Insights

At Critical Path Security, giving back to the community and supporting life-changing causes is at the heart of what we do. This year, we are thrilled to sponsor the 2025 St. Baldrick's event-a remarkable initiative dedicated to funding innovative childhood cancer research. A Mission That Inspires St. Baldrick's Foundation is renowned for its unique and impactful approach to fundraising, where participants embrace the "head-shave" tradition to symbolize their commitment to the cause. Every dollar raised goes directly to pioneering research that brings hope to children and families affected by cancer. By partnering with this event, we join thousands of supporters in the fight to end childhood cancer. Our Commitment Our sponsorship represents more than financial support-it's a pledge to foster community, innovation, and resilience. At Critical Path Security, we believe that uniting our efforts can drive change and contribute to breakthroughs in childhood cancer research. We are excited to stand…

​A recent cybersecurity investigation by the Splunk Threat Research Team has uncovered a significant exploitation campaign targeting over 4,000 IP addresses associated with Internet Service Providers (ISPs) on the West Coast of the United States and in China. This campaign involves the deployment of information-stealing malware and cryptocurrency miners on compromised systems. Attack Methodology The threat actors initiated their attacks by conducting brute-force attempts to exploit weak credentials, primarily originating from IP addresses linked to Eastern Europe. Upon gaining initial access, they employed PowerShell scripts to deliver various executables designed for network scanning, data theft, and cryptocurrency mining using XMRig. Notably, before executing these payloads, the attackers disabled security features and terminated services that could detect cryptominers, aiming to evade detection. Capabilities of the Malware The deployed stealer malware possesses functionalities beyond standard data theft. It can capture screenshots and operates similarly to clipper malware by monitoring clipboard content for…

In the realm of cybersecurity, it's not just about keeping an eye on incoming traffic - we must also ensure that our network infrastructure is secure from potential threats. One such overlooked feature is the Internet Control Message Protocol (ICMP) timestamp response, which can be a significant source of vulnerabilities if left enabled.   What are ICMP Timestamp Responses? The ICMP protocol is used to send error messages or informational messages between network devices. When you enable ICMP timestamp responses in your router settings, it means that your router will periodically generate timestamps for outgoing ICMP echo requests. While this might seem like a useful feature, it actually poses several dangers: Potential Timing Attack Vulnerabilities: Timestamps can be used as part of timing attacks. Attackers can use these to determine the time difference between their network and your network, which could then be exploited in other ways such as launching…