This study maps the different actors involved in the supply chain behind the market for fake "likes": from botnets to reseller panels and customer-facing sellers. The findings are part of a two-year-long investigation that attempts to understand a botnet’s operations in its economic context: the industry of social media fraud. They will be presented at the Virus Bulletin conference, taking place in Montreal on October 3rd and 5th, 2018.
April 26, 2018
This blog is the outcome of my 4 months of internship at GoSecure. I will describe two internal projects that we have developed to gather all kinds of interesting and valuable data. The first project aimed at gathering data on .onion sites—known as the Darknet—while the second one focused at gathering data on sites like Pastebin, GitHub’s gists and Dumpz.
April 03, 2018
We discovered a new Web attack vector abusing the Edge Side Include (ESI) features common in caching services and product. We will explain the conditions required for exploitation along with 3 example payloads: Cookie exfiltration, SSRF and bypassing client-side XSS filtering.
March 07, 2018
A few months ago, the International Data Corporation (IDC) conducted a Technology Spotlight and Customer Spotlight about our company. The two reports reaffirm our position as a high-quality provider of managed security services, one that follows a flexible and customer-centric approach. We provide a summary of the two reports below.