The GoSecure Titan Labs team saw an opportunity to further explore the topic of hash capturing (which is a must in the arsenal of any offensive team). This blog will examine RDP security modes, how they work and how to put that into action to capture NetNTLMv2 hashes via the RDP protocol using PyRDP—a library created by GoSecure. This effort started with a project during the annual month-long Hacktoberfest which led to several improvements to PyRDP. Among those improvements, we made it easier for the user to capture NetNTLMv2 hashes.
Log4J 2.15 vulnerabilities are now considered high severity (9.0). See how the initial mitigations for LDAP integration could have been bypassed with a TOCTOU.
During the holiday season, it is estimated that 800M packages are shipped via USPS between Thanksgiving and Christmas. Given these types of numbers, is it any wonder why scammers want to capitalize? With so many people expecting packages, a phishing attempt could easily work against an unsuspecting victim.
In one recent campaign identified by GoSecure Email Security Analysts, GoSecure Secure Email Security blocked almost a million phishing attempts against GoSecure clients. Here are a couple examples of recent attempts and how you can spot the scams.
For the fifth year, GoSecure encouraged everyone to join Hacktoberfest, an annual, month-long event that encourages contributions to open-source software. Each year, GoSecure tags several issues for collaboration and this blog post summarizes the work that was contributed to our repositories.