Insights

The Mirai botnet that once only targeted home based IoT devices is now a threat to the enterprise. This new strain of the malware is targeting routers, IP cameras, and network storage devices. According to Palo Alto’s Unit 42 research, “This development indicates to us a potential shift to using Mirai to target enterprises.” The targeting of enterprise devices will allow Mirai to have larger bandwidth than it previously had before from consumer devices. This will enable it to launch more effective DDoS attacks, like the ones it became infamous for in 2016. The DDoS attacks in 2016 were so effective that at one point an estimated 25% of the Internet was disconnected and in another case the entire country of Liberia lost Internet connectivity. The original source code for Mirai was posted to GitHub and has been forked into new variants nearly 3,000 times. The evolving Mirai variants make…

This article began with ShadowHammer as the primary topic, a scathing rebuke of ASUS for their total lack of effort in securing an unnecessary utility that they install on every system they ship. However I then saw the news about OfficeDepot’s System Health Checker tool being a complete sham designed to pressure people into purchasing software and services they do not need which triggered memories of other similar betrayals. I can easily recall a dozen times “trusted third party vendors” were responsible for a breach: CCLeaner, a utility designed to improve performance, delivered malware. The malware ShadowPad was baked into popular server management tools. Saks Fifth Avenue and Lord & Taylor: 3rd party provided point of sale system. BestBuy, Sears, Kmart, Delta: customer service vendor. Corporation Service Company: unknown vendor. UnderArmour: MyFitnessPal (Acquired vulnerable environment) UMG: Cloud Storage provider. Target: HVAC contractor. Applebee’s: 3rd party provided point of sale system…

We are pleased to announce the promotion of Ender Greer to Director of Professional Services - Offensive Security. Ender has been with Critical Path Security since the beginning, during which time he has held the position Senior Security Engineer, proving himself to be a committed advocate of Information Security. Ender, a Veteran of the United States Army, came to Critical Path Security bringing with him energy, discipline, and enthusiasm that he has continued to use while leading his employees to consistently improve the delivery of security and compliance audits. His background in Information Security, Compliance, and Offensive Security gives him an overall understanding of how to improve customer satisfaction with ongoing and cutting edge engagements, and his ability to motivate his team has led to his continued success in the United States,  Canada, Mexico, Ireland and Iraq. Ender has spoken at many conferences over the years, including Advisen, where he…

Today's release started out with just a handful of new features planned, but as usual, the team just couldn't help themselves from going all in. Perhaps it was the release name that inspired them to challenge themselves; if so we will need to add more battle oriented release names to our road-map because the end result is incredible! Critical Path Security is very proud to announce the latest release of Léargas, Warrior's Code! Cloud Based Hosts - Our clients can now include their hosted Windows and Linux servers into the Léargas monitoring sphere, increasing visibility and confidence in their cloud based ecosystem's security configurations! SIP Traffic - Voice over IP isn't anything new, but many network monitoring platforms lack even basic visibility into this vast data-set. Léargas lifts the curtain on SIP Traffic giving our customers the ability to view, aggregate, monitor and alert on detailed call information. Finally a…