Neben den Tätigkeiten, die im Rahmen von Kundenaufträgen zu verantworten sind, kümmert sich das Falcon Team um den Betrieb, die Weiterentwicklung und die Forschung zu diversen Projekten und Themen im DF/IR Bereich.
Das SECUINFRA Falcon Team ist auf die Bereiche Digital Forensics (DF) und Incident Response (IR) spezialisiert. Hierzu zählen die klassische Host-Based Forensik, aber auch Themen wie Malware Analysis oder Compromise Assessment gehören zu diesem Aufgabengebiet.
Neben den Tätigkeiten, die im Rahmen von Kundenaufträgen zu verantworten sind, kümmert sich das Falcon Team um den Betrieb, die Weiterentwicklung und die Forschung zu diversen Projekten und Themen im DF/IR Bereich. Dazu zählen beispielsweise Threat Intelligence oder die Erstellung von Erkennungsregeln auf Basis von Yara.
Digital Forensics & Incident Response experts
In addition to the activities that are the responsibility of customer orders, the Falcon team takes care of the operation, further development and research of various projects and topics in the DF/IR area.
The SECUINFRA Falcon Team is specialized in the areas of Digital Forensics (DF) and Incident Response (IR). This includes classic host-based forensics, but also topics such as malware analysis or compromise assessment.
In addition to the activities for which we are responsible within the scope of customer orders, the Falcon team is also responsible for the operation, further development and research of various projects and topics in the DF/IR area. These include, for example, threat intelligence or the creation of detection rules based on Yara.
-Edge infrastructure, such as internet-exposed firewalls, routers, VPN-Gateways etc. are a common initial access target for cybercrime and espionage actors since these appliances are challenging to defend. According to the… Weiterlesen >
-Today many businesses rely on virtualization technology to run and scale their infrastructure. One of the most popular Hypervisor systems on the market is VMware ESXi, which is regularly targeted… Weiterlesen >
-Due to recent events, the SECUINFRA Falcon Team strongly recommends updating the firmware of VPN/remote access solutions from the manufacturers SonicWall, Fortinet and Citrix. Weiterlesen >
-Compromise assessment uses forensic methods to track down attackers in the system and can thus contribute to faster detection of incidents and security incidents. But is this expensive approach also… Weiterlesen >Erschienen auf:manage IT (German)
-With the plethora of daily threats, an organization's cybersecurity teams need to be able to respond immediately and efficiently to existing threat situations. Weiterlesen >
-What can you do now to uncover existing compromises of your network in a timely manner and thus avert massive financial damage and reputational risks from your company? With a… Weiterlesen >
-Tracking down cyber attacks with hypotheses Vulnerability Management, Security Information and Event Management (SIEM) or Advanced Persistent Threat Scanner: Companies monitor their IT infrastructure with various tools and focuses. Threat… Weiterlesen >Erschienen auf:line-of-biz (German)
-The registered number of IT security incidents as a result of the rapid development of new and adapted cyber attack methods is worrying - and can sometimes have serious financial… Weiterlesen >
-We will first begin at the entry point of this RAT and analyze its executed code before we jump into all possible modules this RAT possesses. Weiterlesen >
-According to Malware Bazaar, samples have been distributed since around mid-January. The final payload is a .NET RAT, which allows the attacker to send commands to the infected system. Weiterlesen >
-How companies can raise awareness among their teams The number of cyber attacks is increasing: Companies, public authorities and municipalities are affected, but also healthcare facilities such as hospitals. In… Weiterlesen >Erschienen auf:All About Security (German)
-Hacker attack! What now? A company has been targeted by hackers, error messages are popping up, perhaps initial system parts have already been locked down and extortion messages have been… Weiterlesen >Erschienen auf:IT-Sicherheit (German)
-Help, hacker attack! When companies notice an attack, panic quickly spreads: Employees are sent home and attempts are made to limit the damage. However, the key is to remain calm… Weiterlesen >Erschienen auf:Security Insight (German)
-Keep Calm A company has been targeted by hackers, error messages are popping up, perhaps initial system parts have already been locked down and extortion messages have been sent. The… Weiterlesen >Erschienen auf:line-of.biz (German)
-This article is intended to provide a deeper insight into the important topic of reporting obligations in the event of an IT security incident. Weiterlesen >
-In order to protect one's own company against phishing, awareness must first and foremost be created among employees. This can be done through workshops, phishing simulation or company policies. Weiterlesen >
-Forensic methods Organizations face ongoing cybercrime from hackers and attackers targeting their data or money. Emails with infected attachments or links are a classic gateway. End users in particular are… Weiterlesen >Erschienen auf:it-management.today (German)
-In order to shed some light on the subject, we would like to look at a few facts and figures about ransomware as well as a typical course of attack. Weiterlesen >
-That a compromised mailbox is an extremely unpleasant situation is something everyone should be able to imagine. In a recent case we have investigated, attackers have been particularly clever. Weiterlesen >
-In this article, we will look at artifacts that should always be collected during an incident on a Windows-based system to get the best possible picture of what happened. Weiterlesen >
-Having previously made a name for itself on the criminal scene by attacking major companies such as Quanta Computer and Invernergy, REvil's latest attack on software company Kaseya and its… Weiterlesen >
-In the event of an attack, companies should take appropriate countermeasures with professional help. The tool of choice here is Digital Forensics & Incident Response (DFIR). Weiterlesen >