happy for many years to come.” AP125 Product Details: Designed for lower client density environments and equipped with 2x2 802.11ac Wave 2 Multi-User MIMO (MU-MIMO), the AP125 can now stream data to multiple devices simultaneously utilising the network more effectively. Outfitted with dual concurrent 5 GHz and 2.4 GHz band radios supporting 802.11a/n/ac Wave 2, 802.11b/g/n, 2 spatial streams, and data rates of up to 867 Mbps and 300 Mbps, respectively. The AP125 can be managed using the Firebox Gateway Wireless Controller or via WatchGuard Wi-Fi Cloud. AP125 and Trusted Wireless Environments: WatchGuard is proud to deliver secure Wi-Fi products that organisations can use to build Trusted Wireless Environments. In doing so, companies can rest assured that they are protected by verified, comprehensive security that automatically detects and prevents the six known Wi-Fi threat categories, while enjoying the benefits of Wi-Fi networks with market-leading performance and scalable management. What’s more, WatchGuard’s secure Wi-Fi products are compatible with most other Wi-Fi solutions, so companies can leverage them to deploy a WIPS overlay without ripping out and replacing every existing AP in their network. For more information about how managing the AP125 as a dedicated WIPS sensor, and how to build a Trusted Wireless Environment, click here: https://www.watchguard.com/wgrd-solutions/security-topics/trusted-wireless-environment To join the Trusted Wireless Environment movement and advocate for a global security standard for Wi-Fi, click here: https://www.watchguard.com/wgrd-solutions/join-the-movement. Additional Wi-Fi Cloud Features: Unlock the rest of the power of the Wi-Fi Cloud and gain easy-to-customise, engaging captive portals with authentication options including Facebook, Twitter, SMS, email, and a powerful location-based analytics engine equipped with customisable reports for automated delivery to your inbox. With intelligent network visibility and troubleshooting features, IT professionals can now have the answer to one of their most challenging and frequently-asked questions: “Why is the Wi-Fi not working?” Availability: The AP125 is available for purchase now through WatchGuard channel partners and resellers. List pricing for the AP125 ranges between $340 and $690 USD, based on the Wi-Fi package and number of years selected. Additional Resources: eBook: A Field Guide to Secure Wi-Fi: https://www.watchguard.com/wgrd-resource-center/field-guide-to-secure-wifi eBook: Wi-Fi Buyer’s Guide for the Small Business: https://www.watchguard.com/wgrd-resource-center/ebook/secure-wi-fi-buyers-guide-en Wi-Fi Cloud: Feature Videos: https://www.watchguard.com/wgrd-products/secure-wifi/wifi-cloud-management Wi-Fi Brochure: WatchGuard Secure Wi-Fi Offerings: https://www.watchguard.com/wgrd-resource-center/docs/watchguard-secure-cloud-wi-fi-en Online Wi-Fi Cloud Demo: Take it For a Test Drive: http://watchguard.com/wifidemo Trusted Wireless Environment: Don’t Let Wi-Fi Be Your Biggest Security Gap: https://www.watchguard.com/wgrd-solutions/security-topics/trusted-wireless-environment About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, and network intelligence products and services to more than 80,000 customers worldwide. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit: https://www.watchguard.com For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard, on Facebook: https://www.facebook.com/watchguardtechnologies, or on the LinkedIn Company page: http://www.linkedin.com/company/watchguard-technologies, Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at: http://www.secplicity.org/ Mac Malware Appears on the WatchGuard ‘Top Ten Malware List’ for First Time 2018-12-13T09:23:16Z mac-malware-appears-on-the-watchguard-top-ten-malware-list-for-first-time SYDNEY – December 12, 2018 – WatchGuard® Technologies, a leader in advanced network security solutions, today issued its quarterly Internet Security Report for Q3 2018: https://www.watchguard.com/wgrd-resource-center/security-report-q3-2018> . For the first time ever, Mac-based malware appeared on WatchGuard’s list of the top ten most common types of malware. The report also found that 6.8 percent of the world’s top 100,000 websites still accept old, insecure versions of the SSL encryption protocol. Also, WatchGuard saw more malware hits in the Asia Pacific region than in any other geographical region, indicating a significant increase in malware targeting that region throughout 2018. This report is based on data from tens of thousands of active WatchGuard Firebox appliances around the world and covers the major malware campaigns, network attacks and security threats targeting midmarket businesses and distributed enterprises today. “Outside of a few surprising finds, like Mac scareware in our top ten malware list, we saw attackers stick to what they know in Q3 by reusing and modifying old attacks like cross-site scripting, Mimikatz and cryptominers. It’s a good reminder that the vast majority of attacks aren’t ultra-advanced zero days and can be prevented by using a layered security approach with advanced malware detection capabilities and investing in secure Wi-Fi and MFA solutions,” said Corey Nachreiner, CTO at WatchGuard Technologies. “However, we are quite concerned at how many major websites are still using the insecure SSL protocol. This is a basic security best practices that should be implemented across 99.9 percent of the internet by now – it puts hundreds of thousands of users at risk.” The insights, research and security best practices included in WatchGuard’s quarterly Internet Security Report help organisations of all sizes understand the current cyber security landscape and better protect themselves, their partners and customers from emerging security threats. The top takeaways from the Q3 2018 report include: - 6.8 percent of the top 100,000 websites still support old, insecure versions of the SSL protocol. Despite it being deprecated by the Internet Engineering Task Force (SSL 2.0 was deprecated in 2011 and SSL 3.0 in 2015), 5,383 websites in the top 100,000 via Alexa still accept SSL 2.0 and SSL 3.0 encryption. Also, 20.9 percent of the top 100,000 websites still do not use web encryption at all. - Mac malware cracks the top ten for the first time ever. A piece of Mac scareware appeared in sixth place in WatchGuard’s top ten malware list. It is primarily delivered by email and tries to trick victims into installing fake cleaning software. - Hackers target APAC. For the second time ever, APAC reported more total malware hits than EMEA or the USA. Top variants included Razy, which targeted APAC almost exclusively, Win32/Heur and MAC.OSX.AMCleanerCA. - Cryptominers remain popular. Razy, the second most common piece of malware detected by WatchGuard, evolved into a cryptominer in Q3 and made up 4 percent of all malware blocked by WatchGuard antivirus service worldwide. - Mimikatz remains the most popular malware in Q3. This popular password theft kit has dominated WatchGuard’s top ten malware list for multiple quarters and shows no sign of slowing down. - Attackers go after web applications with cross-site scripting. Cross-site scripting accounted for 39.3 percent of the top ten exploits in Q3, primarily targeting web applications. The complete Q3 ISR also includes an analysis of the Facebook “View As” data breach. It explains how chaining vulnerabilities together allowed hackers to steal personal information from 50 million Facebook accounts, as well as best practices for security professionals based on the malware and network attack trends explained in this report. s These finding are based on anonymised Firebox Feed data from over 40,000 active WatchGuard UTM appliances worldwide, a substantial increase from the number of Fireboxes reporting in last year. In total, these Fireboxes blocked almost 18 million malware variants (445 per device) and approximately 850,000 network attacks (21 per device) in Q3 2018. For more information, download the full report here: https://www.watchguard.com/wgrd-resource-center/security-report-q3-2018> . To access live, real-time threat insights by type, region and date, visit WatchGuard’s Threat Landscape data visualiation tool today: https://www.secplicity.org/threat-landscape/. Subscribe to The 443 – Security Simplified podcast (https://www.secplicity.org/category/the-443/) at Secplicity.org (http://www.secplicity.org/), or wherever you find your favorite podcasts. