Insights

During these trying times, the path you are on is critical. Let's Illuminate it. The National Institute of Standards and Technology (NIST) offers the following in regards to cybersecurity, “To defend against cyber attacks, it is important for a defender to have timely access to relevant, actionable threat intelligence and the ability to act on that intelligence.” We couldn't agree more. Critical Path Security is now including Zeek-IDS formatted intelligence data from our "Illuminate" Threat Intelligence Network directly to your instance of Léargas within moments of observing new threats, along with the leading threat intelligence feeds in the world. No more waiting. No more wondering. With our unique approach of "following the sun", Critical Path Security correlates the events of threat actors on a global scale using our innovative Threat Intelligence Network. We provide contextual threat intelligence with indicators that include email addresses, file hashes, IP addresses, domain names, and…

Garmin, the GPS technology and wearable device manufacturer, has reportedly been hit by WastedLocker ransomware in a cyberattack that is demanding $10 million to release its data. WastedLocker, thought to be tied to the Russian cybercriminal group, Evil Corp, was identified by Malwarebytes in May of this year. As of now, Garmin is the only known victim, however, Evil Corp has a history of attacking financial institutions around the world. In this cyberattack, the event has affected consumers who use Garmin GPS technology, such as Maritime, wearable GPS, Garmin Connect app, and Aviation who use the database services. Also, all of Garmin's call centers are shutdown. As a result of this cyberattack, Garmin is reported to have shut down its website, its apps, some of its production lines, and databases including work from home (WFH) employees' computers connected through a VPN in an attempt to stop any further spread of…

Throughout the evening, Critical Path Security was made aware of an attack on high-profile users of Twitter. This attack was used to facilitate the generation and collection of BitCoin and other cryptocurrency revenue. At this time, all indications point to this attack being one of unauthorized access to an internal management toolkit. The screenshots of this toolkit are shown below. What is undetermined at this time is if an internal employee was part of this attack. The following statements were made by the criminals to the Motherboard publication. "We used a rep that literally done all the work for us," one of the sources told Motherboard. The second source added they paid the Twitter insider." What is clear is the proper security around administrative tools at Twitter was insufficient for the risk they accepted by providing a social media platform to over 330 million accounts, including most of the 10…

Léargas Security has launched its most recent upgrade of Collector, a built-in feature of its Léargas SIEM platform, designed to bring comprehensive visibility into leaked data due to the increase of businesses operating in the work from home (WFH) era. Léargas Collector employs a vast array of scrapers, bots, and crawlers. Collector currently monitors over 22,000 TOR sites, social media, IRC, forums, and paste sites and continually extracts data for further investigation. Once an artifact is initially processed, NLP deep learning algorithms work to classify text and sentiment. All of that data is correlated and delivered to the platform. An important note is the platform now records and stores portions of the artifacts collected, both on the public web and dark web that Léargas believes are relevant to our clients as well as our mission to stop violent threat actors and prevent COVID-19 crime. Due to the shortened average lifespan…