Security Blog

Join GoSecure at Hacktoberfest 2021

For the fifth year, GoSecure is encouraging everyone to join Hacktoberfest – a month-long celebration of open-source software. GoSecure has multiple projects open to external contributions. For this event, we have tagged issues that are accessible to newcomers with the official tag [hacktoberfest].

read more

GoSecure Titan Labs Technical Report: BluStealer Malware Threat

GoSecure Titan Labs obtained a sample of the high-profile malware identified as BluStealer – that can steal credentials, passwords, credit card data, and more. The expert investigators at Titan Labs developed this detailed analysis that examines the infection vector, components, methods of exfiltration and capabilities.

This sample of an optical disc image (ISO) file (01d4b90cc7c6281941483e1cccd438b2) from GoSecure’s Inbox Detection and Response (IDR) team embedded within the ISO file is a 32-bit executable (6f7302e24899d1c05dcabbc8ec3e84d4) compiled in Visual Basic 6. The following is an in-depth analysis of the portable executable (PE).

read more

Microsoft MSHTML Remote Code Execution (CVE-2021-40444)

The experts at GoSecure Titan Labs are aware of a new 0-day Remote Code Execution (RCE) vulnerability in Microsoft Windows. Our team of investigators has identified a mitigation and remediation strategy that technology professionals can use to address this emerging challenge swiftly.

This vulnerability has been given the CVE identifier of CVE-2021-40444. This vulnerability uses specially crafted Microsoft Word documents to create an ActiveX control that will execute malicious code upon opening the document. ActiveX is a Microsoft Framework designed to allow applications to share data through web browsers. Released in 1996, it has been criticized for almost a decade. However, ActiveX remains a part of Internet Explorer for backwards compatibility.

read more

The Neverending Story: The PrintNightmare Debacle

The Story That Keeps on Giving: The PrintNightmare FiascoPrintNightmare is a set of software vulnerabilities around Windows’ Print Spooler service. It was originally disclosed in July as CVE-2021-34527 – a print spooler remote code execution – and CVE-2021-1675 – a print spooler privilege escalation.

read more

Categories

Titan Managed Detection & Response
Next-Generation Antivirus
Endpoint Detection & Response
Network Detection & Response
Inbox Detection & Response
Insider Threat Detection & Response
Managed Firewall
Managed SIEM
Vulnerability Management as a Service
GoSecure Titan
Titan Software
Email Security
Web Security
ResponderPRO Forensics Toolkit
Advisory Services
Breach Readiness Services
Cybersecurity Assessment
Incident Response & Forensics
Red & Purple Team Services
Penetration Testing Services
Privacy & Compliance Services
Security Compromise Assessment
3rd Party Technology

Pin It on Pinterest