Insights

In a recent groundbreaking interview with WSB-TV, Rick Hudson, the Chief Technology Officer and Director of Diversity and Inclusion at Critical Path Security, shared his expert insights on the significant multi-year disruption campaign against the LockBit ransomware group. This operation, a remarkable example of international cooperation and cyber resilience, marked a crucial turning point in the fight against cybercrime. Fulton County, Georgia, finds itself under a renewed cyber threat as the notorious ransomware group LockBit has issued an ultimatum: pay a ransom by Thursday, or risk having sensitive data released on the dark web. This alarming situation unfolds despite recent efforts by a British-led law enforcement coalition, including the FBI, to disrupt the LockBit malware group. Rick Hudson, the Chief Technical Officer at Critical Path Security, offers a stark analogy to describe the resilience of such cybercriminal groups. "If you knock them down, just like the mythology of the hydra,…

Critical Path Security, known for its innovative cybersecurity solutions, is thrilled to announce the launch of Critical Path Security - Canada in partnership with Inhouse-Support. This significant expansion is located in the heart of Ottawa, Ontario at 1492A Star Top Rd, Ottawa, ON K1B 3W6. Drawing on its deep knowledge of attacker methodologies and access to the latest threat intelligence, Critical Path Security has consistently provided exceptional services aimed at preventing, assessing, responding to, and remediating cybersecurity events. This expansion is a testament to the company's ongoing commitment to providing top-notch security services and strengthening collaborative relationships. Critical Path Security - Canada will leverage the company's vast experience in monitoring and managing security technologies and endpoints for enterprise clients. The Canadian office is equipped to deliver professional security services around the clock, ensuring comprehensive support for organizations in need. Services offered by Critical Path Security include Penetration Testing, Incident Response,…

In a recent groundbreaking interview with Grace King from 11Alive/NBC News, Rick Hudson, the Chief Technology Officer of Critical Path Security, offered expert insights into the multi-year disruption campaign against the infamous LockBit ransomware group. This campaign, a testament to international cooperation and cyber resilience, marked a turning point in the ongoing battle against cybercrime. The Scope and Success of the Operation The operation, orchestrated by the FBI in collaboration with international partners, spanned 10 countries and targeted LockBit's infrastructure both in the United States and abroad. According to the FBI Cyber Deputy Assistant Director Brett Leatherman, this operation was meticulously sequenced, crippling both the front- and back-end infrastructure of the notorious group. In the U.S. alone, four servers were seized, highlighting the operation's extensive reach. Victims of LockBit: A Diverse Range The victims of LockBit's malicious activities were diverse, ranging from major corporations like Boeing, Dell - Secureworks, and…

The cybersecurity landscape has witnessed a significant escalation with the disclosure of a zero-day vulnerability impacting Microsoft Exchange servers. As per the latest report from The Shadowserver Foundation, a non-profit cybersecurity organization, an alarming number of over 28,000 internet-accessible Microsoft Exchange servers are currently at risk. This situation is further exacerbated by an additional 68,000 Exchange instances that are deemed 'possibly vulnerable.' These servers have implemented certain mitigations, yet the risk of exploitation remains. In total, we're looking at approximately 97,000 servers with potential vulnerabilities. The root of this issue lies in a privilege escalation flaw, designated as CVE-2024-21410. This flaw, which carries a severe CVSS score of 9.8, enables pass-the-hash attacks. In such attacks, an intruder can relay a user's Net-NTLMv2 hash against a vulnerable server, thereby authenticating as that user. This vulnerability is particularly concerning because Exchange Server 2019 lacked NTLM credential relay protection, also known as Extended…