Blog
Acropalypse Now: New Bug and Zero-Day Discovered in Multiple Image Editing Products
Bottom Line Up Front (BLUF) Cropped screenshots on affected software leave behind image data that can be recovered, potentially revealing uncropped screenshot context. Vulnerability Google Pixel’s Markup tool (CVE-2023-21036, a.k.a. Acropalypse) was discovered in...
Critical Vulnerability in Outlook Requiring Little to No Interaction Patched by Microsoft
Read our latest Enterprise Threat Intelligence Briefing on the Microsoft Outlook Elevation of Privilege Vulnerability, compiled by Kyle Nordby and John Garner. Vulnerability CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Vulnerability[1] Affected Products...
CISA Adds Additional VMware Security Flaw to Known Exploited Vulnerabilities Catalog
THREAT ACTORS LEVERAGING EXPLOITS SEEN IN WILD SINCE DECEMBER CVE-2021-39144 – VMware Cloud Foundation XStream Remote Code Execution Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) has added another VMware vulnerability (CVE-2021-39144) to...
He’s on to Something.
MDR is when a “vendor performs dedicated threat hunting investigations and incident response on behalf of a customer,” according to SC Media.
Cybersecurity Law Report Includes PacketWatch Expertise
Cybersecurity Law Report interviewed Michael McAndrews for their “Ten Cybersecurity Resolutions for Financial Services Firms in 2023” article.
There’s Your Sign.
Getting more security tools can never replace getting more experienced people—threat hunters, cybersecurity analysts, and DevOps engineers.
PacketWatch Article Published on Law.com
PacketWatch and law firm Buchalter co-wrote “So Where Did the Leak Come From?” an article that was picked up by Law.com Legaltech News.
Lawyers for Civil Justice | 2022 Fall Meeting
Michael is one of the principal speakers at the Lawyers for Civil Justice Fall Meeting in NYC. He’ll talk about the impact of the Dark Web on the Discovery process.
M&A Cyber Due Diligence Redefined
PacketWatch launches a comprehensive suite of cyber due diligence services for midsized enterprises.
2022 Fall Privacy + Security Forum
Michael will be part of a four-person panel during the Thursday session, The Supply Chain Privacy Conundrum.
Maybe, with a Little Practice.
We recommend incident response tabletop exercises for both technical and executive teams—different topics, and different personalities.
Don’t Just Go With The Flow…
Adding PCAP recordings to Flow data lets you monitor the network and get detailed packet information to reconstruct security incidents.