Contact Sales

GoSecure Blog

Final-Connect-Image.jpg

An Introduction to Application Security

To remain in business, companies rely on perimeter security to protect, among other, their “secret sauce” recipe and the confidential information of their customers. To this end, information security vendors offer different types of defenses. The intent is commendable and the organization then feels confident, warm and cozy behind its firewall. However, there is something fishy. Businesses put up a variety of web applications on the Internet (thus accessible by everyone - including malicious actors) to offer different services. These applications can take many shapes, from transactional Web sites, to mobile applications or Web services. With them, the appropriate security question becomes: beyond securing the infrastructure, how can one defend these applications against hackers? The answer is: the proper design of the application’s source code. There you have it: application security.

Read More

Topics: appsec, process, sdlc, security

Detecting deserialization bugs with DNS exfiltration

At the moment, Java deserialization vulnerabilities are becoming well known by vendors and attackers. Nevertheless, pentesters will still encounter these types of vulnerabilities. The low-hanging fruits can be identified with the current tools. Most of the available tools rely on the command execution API. However, the command from the payload may fail because of Operating System specific conditions. Additionally, the command used might be missing or the arguments it requires may differ due to the version of the command or the flavor installed (ie: GNU netcat vs OpenBSD netcat for example).

Read More

Topics: deserialization, detection, vulnerability, web, weblogic, dns, exploit, java, jboss, jenkins

Introducing Malboxes: a Tool to Build Malware Analysis Virtual Machines

Malware analysis is like defusing bombs. The objective is to disassemble and understand a program that was built to do harm or spy on computer users (oops, this is where the bomb analogy fails, but one gets the point). That program is often obfuscated (ie: packed) to make the analysis more complex and sometimes dangerous. This blog post introduces a tool that we have built that creates Windows Virtual Machines (VMs) without any user interaction. Those VMs are preconfigured with malware analysis tools and security settings tailored for malware analysis. We will then explore how to use the tool, its architecture and where we want to take it.

Read More

Topics: malware, devops, tool, malboxes, Featured

Cisco2Checkpoint - a Cisco to Checkpoint Conversion Tool

Introduction

GoSecure has conducted several network security migration projects in the past years, gathering technical experience on top Next-Generation Firewall (NGFW) products. These projects not only required deep knowledge of two separate products (the source and the destination) but also the ability to build tools and automate tasks. Unfortunately, tools released by vendors are either limited, not flexible enough or simply hard to find.

Read More

Embedded Prank: Christmas Spirit Injection for your VoIP Phone

Christmas time is around the corner again and there's just no better time to play pranks on your coworkers, or is that April fools? Well, it doesn't matter, the point is, pranks are fun! Since we also enjoy hacking in all its forms, we decided to have some fun with embedded devices around the office, but we needed a more specific target.

Read More

BlackHat Europe 2016: Ego-Market

For those who missed it, here is the video of our BlackHat Europe 2016 presentation titled EGO-MARKET: When People's Greed for Fame Benefits Large-Scale Botnets:

Read More

Topics: malware, blackhat, conference, video, moose

Modern Static Analysis for .NET

In the past six months, we have been working on a new static analysis tool for the .NET ecosystem called Roslyn Security Guard. It is a Visual Studio extension that analyzes C# code. It was first released at Black Hat USA this year. This article will cover the latest milestone reached which brings a new taint analysis mechanism and the introduction of automated code fixes.

Read More

Topics: c#, roslyn, security, static analysis, visual studio, msbuild, .net

Exposing the EGO MARKET: the cybercrime performed by the Linux/Moose botnet

Cybercrime is an evolving phenomenon and offenders are continuously adapting to find new techniques to monetize their illicit activities. Our research paper and upcoming BlackHat Europe presentation - EGO MARKET: When People’s Greed for Fame Benefits Large-Scale Botnets - is about Linux/Moose, a botnet that conducts social media fraud. This blog post is a summary of our paper.

Read More

Topics: malware, Research, botnet, criminal market, paper, Featured

Our blog moved!

Our old blog was officially migrated into its new home in our website! Our previous blog will redirect you here automatically.

Read More