GoSecure Blog

The Neverending Story: The PrintNightmare Debacle

The Story That Keeps on Giving: The PrintNightmare FiascoPrintNightmare is a set of software vulnerabilities around Windows’ Print Spooler service. It was originally disclosed in July as CVE-2021-34527 – a print spooler remote code execution – and CVE-2021-1675 – a print spooler privilege escalation.

read more

Is there a right time for a cybersecurity assessment?
Q&A with Eric Rochette, SVP of Global Services

Eric RochetteEric has been with GoSecure for over 15 years and has helped build the Advisory Services team in addition to creating its cybersecurity assessment methodology. In this blog, we asked Eric several questions to help provide more insights around cybersecurity assessments and when organizations should seriously consider performing one. As you will see, Eric is very passionate about the value assessments offer organizations in improving their security risk and maturity.

read more

Step-by-step how to deanonymize emails on LinkedIn

Step-by-step how to deanonymize emails on LinkedInWe have previously talked about LinkedIn having an endpoint for Outlook profile cards. This endpoint is receiving email addresses as input and returns the complete profile information (name, company, location, etc.). These sorts of APIs can be abused for OSINT.

To reproduce the set-by-step tutorial your will need an Outlook account (@hotmail.com, @live.com or outlook.com email), the latest version of ZAP and our WebSocket plugin.

read more

Aurelia Framework Insecure Default Allows XSS

Aurelia Framework Insecure Default Allows XSSAurelia is one of many JavaScript frameworks available for front-end developers. Although nowadays, it is not as popular as Angular or React, its user base is not negligible: It has more than 11,000 stars and over a hundred contributors on its GitHub page. However, if you are one of its users, you need to be aware of its insecure default HTML sanitizer: relying solely on it to filter malicious input may leave you vulnerable to Cross Site Scripting (XSS) attacks.

read more

Creating A Custom View for WebSocket in ZAP

Creating A Custom View for WebSocket in ZAPWhen we were looking at the interactions between the Outlook and the LinkedIn APIs, we encountered WebSocket communications that used some additional encoding. The encoding was nothing too complex, but it was uncommon. It turned out to be LZip compression. However, the inability to read the content of the requests with Burp, ZAP or Web developer consoles in real-time made it difficult to analyze the API.

read more

GoSecure Titan® Managed Extended Detection & Response (MXDR)​

GoSecure Titan® Managed Extended Detection & Response (MXDR)​ Foundation

GoSecure Titan® Vulnerability Management as a Service (VMaaS)

GoSecure Titan® Managed Security Information & Event Monitoring (SIEM)

GoSecure Titan® Managed Perimeter Defense​ (MPD)

GoSecure Titan® Inbox Detection and Response (IDR)

GoSecure Titan® Platform

GoSecure Professional Security Services

Incident Response Services

Security Maturity Assessment

Privacy Services

PCI DSS Services

Penetration Testing Services​

Security Operations

MicrosoftLogo

GoSecure MXDR for Microsoft

Comprehensive visibility and response within your Microsoft security environment

USE CASES

Cyber Risks

Risk-Based Security Measures

Sensitive Data Security

Safeguard sensitive information

Private Equity Firms

Make informed decisions

Cybersecurity Compliance

Fulfill regulatory obligations

Cyber Insurance

A valuable risk management strategy

Ransomware

Combat ransomware with innovative security

Zero-Day Attacks

Halt zero-day exploits with advanced protection

Consolidate, Evolve & Thrive

Get ahead and win the race with the GoSecure Titan® Platform

24/7 MXDR FOUNDATION

GoSecure Titan® Endpoint Detection and Response (EDR)

GoSecure Titan® Next Generation Antivirus (NGAV)

GoSecure Titan® Network Detection and Response (NDR)

GoSecure Titan® Inbox Detection and Reponse (IDR)

GoSecure Titan® Intelligence

ABOUT GOSECURE

GoSecure is a recognized cybersecurity leader and innovator, pioneering the integration of endpoint, network, and email threat detection into a single Managed Extended Detection and Response (MXDR) service. For over 20 years, GoSecure has been helping customers better understand their security gaps and improve their organizational risk and security maturity through MXDR and Professional Services solutions delivered by one of the most trusted and skilled teams in the industry.

EVENT CALENDAR

LATEST PRESS RELEASE

GOSECURE BLOG

SECURITY ADVISORIES

No Results Found

The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.

 24/7 Emergency – (888)-287-5858