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. WatchGuard’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. ## WatchGuard Technologies Expands SD-WAN Capabilities to Its Unified Security Platform 2018-12-06T07:58:42Z watchguard-technologies-expands-sd-wan-capabilities-to-its-unified-security-platform SEATTLE – December 5, 2018 – WatchGuard Technologies, a leader in advanced network security solutions, today announced version 12.3 of its Fireware® operating system for its Firebox® Unified Security Platform™ appliances. Key to this update are added dynamic path selection capabilities that allow organisations to optimise WAN resources across complex, distributed networks while securing branch locations with a UTM platform focused on defense in depth. SD-WAN implementations are zero-touch, made easy with RapidDeploy, WatchGuard’s centralised deployment solution. Businesses and Managed Service Providers (MSPs) can utilise this new SD-WAN functionality to seamlessly upgrade site-based security, improve network efficiency, reduce Internet service costs and unify critical network and security management processes within a single platform. According to IDC, the SD-WAN market will grow at more than a 40 percent compound annual growth rate until it hits US $4.5B in 2022. As bandwidth requirements and Internet costs continue to grow, businesses naturally want to manage budgets by reducing their reliance on the most expensive connection types. At the same time, organisations need to elevate employee productivity and efficiency with fast, direct access to Cloud applications, and with network performance that supports high quality VoIP and video utilisation. As a result, businesses are turning to hybrid-WAN architectures and SD-WAN technology to help measure and send traffic throughout numerous WAN connections, allowing for the continued optimisation of cost and performance, especially across distributed enterprises. WatchGuard recognises the need to not only protect branch locations from threats, but to allow organisations to optimise WAN resources with SD-WAN functionality. Capabilities like multi-WAN and policy-based routing, RapidDeploy, and traffic management by application have been available in Firebox appliances for years. With RapidDeploy, organisations can select policies and configurations upfront, so that operationalizing a new SD-WAN deployment at scale is as easy as powering on and connecting each Firebox to the Internet. Now, every active Firebox appliance running Fireware 12.3 can also utilise dynamic path selection to measure the performance of each WAN connection and select the best path for each traffic type based on those pre-configured policies. “WatchGuard already offers the industry’s most comprehensive suite of layered security services, delivered through an intuitive, unified platform for easy deployment and management. With Fireware 12.3, we’re now taking the complexity out of SD-WAN implementations too, and bringing even more value to our partners and customers,” said Brendan Patterson, vice president of product management at WatchGuard. “As businesses look to leverage SD-WAN technology to reduce OPEX and support better user experiences on the network, and as the threat actors continue to leverage advanced cyber attacks, these new capabilities offer the best of both worlds by driving down the cost and complexity of SD-WAN deployments, while protecting branch sites with industry-leading security.” “Companies of all sizes are increasingly demanding SD-WAN services as a way to reduce costs and improve network performance, so we couldn’t be more excited about WatchGuard’s new SD-WAN capabilities,” said Kevin Willette, CEO of Verus Corporation. “One of WatchGuard’s greatest strengths is its ability to simplify complex technology offerings and deliver them in way that’s easy for us to deploy, manage and scale on behalf of our customers. By combining SD-WAN functionality with its suite of comprehensive security services – and continuing to enable rapid, zero-touch deployments – WatchGuard is again helping us build our business by addressing more of our customers’ needs, without adding cost or complexity.” Along with SD-WAN capabilities, Fireware version 12.3 also includes: A new Professional Services Automation (PSA) integration with Tigerpaw that allows MSPs to better manage their business with actionable data and intelligence. New geo-location policy actions, which can enable less restrictive rules for policies such as DNS and Mail. Faster recovery of systems with auto-restore of back-ups from USB connected storage, giving organisations more comprehensive options to restore systems in the event of a failure. IPv6 Single Sign On updates, which allow companies to see user names rather than IP addresses in their WatchGuard Dimension reports. To learn more about WatchGuard’s new SD-WAN capabilities and the latest feature updates in Fireware 12.3, please visit: https://www.watchguard.com/wgrd-resource-center/sdwan-just-turn-it-on About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcast at Secplicity.org, or wherever you find your favorite podcasts. Vaporworms, Global Internet Disruption and Rogue AI Chatbots: WatchGuard Issues Security Predictions for 2019 2018-11-15T22:27:09Z vaporworms-global-internet-disruption-and-rogue-ai-chatbots-watchguard-issues-security-predictions-for-2019 Sydney – 16 November 2018 – WatchGuard Technologies, a leader in advanced network security solutions, today issued a series of information security industry predictions for 2019. They include the emergence of “vaporworms,” a new breed of fileless malware with wormlike properties that allow it to self-propagate through vulnerable systems, a takedown of the internet itself and ransomware targeting utilities and industrial control systems. WatchGuard’s Threat Lab research team developed these predictions based on an analysis of major security and threat trends over the past year. “Cyber criminals are continuing to reshape the threat landscape as they update their tactics and escalate their attacks against businesses, governments, and even the infrastructure of the internet itself,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies. “The Threat Lab’s 2019 predictions span from highly likely to audacious, but consistent across all eight is that there’s hope for preventing them. Organisations of all sizes need to look ahead at what new threats might be around the corner, prepare for evolving attacks and ensure they’re equipped with layered security defenses to meet them head-on." The WatchGuard Threat Lab’s 2019 Security Predictions are: 1. “Vaporworms” or Fileless Malware Worms Will Emerge. Fileless malware strains will exhibit wormlike properties in 2019, allowing them to self-propagate by exploiting software vulnerabilities. Fileless malware is more difficult for traditional endpoint detection to identify and block because it runs entirely in memory, without ever dropping a file onto the infected system. Combine that trend with the number of systems running unpatched software vulnerable to certain exploits, and 2019 will be the year of the vaporworm. 2. Attackers Hold the Internet Hostage. A hacktivist collective or nation-state will launch a coordinated attack against the infrastructure of the internet in 2019. The protocol that controls the internet (BGP) operates largely on the honour system, and a 2016 DDoS attack against hosting provider Dyn showed that a single attack against a hosting provider or registrar could take down major websites. The bottom line? The internet itself is ripe for the taking by someone with the resources to DDoS multiple critical points underpinning the internet or abuse the underlying protocols themselves. 3. Escalations in State-level Cyber Attacks Force a UN Cyber Security Treaty. The UN will more forcefully tackle the issue of state-sponsored cyber attacks by enacting a multinational Cyber Security Treaty in 2019. 4. AI-Driven Chatbots Go Rogue. In 2019, cyber criminals and black hat hackers will create malicious chatbots on legitimate sites to socially engineer unknowing victims into clicking malicious links, downloading files containing malware, or sharing private information. 5. A Major Biometric Hack Will be the Beginning of the End for Single-Factor Authentication. As biometric logins like Apple’s FaceID become more common, hackers will take advantage of the false sense of security they encourage and crack a biometric-only login method at scale to pull off a major attack. As a result, 2019 will see strong growth in the use of multi-factor authentication (MFA) for added protection among groups with more security knowledge, particularly push-based authentication and MFA for Cloud application defense. 6. A Nation-State to Take “Fire Sale” Attacks from Fiction to Reality. In the Die Hard movie series, a “fire sale” was a fictional three-pronged cyber-attack, targeting a city or state’s transportation operations, financial systems, public utilities and communication infrastructure. The fear and confusion caused during this attack was designed to allow the terrorists to siphon off huge sums of money undetected. Modern cyber security incidents suggest that nation-states and terrorists have developed these capabilities, so 2019 may be the first year one of these multi-pronged attacks is launched to cover up a hidden operation. 7. Hackers to Cause Real-World Blackouts as Targeted Ransomware Focuses on Utilities and Industrial Control Systems. Targeted ransomware campaigns will cause chaos in 2019 by targeting industrial control systems and public utilities for larger payoffs. The average payment demand will increase by over 6500 percent, from an average of $300 to $20,000 per attack. These assaults will result in real-world consequences like city-wide blackouts and the loss of access to public utilities. 