JMP Securities has released its eighth annual JMP Securities Elite 80 report where they highlight the most interesting and strategically positioned private companies in the Cybersecurity and IT Infrastructure industries. The Elite 80 represents not only a compendium of the technology leaders in their respective markets but the future titans of the IT infrastructure and cybersecurity markets.

GoSecure is honored to be listed for the fourth year in a row.

View Report Here

Malicious hackers are targeting Office 365 users with a spare of ‘MFA fatigue attacks’, bombarding victims with 2FA push notifications to trick them into authenticating their login attempts.

This is according to researchers from GoSecure, who have warned that there is an increase in attacks that are exploiting human behavior to gain access to devices.

Multi-factor authentication (MFA) fatigue is the name given to a technique used by adversaries to flood a user’s authentication app with push notifications in the hope they will accept and therefore enable an attacker to gain entry to an account or device.

In a blog posted earlier this week, GoSecure described the attack as “simple”, given that “it only requires the attacker to manually, or even automatically, send repeated push notifications while trying to log into the victim’s account”.

View Article Here

Researchers reported this week that they found a bug in MySQL that left AWS Web Application Firewall (WAF) customers exposed to an SQL injection.

In a blog post, GoSecure’s ethical hackers also confirmed that upon further testing, ModSecurity, a popular WAF for Apache and nginx, were also exposed to an SQL injection.

The researchers said the bug, which they trace back to a Black Hat presentation in 2013, was fixed by AWS on Oct. 1, with public disclosure coming on Wednesday.

View Article Here