Blog
Happy Anniversary, Still WannaCry.
It’s been 5 years since we first heard about WannaCry ransomware. What have we learned in those five years? Not enough, apparently.
Lessons Learned from #ContiLeaks
Here are the primary #ContiLeaks lessons our Cyber Threat Intel (CTI) analysts have learned over the last several days.
Preparing for Cyber Threats Related to Tensions in Ukraine
Special Alert: PacketWatch is providing actionable steps organizations can take to safeguard themselves during this time.
PacketWatch Log4J Article also Published on Law360
PacketWatch recently collaborated with Squire Patton Boggs to produce a “Responding to the Log4J Vulnerability” article posted on Law360.
PacketWatch Log4J Article Published in National Law Review
PacketWatch recently collaborated with Squire Patton Boggs to produce a “Responding to the Log4J Vulnerability” article that was published in the National Law Review.
PacketWatch Cybersecurity Expertise used in Colonial Pipeline Ransomware Story
PacketWatch ransomware expertise was included in Rich McHugh’s story on the Colonial Pipeline cyberattack now streaming on NewsNation.
PacketWatch Discusses Unemployment Payment Fraud and Password Scams on Pix11 News
Emmy Award-winning investigative journalist, Rich McHugh, sat down with PacketWatch CTO Michael McAndrews to better understand how and why cyber criminals target their victims.
PacketWatch Featured in an Investigative Story on Ransomware Now Streaming on NewsNation
Emmy Award-winning investigative journalist, Rich McHugh, sat down with PacketWatch CTO Michael McAndrews to better understand how and why cyber criminals target their victims.
Surge in Bitcoin Mining Attacks Expected
We anticipate a surge of mining attacks in the coming weeks and months as cryptocurrency values soar once again.
Your Enemy Can Be Your Best Teacher
This quote attributed to the Dalai Lama inspired our analysts to take a thoughtful approach to monitoring our external nodes. We wanted to answer the question – what are the top 20 ports the top 3 cyber threat actor countries are hitting? Could the targeting from countries such as China, Russia, and Iran give us some insights into what they’re trying to exploit?
Living Off the Land (LOTL): A Case Study
During a recent incident involving LockBit ransomware, we discovered a persistent credential stealer that was hidden as a scheduled task/process. We did a significant amount of investigation before unraveling the clues of what was creating alerts and attempting to beacon-out to certain IP addresses in Latvia.
THIS MEMORIAL DAY WEEKEND: RANSOMWARE
Since May 4th, we have seen an eye-catching increase in cyber incidents, email compromise, and ransomware attacks.
As we approach the US Holiday, Memorial Day, we expect this increase to continue. To help improve your awareness, we offer the following trends and fairly consistent indicators pointing back to Eastern European and Russian criminal actors.