GoSecure Blog
From Spraying and Praying to Custom Attacks: Different Playbooks for the Different Types of Malicious Actors Targeting RDP
Characterizing attackers gets us closer to reveal who they are. Our study categorizes the behavior of Remote Desktop Protocol (RDP) attackers. Based on 3.4 million login attempts, we reveal five different clusters of brute force attacks strategies.
Enhancing Cyber Risk Dialogue: Lessons from SEC’s Recent Action
As a reaction to a number of major corporate and accounting scandals (namely Enron and WorldCom), twenty years ago the Sarbanes-Oxley Act (SOX) was enacted. The law is almost certainly present in the day-to-day professional lives of every public company CFO and CEO.
International Collaboration for Darkweb-Related Investigations
In April 2023, the most recent meeting of the United Nations Office on Drugs and Crime took place on the potential Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes. This meeting focused on international cooperation to unite countries to address the constant increase in cybercrimes worldwide. However, as exposed in the press, it is arduous to obtain the unanimous agreement of the member countries on subjects as legally and culturally complex as personal data transfer, judicial extradition, joint police investigations, access to cross-border data and special investigations techniques.
Password Managers are the panacea? Maybe not, but better than nothing
In January, we published a blog explaining why it is important to have strong passwords and provided advice to increase their robustness. Little did we know that this blog’s writing would create a commotion among the research team as different opinions on password managers emerged. Our last blog explained why password managers might not be as popular as the InfoSec community wishes. In this blog we will refute some of the arguments made, accept the limitations of password managers’ adoption, and propose strategies to address that.
Password Managers are the panacea? Not!
In January, we published a blog explaining why it is important to have strong passwords, and provided some advice to increase their robustness. Little did we know that this blog’s writing would create a commotion among the research team as different opinions on password managers emerged. The next two blog posts will cover password managers. The first one aims to explain why it might not be as popular as the InfoSec community wishes, while the second one attempts to nuance that anything is better than the status quo.