8. A WPA3 Wi-Fi network will be hacked using one of the six Wi-Fi threat categories. Hackers will use rogue APs, Evil Twin APs, or any of the six known Wi-Fi threat categories (as defined by the Trusted Wireless Environment Framework (https://www.watchguard.com/wgrd-solutions/security-topics/trusted-wireless-environment) to compromise a WPA3 Wi-Fi network in 2019, despite enhancements to the new WPA3 encryption standard. Unless more comprehensive security is built into the Wi-Fi infrastructure across the entire industry, users can be fooled into feeling safe with WPA3 while still being susceptible to attacks like Evil Twin APs. To read WatchGuard’s complete 2019 Security Predictions visit: https://www.watchguard.com/2019Predictions Additional Materials · WatchGuard’s 2019 Security Predictions: https://www.watchguard.com/2019Predictions · WatchGuard’s 2019 Security Predictions Podcast: https://www.secplicity.org/category/the-443 About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit www.watchguard.com For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard, on Facebook: https://www.facebook.com/watchguardtechnologies, or on the LinkedIn Company page: http://www.linkedin.com/company/watchguard-technologies. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcast: https://www.secplicity.org/category/the-443 at Secplicity.org: http://www.secplicity.org, or wherever you find your favourite podcasts. ENDS WatchGuard Again Recognised as the Only Visionary in Gartner’s Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls) 2018-09-25T05:48:08Z watchguard-again-recognised-as-the-only-visionary-in-gartners-magic-quadrant-for-unified-threat-management-smb-multifunction-firewalls SEATTLE – September 24, 2018 – WatchGuard® Technologies, a leader in advanced network security solutions, today announced that for the fourth year running, WatchGuard has been positioned as the only company in the Visionaries quadrant of Gartner’s 2018 Magic Quadrant for the Unified Threat Management (SMB Multifunction Firewalls). “WatchGuard’s mission is to bring widely deployable security solutions to SMBs and distributed enterprises by way of our channel partners,” said Prakash Panjwani, CEO of WatchGuard Technologies. “Over the past year, we’ve built on the strong foundation we have already established in traditional network security, continuing to rapidly innovate and expand our existing product portfolio with new services like AuthPoint and DNSWatch. We believe WatchGuard’s recognition as a Visionary further validates our tireless commitment to understanding, anticipating and successfully addressing current and emerging security threats for the midmarket before they impact our customers’ businesses.” Over the past several years, WatchGuard has been driving a fundamental shift in how the market defines the level of protection offered by “unified threat management” solutions, introducing a more holistic security platform that covers the network, authentication, endpoints and wireless environments. Going beyond traditional services like gateway antivirus, IPS, and application control, WatchGuard has introduced groundbreaking services like APT Blocker (cloud sandboxing for advanced malware prevention), Threat Detection and Response (correlation between endpoint and network to detect and respond to advanced malware), and DNSWatch (protection against malicious domains). In addition to these network security advancements, WatchGuard has also launched AuthPoint, a powerful new cloud-based multifactor authentication solution. The company takes pride in its ability to swiftly identify customers’ most pressing security challenges and bring to market new security services that address those ever-evolving threats faster than competitors. WatchGuard believes its product innovation is setting the pace for the rest of the industry, and has led to its consecutive recognition as the only Visionary in Gartner’s Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls). Download a complimentary copy of the full text of Gartner’s 2018 Magic Quadrant for the Unified Threat Management (SMB Multifunction Firewalls) here: https://www.watchguard.com/wgrd-resource-center/gartner-magic-quadrant-utm-2018. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. WatchGuard’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit: https://www.watchguard.com For additional information, promotions and updates, follow WatchGuard on Twitter @WatchGuard, on Facebook (https://www.facebook.com/watchguardtechnologies), or on the LinkedIn Company page (http://www.linkedin.com/company/watchguard-technologies). Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at: www.secplicity.org WatchGuard Unveils Trusted Wireless Environment Framework to Help Businesses Build Fast, Scalable and Secure Wi-Fi Networks 2018-09-19T00:13:32Z watchguard-unveils-trusted-wireless-environment-framework-to-help-businesses-build-fast-scalable-and-secure-wi-fi-networks SEATTLE, WASH – September 18, 2018 –WatchGuard® Technologies (http://www.watchguard.com), a leader in advanced network security solutions, today launched its new Trusted Wireless Environment framework, a guiding resource businesses and solution providers can use to build Wi-Fi services that offer market-leading performance, scalable management and verified, comprehensive security capabilities. This new initiative seeks to upset the status quo in the wireless market, which has prioritised performance over security for far too long. Organisations that build Trusted Wireless Environments can enjoy the performance and scalability they need to run their business, while at the same time ensuring protection against today’s most dangerous Wi-Fi attacks. “Wi-Fi networks have always served as low-hanging fruit for cyber criminals looking to steal valuable information, primarily because vendors and businesses alike have made the mistake of looking at Wi-Fi security capabilities as an added benefit, rather than a primary feature,” said Ryan Orsi, director of product management at WatchGuard Technologies. “We’re seeing a massive, industry-wide need to fundamentally reevaluate what we expect from Wi-Fi products, so we’re advocating that businesses of every size – and even competing vendors – examine our framework for what it takes to build and operate a Trusted Wireless Environment. WatchGuard’s cloud-based secure Wi-Fi products are truly unique in that they offer both industry-leading performance and unrivalled protection against every known category of Wi-Fi security threats, all delivered in a package that’s easily managed and highly scalable.” Trusted Wireless Environments WatchGuard’s Trusted Wireless Environment framework helps organisations develop complete Wi-Fi networks that are fast, easy to manage, and most importantly, secure. Organisations today are faced with the inherent responsibility of establishing Trusted Wireless Environments that protect their employees, their customers, and their intellectual property from hackers who can easily exploit the weak or non-existent security of traditional Wi-Fi networks. Some chose to tackle this effort in-house, however, many small to midsize businesses and organisations elect to outsource their IT, including their Wi-Fi, to a trusted partner, which puts the responsibility for protecting that organisation on the VAR, MSP, or MSSP serving that client. The three core pillars of a Trusted Wireless Environment include: 1. Market-Leading Performance: Businesses should never be forced to compromise security in favor of achieving the level of Wi-Fi performance required to support user connections and client density within their wireless environments. 2. Scalable Management: With easy set-up and management, businesses should be able control their entire wireless network – regardless of size or complexity – from a single interface and execute key processes to safeguard the environment and its users. 