Insights

Critical Path Security is excited to support GridSecCon 2024, one of the leading conferences dedicated to strengthening cybersecurity and physical security for critical infrastructure in North America. Hosted by the Electricity Information Sharing and Analysis Center (E-ISAC), this annual event brings together industry professionals, experts, and thought leaders to share insights on protecting the grid from cyber and physical threats. What to Expect at GridSecCon 2024 GridSecCon 2024 promises to be an invaluable opportunity for attendees to learn from leading security experts and government agencies about the evolving threat landscape, best practices in critical infrastructure protection, and the latest in security technology. This year's agenda includes: Keynote presentations from industry leaders Hands-on technical training sessions Discussions on emerging threats and security challenges Networking opportunities with peers across the energy sector The event will cover a range of topics, from cybersecurity to physical security, emphasizing the need for a unified approach…

Patrick Kelley, CEO of Critical Path Security, will be a featured speaker at the 2024 MRO Security Conference, scheduled for October 1-2, 2024, in St. Paul, Minnesota. This annual event unites key experts in the energy and security sectors to discuss the pressing challenges in cybersecurity, particularly focusing on the protection of critical infrastructure. Kelley's session, "Balancing the Scales: Managing Mental Health in Cybersecurity", is set for October 1, from 3:05 p.m. to 3:50 p.m. In this presentation, Kelley will dive into the mental health struggles faced by cybersecurity professionals. Drawing from over three decades of experience, he will offer insights on managing stress, avoiding burnout, and maintaining a healthy balance in the high-stakes world of cybersecurity. The conference covers a broad range of topics, including a keynote by Bryson Bort, founder of SCYTHE and ICS Village, focusing on the future outlook for the electricity sector's security. The event will…

This past weekend marked a milestone for our Critical Path Security #30 team, as Ryan Vargas claimed his first-ever win in the Junior Category during the NASCAR GP Germany at Motorsport Arena Oschersleben. The American driver showcased impressive speed and consistency, propelling him to a P6 overall finish and securing the top spot in the Junior Trophy standings. For Ryan, the weekend was a culmination of hard work and a testament to his growing experience on the European circuit. "This weekend was a statement weekend for our CPS #30 team," Ryan said. "I knew we had an opportunity for a strong showing when we arrived in Oschersleben, as it was a track I've previously visited. For the first time all year, I was able to focus on speed and less on learning a line. We showed speed all weekend running well within the Top-10 and knocking on the door of…

SonicWall is urging administrators to apply patches for a recently discovered access control vulnerability tracked as CVE-2024-40766, which may already be exploited in the wild. The flaw, affecting SonicWall Firewall Gen 5, Gen 6, and some Gen 7 devices, poses a serious threat to network security, with a critical CVSS score of 9.3. The vulnerability was initially disclosed on August 22, 2024, and affects the SonicOS management access. However, recent updates reveal that the flaw also impacts the SSLVPN feature on these firewalls. Left unpatched, this vulnerability can allow unauthorized resource access and even crash the firewall, disabling critical network protections. Affected Products and Versions: SonicWall has released patches for the following affected products and versions: SonicWall Gen 5 running SonicOS version 5.9.2.14-12o and older - fixed in SonicOS version 5.9.2.14-13o SonicWall Gen 6 running SonicOS version 6.5.4.14-109n and older - fixed in 6.5.2.8-2n (for SM9800, NSsp 12400, NSsp 12800)…