Increasing amounts of breaches. Increasing amounts of threats. How are you handling it?

Another week... another set of breaches.  Yesterday, Facebook released core information around removing bad actors from their network.  Today, Reddit announced that they were breached back in 2007. Tomorrow... who knows? I’ve had the fortune of working in Information Technology for over 20 years.  In that time, I’ve realized that this industry is constantly evolving. However, the recent and rapid adoption of cloud-based services has caused a disruption at a magnitude that I had not yet seen.  Unfortunately, it is also happening at a rate that isn’t properly allowing Information Security groups to properly gauge the security ramifications. When I first entered this industry, networks were far easier to secure.  We had differentiating operational goals, but what we secured were largely single, flat, and enormous networks with only a handful of entry points.  All data and assets lived within that one or two physical environments with their own dedicated controls.…

0 Comments

Attribution is hard. Facebook releases indicators of tampering.

Live thread... In the coming days, we will dissect the statements made and give commentary on our own investigations. We’re still in the very early stages of our investigation and don’t have all the facts — including who may be behind this. But we are sharing what we know today given the connection between these bad actors and protests that are planned in Washington next week. We will update this post with more details when we have them, or if the facts we have change. Read Facebook's Statement

0 Comments

The Basics: The Drone Chronicles

At Critical Path Security, we spend quite a bit of time performing research on threats against the public and government sectors.  Much of that research leads us to discover that missing patches and default credentials far surpass any other mechanism used to breach an environment. In a typical Penetration Testing engagement, we will compromise several assets on the network using default credentials in well under 2 minutes.  Often, this leads to a total breach of the environment. Malware can spread much faster. The attack on the Creech Air Force Base in Clark County, Nevada was another example of those attacks.  This time, the default credentials for a Netgear router (admin/password) granted access to a military network with classified information. To be more specific, the manuals and information about the airman assigned to the base’s Reaper maintenance unit were siphoned and placed on the dark web for sale. The gravity of the…

0 Comments