TechTalk
Here you will find articles on the latest findings and in-depth analyses in the field of IT security, presenting both current trends and the in-depth expertise of our cyber defense experts. Immerse yourself in the world of cyber security, enrich your knowledge and stay at the forefront of technological progress.
The threat situation for companies is also becoming more complex this year. In addition to state-sponsored attacks - primarily from Russia, China and increasingly also North Korea - we are seeing more and more commercially motivated attacks that are carried out highly professionally using the CaaS model (Cybercrime as a Service). It is noticeable that the speed with which stolen data is offered for sale or exploited is constantly increasing. It is not uncommon for compromised accounts to be taken over after just a few minutes.
Phishing campaigns, which are becoming increasingly reliable thanks to the use of AI, pose a further potential threat.
Last but not least, criminals are increasingly using cross-platform malware that targets Linux and Mac OS in addition to Windows. How can companies meet these new challenges?
Ever faster and more sophisticated cyber attacks make a Security Operations Center (SOC) mandatory for every company. However, this is too much for most companies and they therefore start looking for an external partner. We explain what is important when choosing a provider and which criteria are important for small, medium-sized and large companies.
A free survival game called "PirateFi" on the Steam online game store has been distributing the information-stealing malware Vidar to unsuspecting players. Last week, Valve removed a game from its online store because users raised concerns about malware warnings from anti-virus software after launching the game.
After removing the game, the SECUINFRA Falcon team analyzed the malware and determined that the game was an attempt to trick players into installing an infodump called "Vidar". As the game advertisement contained references to cryptocurrencies and blockchain technology, we believe this was a lure specifically targeting players interested in these topics.
Phishing continues to be a major issue in IT security. Cyber criminals are increasingly using new, dynamic methods to sneak their fraudulent emails past the installed security filters unnoticed in order to deceive their victims and use them as door openers for malicious activities. In this article, you will find out more about the latest tricks and how you can protect your company even better against serious deceptive maneuvers.
Sometimes you read about cyber attacks and think that something like this couldn't happen to you - until it does. Just such a case occurred recently. The attack vividly demonstrates how social engineering works and how even a rather inexperienced attacker could cause considerable damage.
In a recent case, we tried to reconstruct the attacker's activities on an ESXi hypervisor. The logs available on the system were very limited, which made it difficult to analyze the attacker's activities. The ESXi hypervisor in particular offers detailed logs that can be used for forensic analysis if configured accordingly. The topic of forensic readiness in general was covered in a previous article, which is highly recommended reading. This article focuses on hypervisors, the risks they are exposed to and how to protect them.
Forensic readiness refers to a company's ability to carry out digital forensics efficiently. Every incident is a stressful situation for everyone involved. A high degree of maturity in forensic readiness can shorten the analysis time of incidents and increase the quality of statements about the incident.
The EU Parliament's Digital Operational Resilience Act (DORA) came into force on January 16, 2023. This regulation aims to standardize the risk management for information and communication technologies (ICT) of European financial institutions and thus strengthen the resilience of these organizations against digital threats. Financial institutions and other affected companies have until January 17, 2025 to fully implement the requirements of DORA.
In today's rapidly evolving digital world, cyber threats are becoming increasingly sophisticated. An incident response plan is no longer an option, but a fundamental necessity. Many organizations rely on Managed Security Service Providers (MSSPs) to secure their operations, but it's important to recognize that outside expertise alone is not enough to eliminate all gaps in incident response.
A cyber defense analyst plays a critical role in the field of cyber security.
They help organizations protect their digital systems and networks from cyberattacks and other security breaches.
They also help to improve security policies and procedures to prevent future attacks.
One of these specialists at SECUINFRA is Özgür Bagdemir, who joined SECUINFRA in 2022.
Özgür describes himself as a "cyber security enthusiast" and answers a few questions about his challenging job here.
Modern EDR or XDR solutions are capable of detecting suspicious behavior. The widely used Elastic solution has been integrating this feature with Elastic Defend since 2019 and offers industry-leading transparency.
Below we show how security experts work with it.
Companies and organizations operating in the critical infrastructure sector (KRITIS) are subject to special requirements. The BSI Law obliges them to regulate the protection of these critical infrastructures at IT level. SECUINFRA has produced a white paper as a guide and orientation aid to help affected companies with implementation. This guide is available here as a free download.
CYBER DEFENSE.
MADE IN GERMANY.
Our portfolio
©2025 SECUINFRA GmbH. All rights reserved.