GoSecure Blog
ESI Injection Part 2: Abusing specific implementations
Last year, we published a blog post about the injection of ESI tags in pages to fool the web cache proxy, and in August 2018, our colleague Louis Dion-Marcil spoke at Defcon about the discovery of the ESI Injection uncovered by the GoSecure intrusion testing team. For those interested, the presentation has been released on the Defcon YouTube channel. Defcon and Black Hat gave us an opportunity to unveil how ESI implementations can lead to session leakage through the client web browser without any malicious JavaScript.
Abusing Unsafe Defaults in Active Directory Domain Services: A Real-World Case Study
This past July, Kevin Robertson from NetSPI released a blog post entitled, “Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS,” which introduced a new technique (to us at least) targeting weak default access control in Active Directory Domain Services. At GoSecure, since most of our engagements require some level of Active Directory security assessment, we followed our interest and decided to find a way to reliably exploit it.
RDP Man-in-the-Middle – Smile! You’re on Camera
As part of our four-month internship at GoSecure, we chose to work on creating a Remote Desktop Protocol (RDP) honeypot. To achieve this, we used a Linux server with an RDP man-in-the-middle (MITM) program that redirects traffic to a real Windows Server.
Summary of Statistics Canada’s Survey on Cyber Security and Cybercrime
If there is one thing that all cyber security professionals agree on is how data and statistics on cybersecurity and cybercrime are misleading and unreliable. This is unsurprising considering that most statistics created, until now, came from the cybersecurity industry itself. By being economically motivated at selling security products, this industry has an unequivocal bias.
The Supply Chain behind the Market for Fake “Likes”
In the past years, there has been increasing awareness by the public and policy makers on the potential harm that social network manipulation can produce. Yet, most researchers have looked at the front end of the problem: developing algorithms to flag fake accounts on social networks and suspend them.
