Category:

Learn how to use the Microsoft 365 security stack

26 May 2020 in Cyber Security&Infrastructure

Over the last month, I have had the pleasure of delivering two new Truesec-developed courses! One focusing on Microsoft 365 Security and the other focusing on Microsoft Intune. This blog post will present these two new offerings and explain why they are more relevant than ever. I will also share my view on delivering online […]

The ruthless world of cyber crime

03 May 2020 in Cyber Security

You wake up at 17, ready to start your daily routine. You’re a criminal who works at night, robbing stores, kidnapping people, and reselling stolen jewelry. You do some research for what stores to rob, and off you go. Break into places, steal money, and sometimes you face the owner of the store you are […]

The importance of protecting your service accounts

24 Apr 2020 in Cyber Security

Service accounts have always been an attractive target for hackers and red teamers. It is commonly used to escalate privileges and getting access to sensitive data. One of the common attacks against service accounts is called “Kerberoasting”. Kerberoasting is an attack method that allows a normal domain user to get their hands on credentials for service accounts by […]

Bypassing modern XSS mitigations with code-reuse attacks

03 Apr 2020 in Cyber Security

Cross-site Scripting (XSS) has been around for almost two decades yet it is still one of the most common vulnerabilities on the web. Many second-line mechanisms have therefore evolved to mitigate the impact of the seemingly endless flow of new vulnerabilities. Quite often I meet the misconception that these second-line mechanisms can be relied upon […]

En varning till er som jobbar på distans genom mobilt bredband.

01 Apr 2020 in Cyber Security

Vi på Truesec har under en längre tid observerat problem till följd av att flera mobila bredband ger användaren en publik och ofiltrerad IP-adress. Det vill säga, en adress som är fullt exponerad mot resten av internet. Det finns ett s.k. “bakgrundsbrus” på internet. Det består av massvis med botar som kontinuerligt skannar allt dom […]