SECUINFRA Falcon Team
Digital Forensics & Incident Response experts
The SECUINFRA Falcon Team is specialized in the areas of Digital Forensics (DF) and Incident Response (IR). This includes classic host-based forensics, but also topics such as malware analysis or compromise assessment.
In addition to the activities for which we are responsible within the scope of customer orders, the Falcon team is also responsible for the operation, further development and research of various projects and topics in the DF/IR area. These include, for example, threat intelligence or the creation of detection rules based on Yara.
According to Malware Bazaar, samples have been distributed since around mid-January. The final payload is a .NET RAT, which allows the attacker to send commands to the infected system.
This article is intended to provide a deeper insight into the important topic of reporting obligations in the event of an IT security incident.
In order to protect one's own company against phishing, awareness must first and foremost be created among employees. This can be done through workshops, phishing simulation or company policies.
BSI has set up a model that divides the procedure into 6 different phases, which is very finely granulated compared to other models.
In order to shed some light on the subject, we would like to look at a few facts and figures about ransomware as well as a typical course of attack.
That a compromised mailbox is an extremely unpleasant situation is something everyone should be able to imagine. In a recent case we have investigated, attackers have been particularly clever.
In this article, we will look at artifacts that should always be collected during an incident on a Windows-based system to get the best possible picture of what happened.
Having previously made a name for itself on the criminal scene by attacking major companies such as Quanta Computer and Invernergy, REvil's latest attack on software company Kaseya and its update service is believed to have affected several hundred companies worldwide.
In the event of an attack, companies should take appropriate countermeasures with professional help. The tool of choice here is Digital Forensics & Incident Response (DFIR).
In addition to the expected IOCs for the ProxyLogon/Hafnium vulnerability, our analysis identified one IOC of another vulnerability.
CYBER DEFENSE.
MADE IN GERMANY.
Our portfolio
©2024 SECUINFRA GmbH. All rights reserved.