Insights

Another emergency security update has been released for Google Chrome, this time for CVE-2024-4761. This vulnerability is an out-of-bounds write issue which leads to unauthorized data access, arbitrary code execution, and program crashes. In the advisory released by Google, they acknowledged that this vulnerability is being actively exploited in the wild. Chrome should automatically update over the next few days, but users have been advised to ensure they are up to date. The patched versions of Chrome are: 0.6367.207/.208 for Mac and Windows 0.6367.207 for Linux 0.6367.207 for the "Extended Stable" channel for Mac and Windows. This advisory comes only days after the release of an advisory for CVE-2024-4671, which is a use-after-free vulnerability in the Visuals component. The Visuals component is responsible to rendering and displaying content in the browser. This flaw also leads to remote code execution and program crashes. Google acknowledged this vulnerability is also being actively…

CISOs bear the immense responsibility of safeguarding a company's information assets, a task that becomes more complex with each passing day. As cyber threats grow in sophistication and frequency, the decisions made by CISOs carry significant weight. One critical aspect that often gets overlooked, however, is the protection of the CISO's personal and financial liability. This is where Directors and Officers (D&O) insurance steps in as a crucial safeguard. Understanding the Scope of D&O Insurance D&O insurance is designed to protect corporate directors and officers from personal losses if they are sued as a result of serving as a director or an officer of the organization. This type of insurance can cover legal fees, settlements, and other costs that might arise from lawsuits related to their corporate roles. For CISOs, whose decisions and actions are increasingly under scrutiny, D&O insurance is not just beneficial-it's essential. Why CISOs Are at Risk…

Critical Path Security, renowned for its cutting-edge cybersecurity solutions, is excited to introduce Ben Estephan as the Managing Director of Critical Path Security - Canada. This appointment marks a significant milestone in our journey as we expand our footprint and extend our commitment to providing top-tier cybersecurity services throughout Canada. Building on our recent partnership with Inhouse-Support and the establishment of our Ottawa office, located at 1492A Star Top Rd, Ottawa, ON K1B 3W6, this strategic move underscores our dedication to delivering unparalleled security solutions and fostering collaborative relationships in new territories. Ben Estephan brings with him a wealth of experience and expertise in the cybersecurity domain, making him the ideal candidate to spearhead our initiatives in Canada. We trust Ben to uphold the values and standards that define the Critical Path Security brand and drive our mission forward with vigor and determination. At Critical Path Security - Canada, we…

We are excited to announce that our founder, Patrick Kelley of Critical Path Security, will be leading an insightful workshop titled "In the Trenches of Cybersecurity: A Practical Guide to Incident Response" at the upcoming Cybersecurity Risk Information Sharing Program (CRISP) event hosted by E-ISAC. This event will take place on May 14th in Chicago, IL, and promises to be a pivotal learning experience for cybersecurity professionals. About CRISP CRISP is a collaborative initiative under the stewardship of the E-ISAC and the U.S. Department of Energy. This program utilizes advanced technology coupled with deep industry expertise to deliver actionable and relevant threat intelligence in near real-time. As a public-private partnership, CRISP focuses on enhancing the cybersecurity readiness and response within the electricity sector by leveraging data collected through information sharing devices (ISDs) on participants' networks. Workshop Overview Patrick Kelley's workshop will dive deep into the practical aspects of cybersecurity incident…