Phishing: What you should know!

Here are a few ways to stay as safe as possible when receiving phishing emails. 1.  Know the red flags. The most common types of scams will target you through fake emails (a technique known as phishing), text messages (SMSishing or smishing) voice calls (vishing), letters or even someone who shows up at your front door unexpectedly. No matter which technique the criminal uses these are the common things they try: Pressure you to send money Threaten you with law enforcement action Tell you to purchase gift cards and provide codes as a form of payment Ask you to cash a check for them or send money via wire transfer Ask you to deposit a check that overpays for something you're selling, and then send the difference elsewhere 2. Don’t provide account or personal information via email or text. Your bank will never email, or text and ask for this…

Comments Off on Phishing: What you should know!

Critical Path Security is excited to announce that our Vice-President, Virginia Kelley, will be speaking in North Georgia!

We are excited to announce Virginia Kelley will be speaking at the Professional Women Of Pickens County's event in March 2020.  The event is sponsored by one of our partners, Renesant Bank. Her presentation will explore the tactics and motivations of hackers and how to protect your organization from some of the world’s savviest cyber criminals. We encourage you to join us with your questions. Register Here!

0 Comments

Critical Windows Vulnerability Discovered by NSA – What you should know!

If you have Window 10 or Windows Server 2016/2019 installed, like most of the planet, you need to patch now!  NSA recently released a notification along with Microsoft that a critical vulnerability exists in how the mentioned platforms validate Elliptic Curve Cryptography (ECC) certificates. It was discovered by security researchers at NSA, before Microsoft learned of the vulnerability.  It is considered to have been in the wild before discovery. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and…

Comments Off on Critical Windows Vulnerability Discovered by NSA – What you should know!