Insights

Léargas Security has launched its most recent upgrade of Collector, a built-in feature of its Léargas SIEM platform, designed to bring comprehensive visibility into leaked data due to the increase of businesses operating in the work from home (WFH) era. Léargas Collector employs a vast array of scrapers, bots, and crawlers. Collector currently monitors over 22,000 TOR sites, social media, IRC, forums, and paste sites and continually extracts data for further investigation. Once an artifact is initially processed, NLP deep learning algorithms work to classify text and sentiment. All of that data is correlated and delivered to the platform. An important note is the platform now records and stores portions of the artifacts collected, both on the public web and dark web that Léargas believes are relevant to our clients as well as our mission to stop violent threat actors and prevent COVID-19 crime. Due to the shortened average lifespan…

Security researchers recently disclosed that they have discovered a handful of game-changing vulnerabilities that spell disaster for multitudes connected devices.  This past week, security company JSOF unveiled 19 CVEs – four of them critical remote code execution flaws – in a low-level networking software library that renders millions of devices vulnerable to exploitation. The researchers have labeled the set of vulnerabilities as Ripple20. The researchers have stated that the bugs will enable attackers to take control of internet-facing devices. Unfortunately, these vulnerabilities could lay dormant for years without bringing awareness to the consumer. As we've experienced with similar vulnerabilities, we expect these bugs to be leveraged in far widespread attacks, such as Mirai Botnet, or used as pivot points into corporate and home networks.  Critical Path Security and Léargas Security have partnered to deliver Suricata and Zeek detections to protect customers. Additionally, all Suricata rules will be updated and made available to…

One of the greatest challenges to organizations during the pandemic has been communications. When we send everyone home and the impromptu hallway meetings stop, what paths does information find to rebuild itself? As we've come to find, the resilience of corporate communication is akin to the flowing of a river. It will find the path of least resistance and move forward. Often, this comes in the form of email forwarding from the organization to personal email accounts. What does that mean? You likely have no idea where corporate information is ending up. Before the pandemic, Critical Path Security worked very closely with the Léargas Security team to visualize very specific information from the Azure and Office 365 platforms. In particular, email forwarding. Who's doing it? Why are they doing it? Why should you care? Your users may see this as a convenience. Unfortunately, you have no tracking capabilities of communication(s)…

Real-world practice, along with your education and certificates, is extremely important to your growth in this industry. However, many employers will ask for experience, even though it is very clear you have just completed or are continuing your education. One of the best ways to gain experience, as well as give back to your community, is to find a non-profit organization (NPO) that needs help with their internal infrastructure and security posture. Most NPOs suffer from a lack of skilled resources. Due to the financial constraints and a lack of employees, the outcome is that only so much can be done. This introduces difficulties in properly securing the NPO's assets and responding to events in a timely fashion. Compounding this unfortunate state is that a lot of charities are run by volunteers or people who are working part-time. This means NPO's have a lot of people who are coming in…