Open Redirect & Phishing
The purpose of this article is to highlight a basic method to bypass certain safety measures while deceiving the user. What could be better for phishing!
Cybersecurity our mindset.
Oletros is a pure player in cybersecurity, able to provide you experts.
We have designed our tools to meet the needs of our clients and our consultants. We are based in France, and we host all our data in France.
Our philosophy: Skills, Performance and Flexibility
Our offer
What we do
Consulting & Solutions to protect your assets & collaborators.
Consulting — Operations
We work in CSIRT and CERT so we know the issues and difficulties more than well. VOC has also become essential, as the multiplication of services has become a headache.
Consulting — Governance
Governance, Risk & Compliance. Knowledge of risks is essential to implementing a security policy, and we know it. And more, we all know that the NIS2 directive will be painful for many organizations.
Solution — Phishing Awareness
We have made Phishing one of our battles. Attacks are becoming more and more sophisticated, and we consider that to meet the need for prevention, we needed to create a solution that uses methods used by attackers, which we collect using threat intelligence.
Solution — EASM & DRPS
We have seen that too many companies ignore part of their exposure. Our tool not only detects exposed services, but also vectors used by attackers to test your infrastructure. All this from the outside.
Solution — Bots & Fraudsters Detect
We continually collect web information from our honeypots infrastructure and external sources. We created our own enrichment dataset allowing us to detect fraudsters and bots by their fingerprints & behaviors.
Solution — OSINT
We also use open tools and data, and we give back to the community. We share indicators of compromission found during a Threat Hunting session, for example.
Our leitmotive
Why Oletros
Consulting
Recruit
We recruit talent and not just CVs. We are looking for skills and interpersonal skills because cybersecurity is first and foremost about people.
Train
We follow the news, we stay constantly informed and we continually learn about our experiences and the best training.
Challenge
We conduct threat research to sharpen our skills on current and future issues. We like practise because: 'Don't learn to hack, Hack to learn!'
Solutions
To be confronted
Through our activities, we are faced with new issues. Sometimes we do not find satisfaction in the proposed resolution, and this is how a solution begins.
Solve
We use our skills and experience to find the best possible solution to mitigate the problem, but also detect malicious exploitation.
Automate
Automation is the accomplishment of resolution. No need to dwell on the problem anymore and we can move on to the next one!
As cybersecurity team, we follow playbooks
Step 1: Identify
Understanding your difficulties and your needs is necessary to support you as best as possible and allow you to perform in your core business.
Step 2: Mitigate
Detect business impact before it happens. Helping you with risk management in mind.
Step 3: Improve
Create documentation to anticipate. Implement rules to improve detection. Anticipate threats through threat reports.
Ready!
Problems? We are here to helpyou solve them
Find out more content in our Blog
View all posts »You will find posts regarding our activity, researches and also (bad) discoveries.
90%
APT group use spear phishing
39%
Enterprises paid the ransom
93%
Breaches involve phishing
50%
Websites with at least 1 critical vuln