3. Verified Comprehensive Security: Many vendors operate under a haze of ambiguity when it comes to advertising security capabilities offered by their Wi-Fi solutions. Businesses need proof that their security solution can provide automatic protection from the six known Wi-Fi threat categories, allow legitimate external access points (APs) to operate in the same airspace, and restrict users from connecting to unsanctioned Wi-Fi access points. Assessing the Security Capabilities of Top Wi-fi Solutions According to new research from Miercom (http://miercom.com), a leading, independent product test centre, WatchGuard’s cloud-managed secure Wi-Fi solution is the only product on the market capable of automatically detecting and preventing every type of Wi-Fi security threat. These findings came from a new independent security assessment (https://www.watchguard.com/wgrd-resource-center/wifi-security-report) that examined four top Wi-Fi products for their ability to effectively prevent the six major Wi-Fi security threats: rogue access points, rogue clients, neighbouring APs, ad-hoc networks, evil twin APs (those with spoofed SSIDs), and misconfigured APs. This is the first Miercom assessment to analyse Wi-Fi products from a security perspective, illuminating significant issues with the built-in security of many wireless APs. “Following our in-depth security assessment of competing wireless products, Miercom is pleased to award WatchGuard’s cloud-managed AP420 Wi-Fi solution with the Miercom Certified Secure accreditation for vastly superior performance in the detection and prevention of the top wireless security threats today,” said Robert Smithers, CEO of Miercom. “It’s clear that the performance comparisons we typically see for Wi-Fi solutions are missing key security criteria that could help customers make more well-informed buying decisions, so we believe the results of this never-before-done test speak to a critical need within the industry to reassess traditional Wi-Fi products from a security perspective.” Miercom’s independent assessment determined that WatchGuard was the only Wi-Fi vendor able to automatically detect and prevent all six wireless attack categories in just seconds, while maintaining performance. “Wi-Fi is an incredibly well-known and mature product category, and since most vendors offer highly similar offerings, it has become increasingly challenging for organisations like ours to meaningfully differentiate in the wireless services arena,” said Kevin Willette, CEO at Verus. “WatchGuard’s cloud-managed secure Wi-Fi products add a new dimension to our Wi-Fi services, allowing us to educate customers about unnecessary tradeoff between Wi-Fi performance and security found in other products, and offer them a solution that eliminates that compromise. With the Trusted Wireless Environment framework, we can bring clarity to previously ambiguous conversations about Wi-Fi security capabilities, and build wireless networks for customers that are not only fast, but safe and secure as well.” In order to begin building Trusted Wireless Environments with WatchGuard’s secure wireless solutions, VARs and MSPs can purchase Secure Wi-Fi (https://www.watchguard.com/wgrd-products/secure-wifi/package-options) or Total Wi-Fi (https://www.watchguard.com/wgrd-products/secure-wifi/package-options) packages today. For more information about the need for greater security in the wireless market, download the full Miercom report here: https://www.watchguard.com/wgrd-resource-center/wifi-security-report. Additional Resources: · Trusted Wireless Environment Solution Page: https://www.watchguard.com/wgrd-solutions/security-topics/trusted-wireless-environment · Report: WatchGuard Wi-Fi Security and Performance Validation: https://www.watchguard.com/wgrd-resource-center/wifi-security-report · Secure, Cloud-Managed Wi-Fi Brochure: https://www.watchguard.com/wgrd-resource-center/docs/watchguard-secure-cloud-wi-fi-en · Trusted Wireless Environment Solution Brief: https://www.watchguard.com/wgrd-resource-center/feature-brief/trusted-wireless-environment-en About Miercom Miercom has published hundreds of network product analyses in leading trade periodicals and other publications. Miercom’s reputation as the leading, independent product test center is undisputed. Private test services available from Miercom include competitive product analyses, as well as individual product evaluations. Miercom features comprehensive certification and test programs including: Certified Interoperable, Certified Reliable, Certified Secure and Certified Green. Products may also be evaluated under the Performance Verified program, the industry’s most thorough and trusted assessment for product usability and performance. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. WatchGuard’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit: https://www.watchguard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard, on Facebook: https://www.facebook.com/watchguardtechnologies, or on the LinkedIn Company page: http://www.linkedin.com/company/watchguard-technologies. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcast: https://www.secplicity.org/category/the-443, at Secplicity.org: http://www.secplicity.org, or wherever you find your favorite podcasts. ENDS New Security Research Reveals Password Inadequacy a Top Threat, Need for Multi-Factor Authentication 2018-09-12T22:18:47Z new-security-research-reveals-password-inadequacy-a-top-threat-need-for-multi-factor-authentication SEATTLE, WASH – September 12, 2018 – WatchGuard® Technologies, a leader in advanced network security solutions, today announced the findings of its Internet Security Report for Q2 2018, which explores the latest security threats affecting small to midsize businesses (SMBs) and distributed enterprises. The new research from the WatchGuard Threat Lab revealed that 50 percent of government and military employee LinkedIn passwords were weak enough to be cracked in less than two days. This finding, along with the emergence of the Mimikatz credential-stealing malware as a top threat and the popularity of brute force login attacks against web applications, underscores the reality that passwords alone can’t offer sufficient protection, and emphasises the need for multi-factor authentication (MFA) solutions in every organisation. “Authentication is the cornerstone of security, and we’re seeing overwhelming evidence of its critical importance in the common trend of password- and credential-focused threats throughout Q2 2018,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies. “Whether it’s an evasive credential-stealing malware variant or a brute force login attack, cyber criminals are laser-focused on hacking passwords for easy access to restricted networks and sensitive data. At WatchGuard, these trends are driving new innovative defenses within our product portfolio, including AuthPoint, our Cloud-based multi-factor authentication solution and our IntelligentAV service, which leverages three malware detection engines to prevent malware strains that evade traditional signature-based antivirus products. Every organisation should seek out vendor and solution provider partners that offer layered protection against these ever-evolving attack techniques.” The insights, research and security best practices included in WatchGuard’s quarterly Internet Security Report are designed to help organisations of all sizes understand the current cyber security landscape and better protect themselves, their partners and customers from emerging security threats. The top takeaways from the Q2 2018 report include: - Roughly half of government and military employee passwords are weak. After conducting a thorough analysis of the 2012 LinkedIn data dump to identify trends in user password strength, WatchGuard’s Threat Lab team found that half of all passwords associated with “.mil” and “.gov” email address domains within the database were objectively weak. Of the 355,023 government and military account passwords within the database, 178,580 were cracked in under two days. The most common passwords used by these accounts included “123456,” “password,” “linkedin,” “sunshine,” and “111111.” Conversely, the team found that just over 50 percent of civilian passwords were weak. These findings further illustrate the need for stronger passwords for everyone, and a higher standard for security among public service employees that handle potentially sensitive information. In addition to better password training and processes, every organisation should deploy multi-factor authentication solutions to reduce the risk of a data breach. - Mimikatz was the most prevalent malware variant in Q2. Representing 27.2 percent of the top 10 malware variants listed last quarter, Mimikatz is a well-known password and credential stealer that has been popular in past quarters, but has never been the top strain. This surge in Mimikatz’s dominance suggests that authentication attacks and credential theft are still major priorities for cyber criminals – another indicator that passwords alone are inadequate as a security control, and should be fortified with MFA services that make hackers’ lives harder by requiring additional authentication factors in order to successfully login and access the network. - More than 75 percent of malware attacks are delivered over the web. A total of 76 percent of threats from Q2 were web-based, suggested that organisations need an HTTP and HTTPS inspection mechanism to prevent the vast majority of attacks. Ranked as the fourth most prevalent web attack in particular, “WEB Brute Force Login -1.1021” enables attackers to execute a massive deluge of login attempts against web applications, leveraging an endless series of random combinations to crack user passwords in a short period of time. This attack in particular is another example of cyber criminals’ heightened focus on credential theft, and shows the importance of not only password security and complexity, but the need for MFA solutions as a more effective preventative measure. - Cryptocurrency miners earn spot as a top malware variant. As anticipated, malicious cryptominers are continuing to grow in popularity as a hacking tactic, making their way into WatchGuard’s top 10 malware list for the first time in Q2. Last