Digital Forensics & Incident Response experts

The SECUINFRA Falcon Team is specialized in the areas of Digital Forensics (DF) and Incident Response (IR). This includes classic host-based forensics, but also topics such as malware analysis or compromise assessment.
In addition to the activities for which we are responsible within the scope of customer orders, the Falcon team is also responsible for the operation, further development and research of various projects and topics in the DF/IR area. These include, for example, threat intelligence or the creation of detection rules based on Yara.

Edge infrastructure, such as internet-exposed firewalls, routers, VPN-Gateways etc. are a common initial access target for cybercrime and espionage actors since these appliances are challenging to defend. According to the vulnerability discovery service LeakIx as many as 30 thousand internet-exposed Cisco devices may already have been compromised...
ENISA and CERT-EU warned about malicious activities against EU governments and businesses attributed to Chinese APTs.
In this news the SECUINFRA Falcon team informs about the current Epoch4 (E4) Cluster spam campaign and the threat it poses to businesses.
Today many businesses rely on virtualization technology to run and scale their infrastructure. One of the most popular Hypervisor systems on the market is VMware ESXi, which is regularly targeted in Ransomware attacks for the last 3+ years to increase damage to the victims IT systems.
Due to recent events, the SECUINFRA Falcon Team strongly recommends updating the firmware of VPN/remote access solutions from the manufacturers SonicWall, Fortinet and Citrix.
The SECUINFRA Falcon Team analyzed a recent attack conducted by the south-Asian Advanced Persistent Threat group „Bitter“.
With the plethora of daily threats, an organization's cybersecurity teams need to be able to respond immediately and efficiently to existing threat situations.
What can you do now to uncover existing compromises of your network in a timely manner and thus avert massive financial damage and reputational risks from your company? With a Compromise Assessment (CA), an effective investigation method is available that makes hidden attack activities in your network visible.
The registered number of IT security incidents as a result of the rapid development of new and adapted cyber attack methods is worrying - and can sometimes have serious financial consequences as well as reputational damage for companies.
We will first begin at the entry point of this RAT and analyze its executed code before we jump into all possible modules this RAT possesses.
Cookie Consent with Real Cookie Banner