In this post, we describe the new RDP man-in-the-middle and library project we developed and open sourced. Our MITM features a file stealer, a clipboard stealer and the ability to watch RDP sessions either live or after the fact. It is used as part of our RDP honeypot. In this post, we also describe an incident with a malicious user that infected our honeypot.
October 23, 2018
If there is one thing that all cybersecurity professionals agree on is how statistics on cybersecurity and cybercrime are misleading and unreliable. Fortunately, today, we enter a new era: Statistics Canada has just released the results of the first Canadian Survey of Cybersecurity and Cybercrime (CSoCC). The survey includes 12,597 Canadian businesses with 10 or more employees and attempts at providing a picture of the Canadian threat environment for the year 2017. We provide a summary of the main statistics in this blog, along with relevant links for anyone wishing to learn more about the survey's results.
October 04, 2018
This study maps the different actors involved in the supply chain behind the market for fake "likes": from botnets to reseller panels and customer-facing sellers. The findings are part of a two-year-long investigation that attempts to understand a botnet’s operations in its economic context: the industry of social media fraud. They will be presented at the Virus Bulletin conference, taking place in Montreal on October 3rd and 5th, 2018.
September 06, 2018
Find Security Bugs can often uncover interesting findings that may lead to the discovery of critical vulnerabilities. However, the process of using Find Security Bugs can be a little bit tedious to unseasoned Java users. Also, the process of analyzing compiled code and triaging the findings needed improvements. Here is the solution that was built to find vulnerabilities at scale.