quarter, WatchGuard uncovered its first named cryptominer, Cryptominer.AY, which matches a JavaScript cryptominer called “Coinhive” and uses its victims’ computer resources to mine the popular privacy-focused cryptocurrency, Monero (XRM). The data shows that victims in the United States were the top geographical target for this cryptominer, receiving approximately 75 percent of the total volume of attacks. Cyber criminals continue to rely on malicious Office documents. Threat actors continue to booby-trap Office documents, exploiting old vulnerabilities in the popular Microsoft product to fool unsuspecting victims. Interestingly, three new Office malware exploits made WatchGuard’s top 10 list, and 75 percent of attacks from these attacks targeted EMEA victims, with a heavy focus on users in Germany specifically. The complete Internet Security Report features an in-depth analysis of the EFail encryption vulnerability, along with insights into the top attacks in Q2 and defensive strategies SMBs can use to improve their security posture. These finding are based on anonymised Firebox Feed data from nearly 40,000 active WatchGuard UTM appliances worldwide, which blocked nearly 14 million malware variants (449 per device) and more than 1 million network attacks (26 per device) in Q2 2018. For more information, download the full report here: https://www.watchguard.com/wgrd-resource-center/security-report-q2-2018. To access live, real-time threat insights by type, region and date, visit WatchGuard’s Threat Landscape data visualisation tool: https://www.secplicity.org/threat-landscape today. Subscribe to The 443 – Security Simplified podcast: https://www.secplicity.org/category/the-443 at Secplicity.org: http://www.secplicity.org, or wherever you find your favoruite podcasts. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. WatchGuard’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit: https://www.watchguard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard, on Facebook: https://www.facebook.com/watchguardtechnologies> , or on the LinkedIn Company page: http://www.linkedin.com/company/watchguard-technologies. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at: www.secplicity.org. Subscribe to The 443 – Security Simplified podcast (https://www.secplicity.org/category/the-443) at Secplicity.org (http://www.secplicity.org). or wherever you find your favourite podcasts. New WatchGuard Firebox M270 Processes Traffic up to 82% Faster than Competitors 2018-08-02T06:06:48Z new-watchguard-firebox-m270-processes-traffic-up-to-82-faster-than-competitors SEATTLE, WASH – Aug 2, 2018 – WatchGuard® Technologies (http://www.watchguard.com), a leader in advanced network security solutions, today announced the Firebox® M270 Unified Threat Management (UTM) appliance. The M270 replaces the M200 as WatchGuard’s smallest rack-mounted Firebox. New Intel Atom processors with QuickAssist Technology (QAT) give the M270 significant performance, which enables it to run all the security services offered in WatchGuard’s Total Security Suite. This includes the new IntelligentAV AI-based antivirus service just released in Fireware® version 12.2, as well as DNSWatch and Access Portal, which were introduced in the last year. According to independent testing by Miercom, the M270 becomes the industry’s fastest entry-level rack-mounted appliance when running full UTM services, outperforming competitive products by up to 82%. “Organisations of all sizes need enterprise-grade security solutions like the M270 capable of processing the ever-rising tide of encrypted HTTPS traffic with industry-leading throughput,” said Brendan Patterson, vice president of product management at WatchGuard Technologies. “With 58% of data breach victims in 2017 classified as small businesses by the Verizon Data Breach Investigation Report, security is as much of a business imperative for small and midsize organisations as it is for larger enterprises. The M270 offers the protection of the most advanced security services for our customers, no matter their size.” Like all WatchGuard appliances, the M270 comes with WatchGuard Dimension, which provides a suite of big data visibility and reporting tools that instantly identify and distill key network security threats, issues and trends so you can take immediate preventive or corrective action. Predefined reports for HIPAA and PCI compliance are included. VALIDATED BY MIERCOM: The M270 was confirmed by Miercom, a leading independent network testing and certification lab, to be the fastest entry-level rack-mounted appliance when running full UTM services for both encrypted and unencrypted traffic, allowing users to rest easy knowing they won’t need to choose between network speed and enterprise-grade security. When identifying competitive equipment for this report, Miercom selected rack-mount appliances that were closest in price (MSRP) to the Firebox M270, but due to lack of strong competition, in many cases this required choosing a model that was a closer equivalent price to the WatchGuard Firebox M370. · The M270 offered the highest throughput of unencrypted traffic with all UTM services enabled at 1.2 Gbps, outperforming competitive products by at least 28%. · The M270 offered the fastest inspection of encrypted traffic with full UTM services enabled, outperforming the closest competitive product by 11% and farthest by 82%. PRODUCT DETAILS: · Intel 4 core Atom processor with QuickAssist Technology · 4 Gb RAM Memory · 8 1 Gb Ethernet ports · Runs the newly-released Fireware OS version 12.2 · Appropriate for networks with up to 60 users The Firebox M270 is available now. Find more information on the M270 here: https://www.watchguard.com/wgrd-products/rack-mount/firebox-m270-m370 ADDITIONAL RESOURCES: · Miercom Report: https://www.watchguard.com/wgrd-resource-center/miercom-high-performance-verification-report-m270 · Firebox M270 Web page: https://www.watchguard.com/wgrd-products/rack-mount/firebox-m270-m370 · Firebox M270 Datasheet: https://p.widencdn.net/6v7dia/Datasheet_M270_M370 About WatchGuard Technologies, Inc. WatchGuard Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcastat Secplicity.org, or wherever you find your favorite podcasts. WatchGuard Technologies Launches Artificial Intelligence-Based Antivirus to Help Defend Against Zero Day Malware 2018-08-02T06:05:03Z watchguard-technologies-launches-artificial-intelligence-based-antivirus-to-help-defend-against-zero-day-malware SEATTLE, WASH – August 2, 2018 – WatchGuard Technologies, Inc. (http://www.watchguard.com/), a leader in advanced network security solutions, today announced version 12.2 of its Fireware® operating system for its Firebox® Unified Security Platform™ appliances. Key to the update is IntelligentAV™, a new antivirus scan service that uses an artificial intelligence (AI) engine to predict, detect and block constantly evolving zero day malware. IntelligentAV joins Threat Detection and Response (TDR), Gateway AntiVirus, and APT Blocker as an additional layer of industry-leading malware defense on the Firebox platform. “Data from our quarterly Internet Security Report (https://www.watchguard.com/wgrd-resource-center/security-report-q1-2018) shows that nearly half of all malware targeting our customers is zero day. Traditional signature-based antivirus, while still an important part of one’s overall security posture, no longer provides adequate protection against modern malware, which is often obfuscated to evade detection,” said Brendan Patterson, vice president of product management at WatchGuard Technologies. “That’s why WatchGuard believes that layering multiple advanced security solutions is the best way for businesses to protect their assets and their customer’s data. IntelligentAV is the latest example of how we use best-in-class technologies to deliver high-performance layered security for customers.” IntelligentAV uses Cylance’s malware detection engine based on machine learning technology, which can accurately predict and detect future malware samples even without access to the latest threat intelligence and signature databases. For example, in a third-party test by SE Labs (https://pages.cylance.com/2018-03SELabsReport.html?), a 2015 version of this AI detection engine correctly identified and blocked major threats 33 months before they appeared in the wild. This means that IntelligentAV accurately continues to detect and block malware without relying on signatures. “The threat of zero day malware is a big issue for our clients, and IntelligentAV is an important part of a strong ‘defense in-depth’ strategy,” said Tony Petrella, vice president of engineering at Advanced Network Systems, Inc. “Having an AI component provides a more robust, proactive defense against new forms of malware and ransomware that legacy AV would typically miss.” Along with IntelligentAV, Fireware version 12.2 also includes many other significant upgrades. Highlights include: · Firebox Cloud Management Upgrades: WatchGuard System Manager for management of multiple Firebox Cloud instances hosted on Amazon Web Services or Microsoft Azure. · Geo-Blocking by Policy: Users