Isn’t there a better moment than the Holiday season to release a major update of our RDP Attack and Eavesdropping tool PyRDP? That’s right, pour yourself a little glass of eggnog, sit in a comfortable chair, put on some Christmas music and read about the PyRDP updates...
The Remote Desktop Protocol (RDP) is an increasing concern in cybersecurity. Ransomware groups are using it as a weak point to attack both the public and private sectors, generating losses of $7.5 billion in 2019. Between the first and fourth quarters of 2020, RDP...
For the fifth year, GoSecure encouraged everyone to join Hacktoberfest, an annual, month-long event that encourages contributions to open-source software. Each year, GoSecure tags several issues for collaboration and this blog post summarizes the work that was...
We have previously talked about LinkedIn having an endpoint for Outlook profile cards. This endpoint is receiving email addresses as input and returns the complete profile information (name, company, location, etc.). These sorts of APIs can be abused for OSINT. To...
When we were looking at the interactions between the Outlook and the LinkedIn APIs, we encountered WebSocket communications that used some additional encoding. The encoding was nothing too complex, but it was uncommon. It turned out to be LZip compression. However,...
When we initially released PyRDP in late 2018, we familiarized ourselves with the Remote Desktop Protocol (RDP) relatively quickly. It became clear that our initial release couldn’t tackle all the opportunities that an active on-the-wire attacker could have. During my...