Blog
PacketWatch Cybersecurity Expertise used in Colonial Pipeline Ransomware Story
PacketWatch ransomware expertise was included in Rich McHugh’s story on the Colonial Pipeline cyberattack now streaming on NewsNation.
PacketWatch Discusses Unemployment Payment Fraud and Password Scams on Pix11 News
Emmy Award-winning investigative journalist, Rich McHugh, sat down with PacketWatch CTO Michael McAndrews to better understand how and why cyber criminals target their victims.
PacketWatch Featured in an Investigative Story on Ransomware Now Streaming on NewsNation
Emmy Award-winning investigative journalist, Rich McHugh, sat down with PacketWatch CTO Michael McAndrews to better understand how and why cyber criminals target their victims.
Surge in Bitcoin Mining Attacks Expected
We anticipate a surge of mining attacks in the coming weeks and months as cryptocurrency values soar once again.
Your Enemy Can Be Your Best Teacher
This quote attributed to the Dalai Lama inspired our analysts to take a thoughtful approach to monitoring our external nodes. We wanted to answer the question – what are the top 20 ports the top 3 cyber threat actor countries are hitting? Could the targeting from countries such as China, Russia, and Iran give us some insights into what they’re trying to exploit?
Living Off the Land (LOTL): A Case Study
During a recent incident involving LockBit ransomware, we discovered a persistent credential stealer that was hidden as a scheduled task/process. We did a significant amount of investigation before unraveling the clues of what was creating alerts and attempting to beacon-out to certain IP addresses in Latvia.
THIS MEMORIAL DAY WEEKEND: RANSOMWARE
Since May 4th, we have seen an eye-catching increase in cyber incidents, email compromise, and ransomware attacks.
As we approach the US Holiday, Memorial Day, we expect this increase to continue. To help improve your awareness, we offer the following trends and fairly consistent indicators pointing back to Eastern European and Russian criminal actors.
A Closer Look at a COVID-19 Phish
As cybercriminals continue to exploit the COVID-19 pandemic, we’ve been on guard keeping watch for any phish that may get caught in our nets that look particularly interesting. This week, we caught some.
The Noise of Missing Traffic
As the Coronavirus continues its march across the globe the last few weeks, this has resulted in countries going into lockdown across the globe. Recently, our intelligence team started looking for countries that have suddenly gone silent.
Investigating Cybersecurity Incidents using Full Packet Capture
Michael McAndrews, our Vice President of Network Security Services and former FBI Special Agent, walked the audience at the Southwest CyberSec Forum through the process we used to investigate and resolve a recent international cybersecurity incident.
Southwest CyberSec Forum | January 2020
We are excited to kick-off the new year with a presentation from Michael McAndrews to the members of the Southwest CyberSec Forum on Monday, January 6, 2020. Michael’s presentation “The Need for Advanced Incident Response Tools and Capabilities” will use actual scenarios from a WGM/Crowdstrike international incident response engagement.
10 Cyber Security Questions Business Owners Should Ask Their IT Department (Part 2)
This is Part 2 of our post to help business owners understand which cyber security questions should be the basis of a readiness discussion with their IT Team. If you have any concerns or doubts, please give us a call.