Security Blog

Phishing for COVID-19

It should come as no surprise that cybercriminals are using the COVID-19 pandemic as a phishing lure. Popular media events always result in new attacks. But with the heightened level of awareness (panic?), end-users are likely more susceptible than usual. GoSecure Inbox Detection and Response (IDR) has blocked several new variants, each with varying levels of complexity to the phishing lure but almost all looking to install a remote access trojan.

read more

PyRDP on Autopilot – Unattended Credential Harvesting and Client-Side File Stealing

When we initially released PyRDP in late 2018, we familiarized ourselves with the Remote Desktop Protocol (RDP) relatively quickly. It became clear that our initial release couldn’t tackle all the opportunities that an active on-the-wire attacker could have. During my internship, one of my goal was to implement features taking advantage of these opportunities for both offensive use cases and malware research ones.

read more

Cloudy With a Chance of Malware: Malboxes Now Deploys to AWS

A step that is surely hated in malware analysis is the repetitive task of creating a virtual machine (VM) and provisioning it with the required programs to do the job. With that in mind, Malboxes was first launched in 2017 to automate this process and therefore to save a lot of time for the malware analysts. This blog post will introduce a newly released feature of this tool that allows to run desktop versions of Windows in the Amazon Elastic Compute Cloud (EC2).

read more

Are Sextortion Spammers Making Money?

This week, our cybersecurity researcher presents the Spams meet Cryptocurrencies: Sextortion in the Bitcoin Ecosystem research results, at the Advances in Financial Technologies (AFT) academic conference in Zürich. This research, also covered by the MIT technology review, is extensive: it involves an analysis of over 4 million sextortion spams and their associated payments in the Bitcoin ecosystem, to estimate the lower-bound revenue of this new extortion scheme.

read more

FindSecBugs officially an OWASP project

Over the years, Find Security Bugs – or FindSecBugs in short – has evolved from a limited static-analysis tool to one with solid coverage of bug patterns. In this post, we will present the latest milestone from the project: arrival in the OWASP family, some figures and details regarding its new release.

read more


Pin It on Pinterest