can now set granular policies to restrict certain traffic types to or from specific countries. · TLS Proxy Protocols: Enables proxy and malware inspection for the POP3S and SMTPS (or POP3 and SMTP over TLS) mail retrieval protocols. · WebBlocker Updates: Adds the ability to generate alerts by categories (for example, weapons, militancy, or mental health issues). · Multiple Server Certificates: Users can now host multiple different servers and applications behind a single Firebox, each with their own proxy certificate. IntelligentAV is available only as part of WatchGuard’s Total Security Suite and can be used now for all WatchGuard customers with a Total Security Suite license on M270 or higher Firebox appliances, and on all Cloud and virtual appliances. More information is available about IntelligentAV click here: https://www.watchguard.com/wgrd-products/security-services/intelligentav About WatchGuard Technologies, Inc. WatchGuard Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcastat Secplicity.org, or wherever you find your favorite podcasts. WatchGuard Launches AuthPoint, Multi-Factor Authentication for Small and Midsize Businesses 2018-07-27T01:59:35Z watchguard-launches-authpoint-multi-factor-authentication-for-small-and-midsize-businesses SEATTLE – July 26, 2018 – WatchGuard® Technologies (http://www.watchguard.com), a leader in advanced network security solutions, today unveiled AuthPoint – a cloud-based multi-factor authentication (MFA) solution designed for small and midsize businesses (SMBs). MFA has always been out of reach for SMBs due to cost, complexity and management issues, until now. In fact, according to a new survey (https://www.watchguard.com/wgrd-resource-center/authpoint-survey) of IT managers and professionals conducted by independent market research firm CITE Research, 61 percent of respondents from companies with under 1,000 employees believe MFA services are reserved for large enterprises. WatchGuard’s AuthPoint addresses these authentication concerns by eliminating the complex integration processes, considerable up-front expenses, and burdensome on-premises management requirements. “We know that a massive portion of data breaches involve lost credentials, and since cyber criminals target organisations of any size, MFA is now a prerequisite for all businesses,” said Alex Cagnoni, director of Authentication at WatchGuard. “In the absence of MFA, cyber criminals can utilize a variety of techniques to acquire usernames and passwords, such as spear phishing, social engineering, and buying stolen credentials on the dark web, to gain network access and then steal valuable company and customer data. With AuthPoint, we’re breaking down longstanding barriers between SMBs and MFA adoption with a solution that is affordable, easy to deploy, and vastly scalable – all of which is made possible by WatchGuard’s cloud-based approach to authentication.” WatchGuard’s AuthPoint solution is a cloud service that can be deployed and managed from any location without the need for expensive hardware components. The service relies on WatchGuard’s AuthPoint app to facilitate user authentication. As the most effective and accessible MFA solution for SMBs, AuthPoint’s key features include: AuthPoint App – Once downloaded and activated on a user’s smartphone, WatchGuard’s AuthPoint app enables users to view and manage any login attempts – by way of push notifications, one-time passwords or QR code entries for those in offline scenarios. Additionally, the app is equipped to store third-party authenticators such as Google Authenticator, Facebook access, Dropbox, and more. Mobile Device DNA – WatchGuard uses an innovative approach to user authentication called Mobile Device DNA that distinguishes cloned login attempts from legitimate ones. The AuthPoint app creates personalized “DNA” signatures for users’ devices and adds them to the authentication calculation. The result is that authentication messages not originating from a legitimate user’s phone will be rejected. Cloud-based Management – As a cloud-based solution, the AuthPoint service comes with a convenient, intuitive interface for businesses to view reports and alerts, and configure and manage deployments. Enabled from the cloud, AuthPoint requires no on-premises equipment, which cuts down on costly deployment and management activities. Third-Party Integrations – WatchGuard’s ecosystem includes dozens of 3rd party integrations with AuthPoint. This allows companies to mandate that users undergo the authentication process before accessing sensitive cloud applications, VPNs and networks. Moreover, AuthPoint supports the SAML standard, allowing users to log on once to access a full range of applications and services. “Cloud-based multifactor authentication (MFA) services provide an alternative to on-premises products for MSEs to implement strong authentication. MFA provides mitigation against account takeover and can significantly reduce the risk of phishing attacks. These services potentially provide total cost of ownership (TCO) benefits over legacy on-premises software or hardware deployments. Further, TCO benefits can accrue from choice of modern authentication methods (such as phone-as-a-token methods) that also provide good security combined with improved user experience.” Gartner: Midsize Enterprise Playlist: Security Actions That Scale, by Neil Wynne, James A. Browning, Published: 10 May 2018 ID: G00355786 “With the launch of AuthPoint, WatchGuard has smartly extended its product portfolio with a vital security offering that is often overlooked by SMBs, and done so in a channel-friendly way that is easy to sell, deploy, and manage,” said Greg Shanton, vice president of CyberSecurity at Neovera. “AuthPoint’s cloud-based architecture means we can easily onboard new customers, allocate licenses, segment permissions, and report on their activity from a single, easy-to-use interface. It’s evident throughout the entire experience that AuthPoint was built keeping both the success of its channel partners, and the security of our mutual customers in mind.” KEY SURVEY FINDINGS: Password security is still a major issue among companies with less than 1,000 employees: Although most IT managers surveyed claim they provide some password training or policies to employees, 47 percent believe that employees still use weak passwords, 31 percent believe employees use network passwords for personal applications, and 30 percent believe that employees share passwords. 84 percent of surveyed IT managers would prefer to have technology solutions in place to enforce password best practices, rather than relying on password policies and training. Nearly half of surveyed IT managers (47 percent) suspect that their employees use simple or weak passwords, while only 18 percent believe employees don’t engage in any risky information security behaviours. These companies need an intuitive, cost-effective MFA solution: · Just over 61 percent of IT managers at companies with less than 1,000 employees believe MFA services are designed for companies larger than theirs. · Of companies that don’t currently use an MFA solution, their top reasons for not purchasing one are that MFA would be difficult to implement, maintain and support, and that it would be too expensive. Inter-organisational resistance to an MFA deployment was also a common concern. · 47 percent of companies currently using an MFA solution have implemented a version of SMS authentication methods, which are insecure and can be spoofed by a determined attacker. Also, 38 percent of companies using an MFA solution have hardware tokens, which are hard to manage, and can be lost or stolen. This survey was conducted by CITE Research on behalf of WatchGuard. It covers small business owners and IT managers or higher at companies with less than 1,000 employees in the United States, the UK and Australia. For the complete survey findings, download the full report here: https://www.watchguard.com/wgrd-resource-center/authpoint-survey. To learn more about WatchGuard’s new AuthPoint service, visit: https://www.watchguard.com/wgrd-products/multi-factor-authentication> . ADDITIONAL RESOURCES: · Report: Poor Password Handling and the Rise of Multi-Factor Authentication: https://www.watchguard.com/wgrd-resource-center/authpoint-survey · InfoGraphic: Passwords have failed, so what’s next?: https://www.watchguard.com/wgrd-resource-center/infographic/passwords-have-failed-so-whats-next · White paper: Protecting Your Network Assets with MFA: https://www.watchguard.com/wgrd-resource-center/white-paper/authpoint-en · AuthPoint Datasheet: https://p.widencdn.net/vvrgea/Datasheet_AuthPoint · Solution Brochure: https://p.widencdn.net/yacoie/Brochure_AuthPoint About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit: http://www.watchguard.com For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard, on Facebook: https://www.facebook.com/watchguardtechnologies, or on the LinkedIn Company page: http://www.linkedin.com/company/watchguard-technologies. