We have recently seen an increase in ransomware targeting VMware vSphere ESXi hosts and encrypting all virtual machines at once. You can secure your ESXi hosts from ransomware by following these three simple steps, using TPM, Secure Boot and the ESXi setting execInstalledOnly.
It is hard to determine who is the actual perpetrator behind cybercrime operations, with enough confidence for law enforcement to issue warrants for arrest. Even pinpointing which country the actors are operating from is hard to do with 100% certainty. At the same time, there are more than enough indices to say with relatively high […]
This post contains information and data related to an on-going investigation of Microsoft Exchange Zero-Day ProxyLogon and associated vulnerabilities actively exploited and attributed to HAFNIUM. Any changes and edits made to this blog post will be noted at the top of the post. Update list 2021-03-08 16:29 CET – Added web shell details 2021-03-09 11:20 […]
Vad är egentligen ett red team-test och varför behöver man göra det i sin organisation? Här reder vi ut begreppet red teaming – en sorts ”etisk hacking”. Målet är att identifiera en organisations sårbarheter för cyberattacker.
Securing build servers and the development process as a whole is crucial to avoid becoming part of a software supply-chain attack. SUNBURST is a malware that was spread by breaching the build server for SolarWinds’ Orion product. Using threat modeling it is possible to identify mitigations to reduce the risk and improve the security of the development life-cycle.