Under attack?

Get in touch

Cybersecurity challenges

Identify Your Vulnerabilities and Risks

Develop and Manage Your IT Securely

Detect and Respond to Intrusion

Respond to and Quickly Overcome a Cyber Attack

Get Cybersecurity Advice

Essential cybersecurity capabilities

How We Help

Predict

Prevent

Detect

Respond

Recover

Our Services

Are you under attack?

Why Truesec

Who We Are

Cases

Our Experts

Careers

Knowledge and Resources

Events

Tech Talks

Trainings

Blog

News

Knowledge Hub

Main menu

Secure Development May Seem Slow but Usually Pays Off in the Long Run

Secure Development

Secure Development Might Seem Slow, But It Often Pays Off in the Long Run

Find Vulnerabilities in Your IT Infrastructure Before the Threat Actors Do

Threat Hunting

Red Teaming

Skills Needed for an Efficient Cyber Incident Response Team

Incident and Response

Introducing LAPSWebUI Enterprise

Cybersecurity

Infrastructure

Exporting Conditional Access Policies As an End User

Hacktivists Target Denmark in Simultaneous Attacks

Threat Intelligence

How To Recruit Securely In the Cyber Age

Human Threat Intelligence

With rising geopolitical tension and the heightened risk of cyberattacks, the ability to detect and mitigate potential threats is greater than ever. With organizations worldwide relying on its support, Truesec aims to stay relevant by constantly expanding its global presence and capacity to prevent cyber breaches, which the launch of the new U.S. headquarters will reflect.
<blockquote>I’m excited to announce the opening of our new headquarters in Jacksonville. By continuing to extend the best-in-class MDR service we’ve built in Scandinavia in the U.S. market, we’re combining our global service capacity with a strong local presence. says Tomas Sjöström, CEO of Truesec INC. </blockquote>
<h2>Marketing-Leading Managed Detection and Response </h2>
A key service we’ll be able to expand in the U.S. is Truesec's Managed Detection and Response (MDR) service. Its capabilities are designed to counteract every stage of a cyber attack event chain and control its entirety. That includes active 24/7 attack monitoring and remediation, proactive threat hunting, and counteractive incident response and recovery. 
<h2>Internationally Acknowledged Cybersecurity Company</h2>
Truesec has long been at the forefront of protecting organizations against cyber threats and works closely with law enforcement, the insurance sector, and security organizations worldwide. Truesec's offering includes a broad portfolio of technologically advanced cybersecurity services from a team of dedicated cybersecurity experts. 
<blockquote>There’s a need for real capacity to mitigate threats today, and that’s what we are building in this organization. The expansion into the new U.S. headquarters will help us continue to make meaningful improvements in the state of security, not just for our clients in the U.S., but everyone, says Thomas Sjöström.</blockquote>
<h3>About Truesec Group</h3>
Truesec is a global cybersecurity company with a clear purpose: Creating safety and sustainability in a digital world by preventing cyber breach and minimizing impact. Over the years, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of 300+ dedicated cyber specialists – covering the full spectrum of cybersecurity. 
<h3>For more information, contact:</h3>
Tomas Sjöström CEO Truesec Inc. +1 (904) 441-9873 <a href="mailto:tomas.sjostrom@truesec.com">tomas.sjostrom@truesec.com</a>

Truesec Opens New US Headquarters in Florida

In a time of rising geopolitical tension, the cyber threats facing German companies, organizations, and critical infrastructure have reached an all-time high. The country's strong industry and economy make it susceptible to escalating attacks with damaging consequences. Not only are the number of attacks expected to grow in numbers, but also in complexity, severity, and the societal damage they cause. As a result of the increased demand for professional security services in the region, Truesec is therefore establishing local operations in Munich, Germany. 
 – Our partners and clients have long requested Truesec's local presence in Germany and the DACH region. With our track record of assignments in the region and knowledge of the increasing cyber threats facing companies and organizations, launching local operations is a natural next step, says Anna Averud, CEO of Truesec Group. 
<h2>Truesec Incident Response in Germany </h2>
With more services to follow, Truesec is initially launching its Incident Response services to help organizations safely through a cyber attack with minimal impact and operational downtime. <a href="https://www.truesec.com/experts/markus-lassfolk" target="_blank" rel="noreferrer noopener">Markus Lassfolk</a>, Global SVP for Truesecs Incident Response unit, leads the German expansion until local management is in place. – Our goal is always to minimize downtime for clients and bring them back to operations as soon as possible. On average, it takes 23 days to restart a business after a ransomware attack. Truesec's clients are generally back in a considerably shorter time: usually, 3-5 days, says Markus Lassfolk, Global SVP of Truesec CSIRT, and adds:
<blockquote> – Combining the local presence of one of Europe's strongest Incident Response teams with our global network of cyber experts makes Truesec ideally positioned to help organizations prevent, detect, and fight cybercrime. We look forward to continuing our excellent collaboration with our regional partners and customers" </blockquote>
<h3>A Proven Record of Helping Victims Worldwide</h3>
Several of the larger Nordic companies and public sector actors affected by cyber attacks turn to Truesec, whose <a href="https://www.truesec.com/how-we-help/our-services/cyber-security-incident-response-team" target="_blank" rel="noreferrer noopener">Cybersecurity Incident Response Team </a>investigates most of the most severe incidents in Sweden and worldwide. Truesec works closely with the insurance sector, law enforcement, and security organizations worldwide and has local operations in Germany, Sweden, Denmark, Finland, and the US. 
<h3>Victim Of a Cyber Attack? </h3>
<a href="https://www.truesec.com/how-we-help/our-services/cyber-security-incident-response-team">Truesecs Incident Response Team</a> (CSIRT) is available 24/7/365 to help get businesses secured and back up and running as fast as possible. 
<h3>For more information, please contact: </h3>
Markus Lassfolk, Senior Vice President, Truesec CSIRT +46 (0)70 918 30 12 <a href="mailto:markus.lassfolk@truesec.se"> markus.lassfolk@truesec.se</a> 
 