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org (http://www.secplicity.org). Subscribe to The 443 – Security Simplified podcast (https://www.secplicity.org/category/the-443) at Secplicity.org (http://www.secplicity.org), or wherever you find your favourite podcasts. ENDS Report: Malicious Cryptocurrency Miners Gaining Momentum, Poised for Continued Growth 2018-06-29T00:36:55Z report-malicious-cryptocurrency-miners-gaining-momentum-poised-for-continued-growth SEATTLE, WASH – June 28, 2018 – WatchGuard® Technologies, a leader in advanced network security solutions, today published its latest Internet Security Report (https://www.watchguard.com/wgrd-resource-center/security-report-q1-2018). Threat intelligence from Q1 2018 revealed that 98.8 percent of seemingly common Linux/Downloader malware variants were actually designed to deliver a popular Linux-based cryptocurrency miner. This is just one of several signs that malicious crypto-mining malware is becoming a top tactic among cyber criminals. The complete report details delivery mechanisms for these crypto-miner attacks, and explores other prevalent security threats targeting small to midsize businesses (SMBs) and distributed enterprises today. “Our Threat Lab team has uncovered multiple indicators that suggest malicious crypto miners are becoming a mainstay in cyber criminals’ arsenals, and will continue to grow more dominant in Q2,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies. “While ransomware and other advanced threats are still a major concern, these new crypto-miner attacks illustrate that bad actors are constantly adjusting their tactics to find new ways to take advantage of their victims. In fact, once again in Q1, we saw nearly half of all malware slip past basic signature-based antivirus solutions due to various obfuscation methods. One way every organisation can become more secure against these sophisticated, evasive threats is to deploy defences enabled with advanced malware prevention like our APT Blocker service.” WatchGuard’s Internet Security Report offers in-depth insights on the top cyber threats each quarter, along with defense recommendations SMBs can use to protect themselves. The findings are based on data from tens of thousands of active Firebox UTM appliances around the world. The top takeaways from the Q1 2018 report include: Cryptocurrency miners are on the rise. Several cryptocurrency miners appeared for the first time in WatchGuard’s list of the top 25 malware variants. Firebox appliances have a rule called Linux/Downloader, which catches a variety of Linux “dropper” or “downloader” programs that download and run malware payloads. Usually these droppers download a wide range of malware, but in Q1 2018, 98.8 percent of Linux/Downloader instances were trying to download the same popular Linux-based crypto miner. Evidence from Q2 so far indicates that crypto-mining malware will stay on WatchGuard’s top 25 list and may even crack the top 10 by the end of the quarter. The Ramnit trojan makes a comeback in Italy. The only malware sample on WatchGuard’s top 10 list that hadn’t appeared in a past report was Ramnit, a trojan that first emerged in 2010 and had a brief resurgence in 2016. Nearly all (98.9 percent) of WatchGuard’s Ramnit detections came from Italy, indicating a targeted attack campaign. Since past versions of Ramnit have targeted banking credentials, WatchGuard advises Italians to take extra precautions with their banking information and enable multi-factor authentication for any financial accounts. For the first time, APAC reports the highest malware volume. In past reports, APAC has trailed EMEA and AMER in the number of reported malware hits by a wide margin. In Q1 2018, APAC received the most malware overall. The vast majority of these attacks were Windows-based malware and 98 percent were aimed at India and Singapore. Nearly half of all malware eludes basic antivirus (AV) solutions. WatchGuard UTM appliances block malware using both legacy signature-based detection techniques and a modern, proactive behavioural detection solution - APT Blocker. When APT Blocker catches a malware variant, it means the legacy AV signatures missed it. This zero day malware (a term for malware that is able to evade traditional signature-based AV) accounted for 46 percent of all malware in Q1. This level of zero day malware suggests that criminals are continuing to use obfuscation techniques to beat traditional AV services, emphasising the importance of behaviour-based defences. Mimikatz targets the US, skips Asia Pacific. The Mimikatz Windows credential-stealing malware reappeared on WatchGuard’s top 10 malware list after several quarters of absence. Two thirds of the detection of this malware was in the United States and under 0.1 percent of detections were in APAC, possibly due to the complexity of double-byte characters in countries like Japan that use a symbol-based language for passwords. The complete Internet Security Report features a detailed breakdown of the record-breaking GitHub 1.35 Tbps DDoS attack, as well as analysis of the quarter’s top malware and network attacks, and key defence tactics for SMBs. This quarter’s conclusions are based on anonymised Firebox Feed data from nearly 40,000 active WatchGuard UTM appliances worldwide, which blocked more than 23 million malware variants (628 per device) and over 10 million network attacks (278 per device) in Q1 2018. Don’t miss the new podcast, The 443 – Security Simplified (https://www.secplicity.org/category/the-443), from the team behind the Internet Security Report and Secplicity.org. Each week, they will analyse the methods and techniques behind the latest hacks, attacks, and breaches. They’ll detail what happened, how the bad guys did it, and provide actionable insights businesses can use to protect themselves. For more information, download the full report here: https://www.watchguard.com/wgrd-resource-center/security-report-q1-2018. To access live, real-time threat insights by type, region and date, visit WatchGuard’s Threat Landscape data visualisation tool (https://www.secplicity.org/threat-landscape) today. Subscribe to The 443 – Security Simplified podcast (https://www.secplicity.org/category/the-443) at Secplicity.org (http://www.secplicity.org) or wherever you find your favourite podcasts. About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, and network intelligence products and services to more than 80,000 customers worldwide. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com For additional information, promotions and updates, follow WatchGuard on Twitter @WatchGuard, on Facebook: https://www.facebook.com/watchguardtechnologies, or on the LinkedIn Company (http://www.linkedin.com/company/watchguard-technologies) page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Report: Macro-less Word Document Attacks on the Rise, Zero Day Malware Variants Jump 167 Percent 2018-03-29T09:21:34Z report-macro-less-word-document-attacks-on-the-rise-zero-day-malware-variants-jump-167-percent SYDNEY – March 29, 2018 – WatchGuard® Technologies, a leader in advanced network security solutions, today announced new research findings from its Internet Security Report for Q4 2017. Among the report’s most notable findings, threat intelligence from Firebox appliances protecting small and midsize businesses (SMBs) and distributed enterprises around the world showed that total malware attacks are up by 33 percent, and that cyber criminals are increasingly leveraging Microsoft Office documents to deliver malicious payloads. WatchGuard has also launched a new Threat Landscape data visualisation tool (https://www.secplicity.org/threat-landscape), available for the public to access to daily updates about the most prevalent computer and network security threats affecting SMBs and distributed enterprises. “After a full year of collecting and analysing Firebox Feed data, we can clearly see that cyber criminals are continuing to leverage sophisticated, evasive attacks and resourceful malware delivery schemes to steal valuable data,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies. “Although these criminal tactics may vary over time, we can be certain that this broad trend will persist, so the risks have never been greater for small and midsize organisations with less IT and security resources. We encourage businesses of all sizes to proactively mitigate these threats with layered security services, advanced malware protection, and employee education and training in security best practices.” WatchGuard’s Internet Security Report provides a quarterly update on the most ubiquitous security threats targeting businesses today, as well key strategies they can use to protect employees, customers and stakeholders from data theft. The top takeaways from the Q4 2017 report include: · Cyber criminals leveraged malicious Office documents to trick victims. Dynamic Data Exchange (DDE) attacks cracked WatchGuard’s top ten malware list in Q4, as hackers increasingly exploited issues within this Microsoft Office standard to execute code. Also called “macro-less malware,” these malicious documents often use PowerShell and obfuscated script to get past network defences. Additionally, two of the top-ten