GoSecure Appoints Anne-Marie Faber as Chief Marketing Officer (CMO)
GoSecure, a renowned provider of managed detection and response solutions complemented by its expert professional services, is elated to announce...
GoSecure Blog
The Challenges of Proxy Detection: Addressing Database Aging and Accuracy Issues
You would be startled by the number of studies conducted on the geography of cyber-attacks that overlook a key factor: the use of proxies. The art of hiding one’s IP address behind another one through the means of a Virtual Private Network (VPN), anonymity networks (such as TOR), or data centers, is an unsurprisingly common technique within the hacking industry. The neglect in previous cyber-geopolitical research could be explained as a misunderstanding of the concept of proxies and their effects, or also a lack of resources to identify them.
Web Browser Notification Threat More Alarming than Expected
A recent discovery by our SOC/incident response team has brought to light a concerning use of web browser notification service workers. The alarming aspect of this finding is the ability to initiate notifications, simulate user clicks, and close notifications seamlessly, all while remaining virtually undetectable to the user. This covert execution presents significant challenges in detecting and effectively mitigating such malicious activities.
Understanding the Microsoft Outage BSOD Incident: Navigating Security Challenges with GoSecure
Today, reports detailing a Blue Screen of Death (BSOD) issue impacting Microsoft systems with CrowdStrike’s Falcon sensor installed has had worldwide implications and outages. The BSOD issue arose following an update to the CrowdStrike Falcon sensor. This malfunction caused affected systems to crash, presenting a blue screen error, a situation that can disrupt business operations and compromise security by leaving systems unprotected.
Malicious Hacker’s Command Line Proficiency Level
As part of my 15-week internship within the GoSecure research team, I was given the opportunity to work on Remote Desktop Protocol (RDP) attacks. I was tasked with the codification of attackers’ behavior in RDP recorded sessions. During this part of the research, I developed an interest in the use of Command Line Interface (CLI) by attackers.
In this blog, I will present my findings concerning CLI use, what my expectations were and how my perception has changed since doing this research.
Navigating the RDP security consequences of TLS vs. NLA from a threat exposure perspective
Discover the evolving Remote Desktop Protocol (RDP) security environment through our insightful exploration of using Network Level Authentication (NLA) rather than keeping the basic Transport Layer Security (TLS) only. Join users, organizations, and researchers in navigating the dynamic cybersecurity landscape, contributing to a safer digital future.