RDP Man-in-the-Middle – Smile! You’re on Camera

As part of our four-month internship at GoSecure, we chose to work on creating a Remote Desktop Protocol (RDP) honeypot. To achieve this, we used a Linux server with an RDP man-in-the-middle (MITM) program that redirects traffic to a real Windows Server. When...

Chaos: a Stolen Backdoor Rising Again

This post describes a backdoor that spawns a fully encrypted and integrity checked reverse shell that was found in our SSH honeypot, and that was presented at GoSec 2017 in Montreal. We named the backdoor ‘Chaos’, following the name the attacker gave it on the system....

Opinion: Petya, NotPetya and what’s wrong with our industry?

In the last few days, we closely followed the malicious software outbreak that took control of about 12,500 devices, mostly in Ukraine and Russia, demanding a $300 ransom from the infected device’s owner. Although this new attack is fascinating, we noticed that the...

BlackHat Europe 2016: Ego-Market

For those who missed it, here is the video of our BlackHat Europe 2016 presentation titled EGO-MARKET: When People’s Greed for Fame Benefits Large-Scale Botnets: You can access the full conference paper here.

Pin It on Pinterest