Are The Notorious Cyber Criminals Evil Corp actually Russian Spies?

05 May 2021 in Cyber Security

Part 1 – The Ransomware Attack Truesec has documented how Russian ransomware gangs profit from being left alone by Russian law enforcement, but connections seem to go even deeper. Initial Attack and Takeover In October 2020, the Russian-based threat actor known as “Evil Corp” conducted a ransomware attack against a major corporation. The attack vector […]

Secure your VMware ESXi hosts against ransomware in three simple steps!

13 Apr 2021 in Cyber Security

We have recently seen an increase in ransomware targeting VMware vSphere ESXi hosts and encrypting all virtual machines at once. You can secure your ESXi hosts from ransomware by following these three simple steps, using TPM, Secure Boot and the ESXi setting execInstalledOnly.

Russia is part of the Ransomware Problem

30 Mar 2021 in Cyber Security

It is hard to determine who is the actual perpetrator behind cybercrime operations, with enough confidence for law enforcement to issue warrants for arrest. Even pinpointing which country the actors are operating from is hard to do with 100% certainty. At the same time, there are more than enough indices to say with relatively high […]

Tracking Microsoft Exchange Zero-Day ProxyLogon and HAFNIUM

07 Mar 2021 in Cyber Security&Infrastructure

This post contains information and data related to an on-going investigation of Microsoft Exchange Zero-Day ProxyLogon and associated vulnerabilities actively exploited and attributed to HAFNIUM. Any changes and edits made to this blog post will be noted at the top of the post. Update list 2021-03-08 16:29 CET – Added web shell details 2021-03-09 11:20 […]

Hitta era säkerhetsbrister – Så funkar Red team i 5 steg

22 Jan 2021 in Cyber Security&Infrastructure&Secure Development

Vad är egentligen ett red team-test och varför behöver man göra det i sin organisation? Här reder vi ut begreppet red teaming – en sorts ”etisk hacking”. Målet är att identifiera en organisations sårbarheter för cyberattacker.