Volt Typhoon targets US Critical Infrastructure

Microsoft has discovered a clandestine, highly targeted cyberattack aimed at key infrastructure organizations within the United States. This assault is orchestrated by Volt Typhoon, a Chinese state-sponsored entity primarily involved in espionage and intelligence collection. With moderate certainty, Microsoft believes that this campaign by Volt Typhoon is designed to hamper critical communication infrastructure between the US and Asia in potential future crises. Volt Typhoon has been operational since the middle of 2021, launching attacks on key infrastructure organizations within Guam and other parts of the US. The campaign has impacted a range of sectors including communication, manufacturing, utilities, transportation, construction, maritime, government, IT, and education. The observed actions suggest a primary goal of the threat actor is to carry out espionage and maintain undetected access for an extended period. To fulfill their objectives, the attacker places a strong focus on stealth. They rely exclusively on 'living-off-the-land' techniques and direct keyboard…

0 Comments

Ryan Vargas and Critical Path Security to compete at the North Carolina Education Lottery 200 NASCAR Race!

Greetings to all! We're thrilled to share some exhilarating news with you all! Our own Ryan Vargas, a promising talent in the NASCAR racing scene, will be competing in the North Carolina Education Lottery 200 NASCAR Race, proudly representing Critical Path Security. The Unstoppable Ryan Vargas Ryan Vargas has shown an impressive trajectory in his NASCAR career, consistently demonstrating a rare blend of natural talent, determination, and competitive spirit that resonates with Critical Path Security's values. We couldn't be more proud to back this gifted driver who not only personifies speed on the racing track but also exudes passion and dedication towards the sport. The Race to Success The North Carolina Education Lottery 200 is one of the most awaited races on the NASCAR circuit, known for its high-octane energy and spectacular performances. Held at the world-renowned Charlotte Motor Speedway, this race has always been a captivating spectacle for racing…

0 Comments

Why Do You Need a Managed Security Service Provider (MSSP) and How Do You Choose the Right One?

The first thing we need to understand is the difference between MSP and MSSP vendors. A Managed Service Provider (MSP) or more commonly referred to as a Managed IT Provider focuses on uptime and the delivery of services of your end user systems and phone systems. They also are responsible for the buildout and ongoing maintenance of your network infrastructure. Some MSPs claim to provide cybersecurity services, however, antivirus and firewalls are only a small part of your cybersecurity initiatives, and with today's threat level, a more robust cybersecurity solution is highly recommended. MSSPs typically employ deeply experienced, higher trained analysts with corresponding certifications in cybersecurity, such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), CompTIA Security+ (SEC+), Certified Information Systems Auditor (CISA), Certified Information Systems Manager (CISM), and more. There are significant reasons why you need an MSSP monitoring your network. Let's look at what you…

0 Comments

Founder, Patrick Kelley, interviewed by 11Alive/NBC News!

"We're having upwards of a billion records leaked a year," said Patrick Kelley, CEO of Critical Path Security. "We can pretty much ascertain that every person that has ever been on the internet or created an account on the internet likely has been rolled into a data breach." Kelley said tracking down the source of those breaches can be nearly impossible. "Even though we have state laws that say that we should be disclosing, we haven't really tested those in courts and the companies know that," Kelley said. "Fewer than four out of five actually report that they've had a breach. They will create some pretty interesting ways to make sure that they don't have to disclose, such as telling companies like us that we are not to give them a final report, we're to provide it to the attorneys because there is attorney client privilege." Read More

0 Comments