GoSecure Blog
Holiday Warning: Are you Ready for Shipping Phishing Scams?
During the holiday season, it is estimated that 800M packages are shipped via USPS between Thanksgiving and Christmas. Given these types of numbers, is it any wonder why scammers want to capitalize? With so many people expecting packages, a phishing attempt could easily work against an unsuspecting victim.
In one recent campaign identified by GoSecure Email Security Analysts, GoSecure Secure Email Security blocked almost a million phishing attempts against GoSecure clients. Here are a couple examples of recent attempts and how you can spot the scams.
Another Successful Hacktoberfest: See the Results from GoSecure Collaborations
For the fifth year, GoSecure encouraged everyone to join Hacktoberfest, an annual, month-long event that encourages contributions to open-source software. Each year, GoSecure tags several issues for collaboration and this blog post summarizes the work that was contributed to our repositories.
Status on Log4j Vulnerability in the GoSecure Portfolio
Due to the severity of the Log4Shell vulnerability (CVE-2021-45046), GoSecure is making available the status of the Log4Shell vulnerability across the GoSecure portfolio.
Get the Latest from GoSecure Titan Labs on Mitigation and Remediation for the Log4Shell Vulnerability
Updated on 12/15/2021 with the latest mitigation strategies for CVE-2021-44228 and CVE-2021-45046 including Log4J 1.2 status
GoSecure has been closely monitoring the Log4Shell vulnerability since it was discovered. Not only have we been proactively hunting across GoSecure TitanTM Managed Detection & Response (MDR), but we have also helped monitor and respond with patches for our clients through GoSecure Vulnerability Management as a Service (VMaaS) and supported clients with other managed security solutions.
So far, none of our GoSecure Titan MDR customers have been impacted by Log4Shell. The GoSecure Active Response Center (ARC) remains vigilant for any signs of breaches and new MDR detections have been added to increase the visibility of known Log4Shell activity.
To increase our detection and blocking capabilities, GoSecure Titan Labs performed extensive research on the vulnerability. The results of that work can be found in this blog, including some recommended mitigation and remediation actions.
TrickBot Leverages Zoom Work from Home Interview Malspam, Heaven’s Gate and… Spamhaus?
The team of expert analysts at GoSecure Titan labs have reverse-engineered a new TrickBot cleverly hidden in a Zoom job interview email through a sample obtained from GoSecure Titan Inbox Detection and Response (IDR). The email message contained a shortcut (LNK) file entitled Interview_details.lnk and that LNK file downloads a loader which will be examined in this blog. GoSecure Titan Labs named the loader TrickGate because it uses the Heaven’s Gate technique to load TrickBot, one of the world’s most prevalent botnets.
