Category:

TIBER – improving the financial stability of Sweden

08 Sep 2020 in Cyber Security

TIBER – improving the financial stability of Sweden Do you know what TIBER is? Have you read the public TIBER framework documents and feel overwhelmed? Then read on as I explain how to prepare for and implement the TIBER framework. Let’s get started with some background information about the origins of the TIBER framework. TIBER […]

Which platform is most secure? Android or iOS?

31 Aug 2020 in Cyber Security&Infrastructure

Sometimes, things just do not work out as planned. Last week’s Truesec Tech Talk was one of those things. We are sorry that some of our viewers did experience technical difficulties connecting – and that our demos did not play accordingly. We have investigated the issues and are working closely with the platform provider to […]

Förtroende är bra, kontroll är bättre!

06 Aug 2020 in Cyber Security

I vårt 10:e Techtalk talade vi om användare och mjuk säkerhet. Poängen vi lyfte fram var att människor är första delen utav försvaret, på samma sätt som att vi förväntas låsa dörren till kontoret när vi går för dagen. Efter detta följer alla de skydd som vi betraktar som faktiska säkerhetsåtgärder: larm, väktare och fönstergaller […]

Finding DNS Servers

29 Jul 2020 in Cyber Security&Infrastructure

This past month there was a RUSH to patch every single Windows based DNS server in every organization. Something quickly asked was “Did we get them all?”. For some organizations, you see the phrase “finding DNS,” and you find it crazy. However, at larger global organizations, it may be a real challenge. What do you […]

SIGRed (CVE-2020-1350) affects ALL Windows DNS Servers and leads to full domain compromise.

15 Jul 2020 in Cyber Security&Infrastructure

Yes that it is true. The high severity vulnerability identified by CVE-2020-1350, reported here, affects all versions of Windows DNS Server from 2003 to 2020 and since DNS servers are usually Domain Controllers, that results in obtaining Domain Admin privileges. SIGRed is a wormable vulnerability with a CVSSv3 score of 10.0, the highest, and triggered by […]