Erin Wagner takes the lead of our Threat Intelligence initiatives!

Canton, GA - Critical Path Security, a leading provider of cybersecurity solutions, is thrilled to announce a significant step forward in its mission to enhance cyber threat intelligence. Erin Wagner is the new director of our Threat Intelligence Feeds hosted on GitHub. Erin, a seasoned cybersecurity expert, who continually brings a wealth of experience and a fresh perspective to our team. Her expertise in threat analysis, data security, and intelligence gathering makes her an ideal leader for this critical initiative. As the founder and original creator of Critical Path Security, I am particularly excited about this development. Erin's vision for the Threat Intelligence Feeds aligns perfectly with our core mission of providing proactive and comprehensive security solutions. A Message from Patrick Kelley: "It's an incredibly exciting time for Critical Path Security. When I started this journey, my goal was to create a platform that not only addressed immediate cyber threats…

Comments Off on Erin Wagner takes the lead of our Threat Intelligence initiatives!

Critical Path Security Opens New Office in Montgomery, Alabama!

Critical Path Security Expands with New Office in Montgomery, Alabama Critical Path Security, a leader in innovative cybersecurity solutions, is excited to announce the opening of our new office in Montgomery, Alabama. This expansion represents a significant step in our mission to provide unparalleled security services and build strong, collaborative relationships in the region. Deepening Partnerships in Alabama The establishment of our Montgomery office is a testament to our commitment to the Alabama Rural Electric Association of Cooperatives, Alabama EMCs, local governments, and utility providers. Our goal is to strengthen these partnerships, ensuring a secure and resilient digital infrastructure across Alabama. Our Vision for Montgomery Our presence in Montgomery is more than just an expansion of our physical footprint; it's an opportunity to be an integral part of the community. We are dedicated to bringing our expertise in cybersecurity to the forefront of Alabama's technological advancement. By fostering local talent…

Comments Off on Critical Path Security Opens New Office in Montgomery, Alabama!

The Risks of DCE/RPC Service Enumeration

The Distributed Computing Environment / Remote Procedure Calls (DCE/RPC) protocol was established as a method to allow distributed software to be run as if it was all working on the same system. One of the functions of DCE/RPC is service enumeration, or the ability of a client system to get information about all the services running on a server. As with most useful network tools, this ability to enumerate services on a server can provide tons of information about a server and its services to an attacker if proper restrictions are not put in place. The biggest risk of allowing DCE/RPC is information leakage. An attacker querying systems using DCE/RPC can gain vital information about the services running on the servers. This can provide the attacker with knowledge of potentially vulnerable services that can be exploited in a variety of ways. This trove of information greatly increases the attack surface…

Comments Off on The Risks of DCE/RPC Service Enumeration

Stop Sending Sensitive Data with Cleartext Protocols

Cleartext protocols, like Hyper Text Transfer Protocol (HTTP), Telnet, and File Transfer Protocol (FTP) do not use any sort of encryption to protect the data being sent over them. For the most part, this is ok, as not every web page or file that is shared needs to be protected in that manner. If you are looking at a page on Wikipedia, then it is understandable that there is no encryption on that page, as the information is readily available for everyone to look at. But logging into the admin console of your website is definitely not something you want to share with everyone else. Cleartext protocols allow threat actors to sniff network traffic and see everything in plain writing. If that network packet happens to be you logging into your web admin portal, then that means your username and password are more visible to the threat actor then they…

Comments Off on Stop Sending Sensitive Data with Cleartext Protocols