network attacks in Q4 involved Microsoft Office exploits, further emphasising the growing trend of malicious document attacks. · Overall malware attacks grew significantly, while zero day malware variants jumped 167 percent. WatchGuard Fireboxes blocked over 30 million total malware variants in Q4, which was a 33 percent increase over the previous quarter. Out of the total threats prevented in Q4, the subset of new or “zero day” malware instances rose steeply by 167 percent compared to Q3. These increases can likely be attributed to heightened criminal activity during the holiday season. · Nearly half of all malware eluded basic antivirus (AV) solutions. WatchGuard Fireboxes block malware using both legacy signature-based detection techniques and the modern, proactive behavioural detection solution – APT Blocker (https://www.watchguard.com/wgrd-products/security-services/apt-blocker). When APT Blocker catches a malware variant, it means the legacy AV signatures missed it. This zero day malware accounted for 46 percent of all malware in Q4. That level of growth suggests criminals are using more sophisticated evasion techniques capable of slipping attacks past traditional AV services, which further underscores the importance of behaviour-based defences. · Scripting attacks account for 48 percent of top malware. Script-based attacks caught by signatures for JavaScript and Visual Basic Script threats, such as downloaders and droppers, accounted for the majority of malware detected in Q4. Users should take note of the continued popularity of these attacks and watch out for malicious script in web pages and email attachments of any kind. The full Internet Security Report features evaluations of the quarter’s most pervasive malware and network attacks, recommendations for useful defensive strategies in today’s threat landscape, and a detailed breakdown of “the Krack Attack” – one of the top information security issues in 2017. Additionally, the report includes a new research project from the WatchGuard Threat Lab, which analyses a database of more than 1 billion stolen password records to stress just how often users choose weak passwords and re-use credentials across multiple accounts. This quarter’s conclusions are based on anonymised Firebox Feed data from nearly 40,000 active WatchGuard Fireboxes worldwide, which blocked more than 30 million malware variants (783 per device) and 6.9 million network attacks (178 per device) in Q4 2017. New Threat Landscape Data Visualization Tool WatchGuard’s new Threat Landscape data visualisation tool (https://www.secplicity.org/threat-landscape/) offers daily security insights regarding the top malware and network attacks around the globe. The Threat Landscape page enables users to search Firebox Feed data a by type of attack, region or country, and targeted date ranges, with interactive graphics that are updated instantly and easy to read. To access live, real-time threat insights by type, region and date, visit WatchGuard’s Threat Landscape page: https://www.secplicity.org/threat-landscape About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, and network intelligence products and services to more than 80,000 customers worldwide. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com <http://www.watchguard.com/> . Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org <http://www.secplicity.org/> . WatchGuard Technologies Acquires Percipient Networks and Adds Security at the DNS Layer to Company’s SMB Security Platform 2018-01-17T22:12:46Z watchguard-technologies-acquires-percipient-networks-and-adds-security-at-the-dns-layer-to-companys-smb-security-platform WatchGuard® Technologies, a leader in advanced network security solutions, today announced that it has acquired Percipient Networks, a developer of simple, affordable, automated security solutions for small and midsize organisations. Percipient Networks’ flagship product, Strongarm, stops phishing and malware attacks by offering an easy-to-deploy, security-focused Domain Name System (DNS) service. Integrated into WatchGuard’s security platform, Strongarm will further improve the security efficacy of existing malware protection techniques, increase the value of the company’s popular Total Security Suite (TSS) advanced services bundle, and become a key element in the evolution of WatchGuard’s cloud security offering. In 2016, 76 percent of organsations reported falling victim to phishing (1). Company size and vertical industry played no role in likelihood of an attack, making it critical for companies to have protections in place against phishing, happy clickers, and other web-based threats. The Strongarm service monitors outbound DNS requests and blocks traffic to websites based on a list of known malicious domains. Furthermore, by monitoring requests at the domain level, Strongarm’s filtering capabilities extend to all ports and protocols. Integrating Strongarm into WatchGuard’s comprehensive unified security platform, will provide customers with the strongest possible protection from the widest variety of threats. “In a world of increasing and constantly changing security threats, there is no silver bullet when it comes to protection. Many organisations don’t have the resources to research and deploy a long list of security point-solutions. As such, it is WatchGuard’s mission to continually evolve our unified security platform to provide the best combination of security services in a simple package, making enterprise-grade security accessible to all. The addition of security at the DNS layer is just another example of execution of our mission,” said Prakash Panjwani, CEO of WatchGuard. “Based on years of research and development, the Percipient Networks team has developed a simple, enterprise-grade solution. We are excited to add the Strongarm solution to our platform and to welcome the teams behind developing and launching it to WatchGuard’s ecosystem of rapidly growing partners, customers, and employees.” In addition to blocking traffic to dangerous sites, the Strongarm platform was architected to facilitate maximum user and IT admin education. Rather than just blocking traffic to potentially malicious sites, the service redirects users to a ‘blackhole’ where additional information about the attack is collected, and the user is presented with educational materials aimed at preventing future attacks. Percipient Networks also employs a threat analysis team who engages with the IT managers and managed service providers (MSPs) to provide additional insights into attacks and how to prevent them in the future. WatchGuard will continue investment in both areas. “Phishing is one of the most common methods used to gain a first point of entry into an organisation. It is one of the most effective tactics because it targets people. As such, organisations must employ a two-pronged approach to combat phishing – malware prevention services and employee education,” said Todd O’Boyle, co-founder and CTO at Percipient Networks. “By protecting users and using blocked attacks as an opportunity to educate we significantly reduce the odds of that employee making the same mistake a second time. We are delighted to continue development of the product and our threat research team under WatchGuard’s leadership.” WatchGuard partners and customers will be able to gain early access to the new DNS filtering service later this month when the product is released into Beta. The new service will be generally available as part of the company’s all-in-one security package, Total Security Suite, shortly thereafter in an upcoming release of Fireware. All active Total Security Suite customers will gain immediate access to the new feature at no additional charge with the simple check of a box. “We are extremely proud of what we have built with the Strongarm platform and this partnership with WatchGuard will put our award-winning technology and education tools into the hands of tens of thousands of organizations around the world almost immediately via WatchGuard’s extensive VAR and MSP community,” continued O’Boyle. “We are also excited to extend WatchGuard’s approach to total security to our customer base, expanding their protection to cover more threats, and to our partner community, who will gain immediate access to the award-winning WatchGuardONE program and full product portfolio.” About WatchGuard Technologies, Inc. WatchGuard® Technologies, Inc. is a global leader in network security, providing best-in-class Unified Threat Management, Next Generation Firewall, secure Wi-Fi, and network intelligence products and services to more than 80,000 customers worldwide. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for Distributed Enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com. For additional information, promotions and updates, follow WatchGuard on Twitter: @WatchGuard, on Facebook: https://www.facebook.com/watchguardtechnologies, or on the LinkedIn Company page: http://www.linkedin.com/company/watchguard-technologies. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org (1) State of the Phish 2017 - https://www.wombatsecurity.com/state-of-the-phish