Hitta era säkerhetsbrister – Så funkar Red team i 5 steg

22 Jan 2021 in Cyber Security&Infrastructure&Secure Development

Vad är egentligen ett red team-test och varför behöver man göra det i sin organisation? Här reder vi ut begreppet red teaming – en sorts ”etisk hacking”. Målet är att identifiera en organisations sårbarheter för cyberattacker.

Avoiding supply-chain attacks similar to SolarWinds Orion’s (SUNBURST)

07 Jan 2021 in Cyber Security&Secure Development

Securing build servers and the development process as a whole is crucial to avoid becoming part of a software supply-chain attack. SUNBURST is a malware that was spread by breaching the build server for SolarWinds’ Orion product. Using threat modeling it is possible to identify mitigations to reduce the risk and improve the security of the development life-cycle.

Collaboration between FIN7 and the RYUK group, a Truesec Investigation

22 Dec 2020 in Cyber Security

This is an analysis of part of the network of Russian organized crime hacking groups.

The SolarWinds Orion SUNBURST supply-chain Attack

17 Dec 2020 in Cyber Security

This is a preliminary analysis of the SolarWinds Orion supply-chain nation-state attack. This is an ongoing analysis and more information will be published when available.

It’s time to stop being defensive and go on the offensive!

06 Nov 2020 in Cyber Security

Over the last few years, the battle against Ransomware has resulted in many companies and organizations investing in their backup solutions to restore their environment if it gets encrypted Unfortunately, that’s no longer enough. The threat actors modus operandi has adapted and changed to those protections, and they now also using blackmail to get more money with ransom notes exceeding USD 50M. The ransom note […]