Insights

Another week... another set of breaches.  Yesterday, Facebook released core information around removing bad actors from their network.  Today, Reddit announced that they were breached back in 2007. Tomorrow... who knows? I’ve had the fortune of working in Information Technology for over 20 years.  In that time, I’ve realized that this industry is constantly evolving. However, the recent and rapid adoption of cloud-based services has caused a disruption at a magnitude that I had not yet seen.  Unfortunately, it is also happening at a rate that isn’t properly allowing Information Security groups to properly gauge the security ramifications. When I first entered this industry, networks were far easier to secure.  We had differentiating operational goals, but what we secured were largely single, flat, and enormous networks with only a handful of entry points.  All data and assets lived within that one or two physical environments with their own dedicated controls.…

Live thread... In the coming days, we will dissect the statements made and give commentary on our own investigations. We’re still in the very early stages of our investigation and don’t have all the facts — including who may be behind this. But we are sharing what we know today given the connection between these bad actors and protests that are planned in Washington next week. We will update this post with more details when we have them, or if the facts we have change. Read Facebook's Statement

At Critical Path Security, we spend quite a bit of time performing research on threats against the public and government sectors.  Much of that research leads us to discover that missing patches and default credentials far surpass any other mechanism used to breach an environment. In a typical Penetration Testing engagement, we will compromise several assets on the network using default credentials in well under 2 minutes.  Often, this leads to a total breach of the environment. Malware can spread much faster. The attack on the Creech Air Force Base in Clark County, Nevada was another example of those attacks.  This time, the default credentials for a Netgear router (admin/password) granted access to a military network with classified information. To be more specific, the manuals and information about the airman assigned to the base’s Reaper maintenance unit were siphoned and placed on the dark web for sale. The gravity of the…

CalCPA Entertainment Conference 2018 was an amazing event, full of helpful advice regarding Alternative Investments (Cryptocurrency) and protecting from “Acts of God”. Finally, our favorite topic came up… Cybersecurity. As many great points were brought up during our panel, we thought we’d generate a quick list of tips offered to attendees. Tip #1 - You are a target of Cyber Criminals. Don't ever say "It won't happen to me". If your data is important to you, that’s all that matters. Criminals aren’t looking for a market to sell your data in. They’ll just sell access back to you through ransomware. Tip #2 - Keep software up to date Installing software updates for your operating system and programs is critical. Always install the latest security updates for your devices. Most recent operating systems and mobile devices offer free updates. If you aren’t covered by formal internal support, reach out. Tip #3…