Tracking Microsoft Exchange Zero-Day ProxyLogon and HAFNIUM

07 Mar 2021 in Cyber Security&Infrastructure

This post contains information and data related to an on-going investigation of Microsoft Exchange Zero-Day ProxyLogon and associated vulnerabilities actively exploited and attributed to HAFNIUM. Any changes and edits made to this blog post will be noted at the top of the post. Update list 2021-03-08 16:29 CET – Added web shell details 2021-03-09 11:20 […]

Hitta era säkerhetsbrister – Så funkar Red team i 5 steg

22 Jan 2021 in Cyber Security&Infrastructure&Secure Development

Vad är egentligen ett red team-test och varför behöver man göra det i sin organisation? Här reder vi ut begreppet red teaming – en sorts ”etisk hacking”. Målet är att identifiera en organisations sårbarheter för cyberattacker.

Which platform is most secure? Android or iOS?

31 Aug 2020 in Cyber Security&Infrastructure

Sometimes, things just do not work out as planned. Last week’s Truesec Tech Talk was one of those things. We are sorry that some of our viewers did experience technical difficulties connecting – and that our demos did not play accordingly. We have investigated the issues and are working closely with the platform provider to […]

ConfigMgr Patch Reporting – Challenges

30 Jul 2020 in Infrastructure

I’ve spoken all around the world about different patching challenges. Somehow even after years of patching, reporting is still a challenge. Today, I want to take a different tack, and instead of attacking the technical aspects try to explain the higher-level challenges for management. To do this we are going to approach this from two […]

Invoke-WebRequest or Invoke-RestMethod?

29 Jul 2020 in Infrastructure

So, you want to play with that shiny new ReST API you’ve discovered but in doing research on consuming ReST APIs with PowerShell you’ve discovered two different cmdlets. Which one do I use? Which one is best? These are the same questions I had about 8 months ago. Invoke-WebRequest The Invoke-WebRequest cmdlet sends HTTP, HTTPS, FTP, and […]