Blog

Your Enemy Can Be Your Best Teacher

This quote attributed to the Dalai Lama inspired our analysts to take a thoughtful approach to monitoring our external nodes. We wanted to answer the question – what are the top 20 ports the top 3 cyber threat actor countries are hitting? Could the targeting from countries such as China, Russia, and Iran give us some insights into what they’re trying to exploit?

read more

Living Off the Land (LOTL): A Case Study

During a recent incident involving LockBit ransomware, we discovered a persistent credential stealer that was hidden as a scheduled task/process. We did a significant amount of investigation before unraveling the clues of what was creating alerts and attempting to beacon-out to certain IP addresses in Latvia.

read more

THIS MEMORIAL DAY WEEKEND: RANSOMWARE

Since May 4th, we have seen an eye-catching increase in cyber incidents, email compromise, and ransomware attacks.
As we approach the US Holiday, Memorial Day, we expect this increase to continue. To help improve your awareness, we offer the following trends and fairly consistent indicators pointing back to Eastern European and Russian criminal actors.

read more

The Noise of Missing Traffic

As the Coronavirus continues its march across the globe the last few weeks, this has resulted in countries going into lockdown across the globe. Recently, our intelligence team started looking for countries that have suddenly gone silent.

read more

Southwest CyberSec Forum | January 2020

We are excited to kick-off the new year with a presentation from Michael McAndrews to the members of the Southwest CyberSec Forum on Monday, January 6, 2020. Michael’s presentation “The Need for Advanced Incident Response Tools and Capabilities” will use actual scenarios from a WGM/Crowdstrike international incident response engagement.

read more

Michael McAndrews Presents Dark Web Keynote

Another brilliant presentation on the Dark Web by Michael McAndrews of WGM Associates LLC at the Arizona Technology Council Cybersecurity Summit. Great crowd! Michael said, “These attendees had some of the best questions I’ve been asked in years.”

read more