GoSecure Blog
6 Privacy Pitfalls for Developers to Avoid
While tech-savvy people are very concerned about privacy, knowing where to find metadata leaks can be nebulous even for developers. In this blog post, we will explore examples of unexpected user information leakage. We hope that the information shared in this blog will help developers assess and address potential privacy issues with their applications, as well as educate end-users about potential risks to their privacy that can result from information leaks.
We picked six examples based on design flaws that are often overlooked. We recognize that common vulnerabilities such as SQL injection and memory corruption often lead to confidentiality and privacy issues as well. We feel that these issues also pose a significant risk to privacy and can compromise personal data if not addressed properly.
What Does the Ukraine Invasion Mean for Cyber Warfare?
Cyber warfare is here to stay. The Russia/Ukraine conflict underscores the long-held fear that kinetic warfare can and would be combined with organized, sustained cyber warfare to be used asymmetrically against a militarized adversary and its’ country’s critical infrastructure.
Current MFA Fatigue Attack Campaign Targeting Microsoft Office 365 Users
Multi-factor Authentication or MFA (sometimes referred as 2FA) is an excellent way to protect your Office 365 accounts from attackers trying to gain access to them. As a second form of protection, along with passwords, it supplies another step in the process to verify the real identity of the user trying to log in. There are many MFA options including SMS, One Time Passwords (OTP) and push notifications from an app. And while the intent of these methods is to provide extra protection, attackers have also begun to look for ways to compromise what should be a security enhancing practice. In this case, we are examining MFA Fatigue by focusing on a current attack vector—Push Notification Spamming. We’ll describe what MFA fatigue is, how it is carried out and detail the steps for IT professionals to detect and mitigate it within their organizations.
GoSecure Titan Labs identified new threat vectors using MFA Fatigue attacks based on recent investigations. Our team has also observed a significant increase in the number of attacks performed using this technique.
Malicious Chrome Browser Extension Exposed: ChromeBack Leverages Silent Extension Loading
GoSecure Titan Labs received a malicious Chrome extension sample that we are calling ChromeBack (a4424f32a10770b7e486a38823f166ff ) from GoSecure’s Titan Managed Detection and Response (MDR) team. After creating a detection for GoSecure Titan Endpoint Detection & Response (EDR) to ensure that we can identify this threat for our clients, the GoSecure Titan Labs team is ready to spread the word and share how to address this serious issue that some users are already experiencing. The potential impact of ChromeBack is extensive, ranging from browser traffic hijacking and ad-redirection to deactivation of other extensions and even the activation of developer mode without the user’s knowledge.
How CI/CD Enabled the GoSecure Titan Platform to Respond to Log4j Vulnerabilities
Log4j was an eye opener for many here at GoSecure. Not from a technology or security perspective, we have that covered in spades; but just how quickly the GoSecure Titan team can respond and remediate a vulnerability in a dependency. We are starting to appreciate the speed CI/CD (continuous integration / continuous delivery) has brought to the normal development cycle for handling bugs and bringing new features to market.
Internally, we have been touting how great a full CI/CD pipeline is for increasing our development velocity, but no one had considered what it meant to vulnerability response times. It was an eye opener for the GoSecure Titan team, and in a good way! So, I would like to share our journey that led to this, which all culminated in a fast response to the Log4j vulnerabilities.