Mattias Wåhlén

Threat Intelligence Lead at Truesec Lead and further develop Truesec’s Threat Intelligence capabilities for anticipating data breaches and averting threats. Active 12 years as a senior analyst in FRA’s cyber defense operations. Has spent almost 35 years in the Swedish intelligence services, both at FRA and Swedish Defence Forces.

Posts by Mattias Wåhlén:

Origin of the Kaseya Breach

Truesec has now been able to conclusively prove that the massive ransomware attack by the REvil cybercrime syndicate was the result of a pre-authentication remote code execution zero-day.

05 Jul 2021 in Cyber Security

Are The Notorious Cyber Criminals Evil Corp actually Russian Spies?

Part 1 – The Ransomware Attack Truesec has documented how Russian ransomware gangs profit from being left alone by Russian law enforcement, but connections seem to go even deeper. Initial Attack and Takeover In October 2020, the Russian-based threat actor known as “Evil Corp” conducted a ransomware attack against a major corporation. The attack vector […]

05 May 2021 in Cyber Security

Russia is part of the Ransomware Problem

It is hard to determine who is the actual perpetrator behind cybercrime operations, with enough confidence for law enforcement to issue warrants for arrest. Even pinpointing which country the actors are operating from is hard to do with 100% certainty. At the same time, there are more than enough indices to say with relatively high […]

30 Mar 2021 in Cyber Security

Collaboration between FIN7 and the RYUK group, a Truesec Investigation

This is an analysis of part of the network of Russian organized crime hacking groups.

22 Dec 2020 in Cyber Security