GoSecure Blog
Merry and Secure: Unwrapping the Truth Around Malicious Hackers Activities During Holiday Season
As the Holiday season upon us, a persistent narrative echo through the corridors of cybersecurity, emphasizing the critical need for organizations to heighten their vigilance and proactively shield their digital assets. While the chorus of caution is undeniable, let’s take a moment to challenge this prevailing notion. Is the Holiday season truly a breeding ground for malicious actors, preying on potential vulnerabilities left in the wake of understaffed security teams? In this blog post, we embark on a journey to scrutinize, question, and demystify the conventional wisdom that surrounds the nexus between festive cheer and cybersecurity concerns.
From Spraying and Praying to Custom Attacks: Different Playbooks for the Different Types of Malicious Actors Targeting RDP
Characterizing attackers gets us closer to reveal who they are. Our study categorizes the behavior of Remote Desktop Protocol (RDP) attackers. Based on 3.4 million login attempts, we reveal five different clusters of brute force attacks strategies.
Enhancing Cyber Risk Dialogue: Lessons from SEC’s Recent Action
As a reaction to a number of major corporate and accounting scandals (namely Enron and WorldCom), twenty years ago the Sarbanes-Oxley Act (SOX) was enacted. The law is almost certainly present in the day-to-day professional lives of every public company CFO and CEO.
International Collaboration for Darkweb-Related Investigations
In April 2023, the most recent meeting of the United Nations Office on Drugs and Crime took place on the potential Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes. This meeting focused on international cooperation to unite countries to address the constant increase in cybercrimes worldwide. However, as exposed in the press, it is arduous to obtain the unanimous agreement of the member countries on subjects as legally and culturally complex as personal data transfer, judicial extradition, joint police investigations, access to cross-border data and special investigations techniques.
Password Managers are the panacea? Maybe not, but better than nothing
In January, we published a blog explaining why it is important to have strong passwords and provided advice to increase their robustness. Little did we know that this blog’s writing would create a commotion among the research team as different opinions on password managers emerged. Our last blog explained why password managers might not be as popular as the InfoSec community wishes. In this blog we will refute some of the arguments made, accept the limitations of password managers’ adoption, and propose strategies to address that.