Fabio Viggiani

Fabio is the technical lead of Truesec Security Team. He leads advanced Incident Response missions, and has extensive experience in Red Team assignments as well as traditional penetration tests. He also works closely with Truesec Security Operations Center, focusing on Threat Hunting and detection. This gives him a strong insight in the current threat landscape and the latest attacks and detection techniques.

Posts by Fabio Viggiani:

The SolarWinds Orion SUNBURST supply-chain Attack

This is a preliminary analysis of the SolarWinds Orion supply-chain nation-state attack. This is an ongoing analysis and more information will be published when available.

17 Dec 2020 in Cyber Security

The ruthless world of cyber crime

You wake up at 17, ready to start your daily routine. You’re a criminal who works at night, robbing stores, kidnapping people, and reselling stolen jewelry. You do some research for what stores to rob, and off you go. Break into places, steal money, and sometimes you face the owner of the store you are […]

03 May 2020 in Cyber Security

Microsoft Exchange Server Remote Code Execution

Introduction On February 11th, Microsoft released a patch for Microsoft Exchange Server (all versions), addressing a serious vulnerability allowing any authenticated user to execute arbitrary commands with SYSTEM privileges. The vulnerability was given CVE number CVE-2020-0688. This is possible because all Exchange servers use the same static key to encrypt/decrypt ViewState. Attackers can specify arbitrary […]

29 Feb 2020 in Cyber Security