Insights

We are excited to announce that our founder, Patrick Kelley of Critical Path Security, will be leading an insightful workshop titled "In the Trenches of Cybersecurity: A Practical Guide to Incident Response" at the upcoming Cybersecurity Risk Information Sharing Program (CRISP) event hosted by E-ISAC. This event will take place on May 14th in Chicago, IL, and promises to be a pivotal learning experience for cybersecurity professionals. About CRISP CRISP is a collaborative initiative under the stewardship of the E-ISAC and the U.S. Department of Energy. This program utilizes advanced technology coupled with deep industry expertise to deliver actionable and relevant threat intelligence in near real-time. As a public-private partnership, CRISP focuses on enhancing the cybersecurity readiness and response within the electricity sector by leveraging data collected through information sharing devices (ISDs) on participants' networks. Workshop Overview Patrick Kelley's workshop will dive deep into the practical aspects of cybersecurity incident…

Simple Network Management Protocol (SNMP) is a popular protocol used for monitoring and managing network devices. SNMP allows for the centralized monitoring and management of network devices such as routers, switches, and servers. However, the default community strings used in SNMP can pose a serious security risk. Community strings are essentially passwords that allow access to SNMP-enabled devices. The default community strings, which are often left unchanged by network administrators, are well-known and easily accessible to hackers. This makes it incredibly easy for unauthorized users to gain access to sensitive information stored on network devices. Once a hacker gains access to a device using the default community strings, they can potentially wreak havoc on a network. They can view or modify device configurations, monitor network traffic, and even launch attacks against other devices on the network. To mitigate the risks associated with default community strings, network administrators should follow best…

Recent findings from Cisco's Talos security team have unveiled a significant threat to network security through a sophisticated credential compromise campaign. As reported by ARS Technica, this extensive campaign is currently making waves across various organizational networks, focusing on VPNs, SSH, and web applications. Details of the Attack: The attackers are using a combination of generic and organization-specific usernames in their login attempts, along with nearly a hundred passwords. Over 2,000 usernames and approximately 4,000 IP addresses have been identified as part of this assault. The origins of these IP addresses trace back to TOR exit nodes and other services designed to mask user identities, such as VPN Gate and IPIDEA Proxy. Impact and Scope: According to Talos researchers, the impacts of these attacks can vary dramatically from unauthorized network access and account lockouts to potential denial-of-service conditions. This indicates an indiscriminate approach, targeting a broad spectrum of networks without…

As cybersecurity threats continue to pose significant risks to businesses and organizations, staying updated with regulatory changes is crucial. On November 1, 2023, the New York State Department of Financial Services (NYDFS) introduced amendments to its cybersecurity regulation, 23 NYCRR 500, also known as Part 500. These updates come with a structured timeline for compliance, affecting a broad spectrum of entities, including Small Businesses, Class A Companies, and Covered Entities. Here's what you need to know about the changes and how to stay compliant. Key Compliance Dates and Requirements Immediate Changes and Reporting Duties As of December 1, 2023, all entities covered by the regulation are mandated to report cyber incidents, such as ransomware attacks, to NYDFS. This new requirement underscores the need for enhanced incident response strategies and transparent communication with regulatory bodies. Upcoming Compliance Deadlines Looking ahead, a significant deadline looms on April 15, 2024. By this date,…