GoSecure Blog
Deanonymizing LinkedIn Users
In this blog post, we will look at the privacy issues with some of LinkedIn’s external APIs. We will demonstrate how it is possible, with an email address, to find its associated LinkedIn profile. It is also possible from a LinkedIn profile to do the reverse path and find a person’s email address. To execute this deanonymization attack, documented features, like LinkedIn’s integration with Outlook and YahooMail, are used.
6 ways to enumerate WordPress Users
If you are testing the security of WordPress websites, you will likely have to look at the REST endpoints. By default, users can be listed with the route “/wp-json/wp/v2/users”. On the latest WordPress version, out of the box, you will get the username and the hashed email. Experienced WordPress administrators and users are aware of the potential disclosure. Therefore, we can see various tutorials online on how to hide this information. The recommended ways are either to disable the REST API completely, install a security plugin which disables the specific route or block specific request paths.
Recent Discovery of a Targeted Spear Phishing Campaign
The GoSecure Titan Inbox Detection and Response (IDR) team recently discovered yet another targeted spear-phishing campaign. The campaign targeted over 150 organizations encompassing a varying array of industries from Financial, Automotive, Technology, and Defense Contractors.
Emails Disclosure on WordPress
Password brute force is one of the common most attack on Wordpress. Only a few hours after the deployment of a new blog, we can see login attempts to /xmlrpc.php or /wp-login.php endpoints. While not being sophisticated, they remain strong attacks as they put pressure on the limited complexity passwords and potential password reuse from users. In this article, we are going to explain how the public wordpress.com REST API makes it easier for brute-force attacks on millions of WordPress instances managed by wordpress.com or private instances with the Jetpack plugin installed.
CVE-2021-3271 Pressbooks Stored Cross Site Scripting Proof of Concept
A Pressbooks stored cross site scripting vulnerability was discovered in all version ≤5.17.3. The application is vulnerable to Stored Cross-Site Scripting (XSS) injections via description body. An attacker can thus trick a user into clicking on a malicious link or preview the document that contains the JavaScript code. Once triggered, the malicious JavaScript code is fed in the victim’s browser and executed.
