Blogue GoSecure
The Challenges of Proxy Detection: Addressing Database Aging and Accuracy Issues
You would be startled by the number of studies conducted on the geography of cyber-attacks that overlook a key factor: the use of proxies. The art of hiding one’s IP address behind another one through the means of a Virtual Private Network (VPN), anonymity networks (such as TOR), or data centers, is an unsurprisingly common technique within the hacking industry. The neglect in previous cyber-geopolitical research could be explained as a misunderstanding of the concept of proxies and their effects, or also a lack of resources to identify them.
Web Browser Notification Threat More Alarming than Expected
A recent discovery by our SOC/incident response team has brought to light a concerning use of web browser notification service workers. The alarming aspect of this finding is the ability to initiate notifications, simulate user clicks, and close notifications seamlessly, all while remaining virtually undetectable to the user. This covert execution presents significant challenges in detecting and effectively mitigating such malicious activities.
Understanding the Microsoft Outage BSOD Incident: Navigating Security Challenges with GoSecure
Today, reports detailing a Blue Screen of Death (BSOD) issue impacting Microsoft systems with CrowdStrike’s Falcon sensor installed has had worldwide implications and outages. The BSOD issue arose following an update to the CrowdStrike Falcon sensor. This malfunction caused affected systems to crash, presenting a blue screen error, a situation that can disrupt business operations and compromise security by leaving systems unprotected.
Malicious Hacker’s Command Line Proficiency Level
As part of my 15-week internship within the GoSecure research team, I was given the opportunity to work on Remote Desktop Protocol (RDP) attacks. I was tasked with the codification of attackers’ behavior in RDP recorded sessions. During this part of the research, I developed an interest in the use of Command Line Interface (CLI) by attackers.
In this blog, I will present my findings concerning CLI use, what my expectations were and how my perception has changed since doing this research.
Navigating the RDP security consequences of TLS vs. NLA from a threat exposure perspective
Discover the evolving Remote Desktop Protocol (RDP) security environment through our insightful exploration of using Network Level Authentication (NLA) rather than keeping the basic Transport Layer Security (TLS) only. Join users, organizations, and researchers in navigating the dynamic cybersecurity landscape, contributing to a safer digital future.
CAS D'UTILISATION
Cyberrisques
Mesures de sécurité basées sur les risques
Sociétés de financement par capitaux propres
Prendre des décisions éclairées
Sécurité des données sensibles
Protéger les informations sensibles
Conformité en matière de cybersécurité
Respecter les obligations réglementaires
Cyberassurance
Une stratégie précieuse de gestion des risques
Rançongiciels
Combattre les rançongiciels grâce à une sécurité innovante
Attaques de type « zero-day »
Arrêter les exploits de type « zero-day » grâce à une protection avancée
Consolider, évoluer et prospérer
Prenez de l'avance et gagnez la course avec la Plateforme GoSecure TitanMC.
24/7 MXDR
Détection et réponse sur les terminaux GoSecure TitanMC (EDR)
Antivirus de nouvelle génération GoSecure TitanMC (NGAV)
Surveillance des événements liés aux informations de sécurité GoSecure TitanMC (SIEM)
Détection et réponse des boîtes de messagerie GoSecure TitanMC (IDR)
Intelligence GoSecure TitanMC
Notre SOC
Défense proactive, 24h/24, 7j/7