Anna Averud, CEO, Truesec Group	 +46 (0)70 918 30 48		 <a href="mailto:anna.averud@truesec.com"> anna.averud@truesec.com</a>

Truesec Establishes in Germany to Protect Organizations Against Cybercrime

Freely translated nomination:
<blockquote>"With twenty years of experience in information and cyber security, he is often seen in the media in connection with cyberattacks, but he is also the one customers call when the worst has happened. With openness, he shares insights and knowledge about the cyber threats against Swedish companies and organizations in a clear and educational way, making Sweden safer."</blockquote>
Read more about the nomination here (in Swedish &#x1f1f8;&#x1f1ea;): <a href="https://computersweden.idg.se/2.2683/1.776832/de-kan-utses-till-arets-mest-inflytelserika-vid-tech-awards-2023">"De kan utses till årets mest inflytelserika vid Tech Awards 2023 - Computer Sweden"</a>
We are proud to have such a strong and inspiring leader among us, always striving for inclusion and sharing our insights in cyber - and on our joint mission to create a safe and sustainable future. Congratulations on the nomination Marcus!<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/Marcus-Murray-Truesec-Group-small.jpeg?w=2999&auto=compress%2Cformat&fit=crop&dm=1677759762&s=5b5bc3eb46815822fb4feb27a92d63fd" alt="Marcus Murray, founder Truesec" /></figure><h4> Marcus' Own Words About The Nomination:</h4>
<cite class="cite">18 years ago, Truesec was founded on my kitchen table in a suburb in Stockholm, Sweden. I still remember it like yesterday, I had a 2-year-old daughter, literally no money, and I had to quit my job and instead take a big credit in the bank to follow a desire to make a difference. Cybersecurity was not really a word, but I had a strong feeling it would be very important in the future, as the digitization of our society was beginning to pick up speed. Today, cybersecurity is essential to maintaining a sustainable society. Truesec has grown since then. Today I am just one of 300 specialists in a multi-national cyber security organization. Day and night we protect our society in a time of war in Europe. We engage in defending critical infrastructure against nation-state antagonists. We monitor 300.000+ systems 24/7/365. We conduct around 200 complex investigations of complex cyberattacks yearly, and bring damaged organizations back to normal. We bring security to public and private organizations and their applications, systems, networks and cloud. We provide threat intelligence and strategic capabilities to leaders, and we develop best-of-breed digital solutions to scale our capability to more regions. What makes me even more proud are ethical values of Truesec. We are a purpose-driven organization. We prevent and minimize the impact of cyber attacks. To ensure that we, for example, put purpose over profit. We believe in gender equality and that it must start from the top, our amazing CEO <a href="https://www.linkedin.com/in/ACoAAAAqs3oBcxUU_yQDAAHbX1qNH0O2vJ0weIE">Anna Averud</a> has recruited some of the most amazing female leaders into our management team, and it’s shaping our organization in amazing ways. We have a very friendly environment where we help each other and the people around us. We have an environment where you can be yourself no matter what. We have an organization where it’s ok to explore and try with the risk of failing since we know that’s how we learn and grow as individuals and as a team. We believe in collaboration with the government, partner organizations, and even competitors for the greater good. While organizations measure themselves by gross revenue and profit, we measure ourselves by the impact and outcome we bring to society. This organization is the result of each and every one in the Truesec organization. It is a true honor to be recognized together with 4 amazing individuals, Pernilla Ramslöv, Stina Ehrensvard, Deqa Abukar, and Erik Slottner. Nominating me, however, is not because of my individual accomplishments. I am only a front for each and every college working at Truesec. Colleges that impress and humble me every day with their achievements. This nomination is, in reality, yours to share! That said, thank you TechSverige, for the nomination and for appreciating all the individuals working for and with Tech in Sweden</cite>.<cite class="cite"> </cite>

Marcus Murray Top 50 Most Influential in Tech 2023

Threat Intelligence Report 2023

Amazon Cognito - A Quick Look Into Token Security

<h3>Russia Most Likely Behind the Attacks Against Sweden</h3>
Truesec’s Threat Intelligence unit has investigated the threat actor group to shed light on its activities and help identify its true motives. Although the threat actor behind the cyber attacks claims to be “Anonymous Sudan,” there are several indications that the attacks are, in fact, part of a Russian information operation. 
<h3>New Truesec Report Shows the True Motives of the Attacks</h3>
<a href="https://www.truesec.com/hub/report/anonymous-sudan-threat-intelligence-report" target="_blank" title="Original URL: https://www.truesec.com/hub/blog/what-is-anonymous-sudan Click to follow link." rel="noreferrer noopener">Truesec has released a new report</a> (published Feb. 20, 2023) that explains how the so-called "Anonymous Sudan" has nothing to do with the online activists collectively known as Anonymous. Instead, it was most likely created as part of a Russian information operation to create fear and uncertainty in Sweden to complicate Sweden’s NATO application.

"Anonymous Sudan": Most Likely Russia Attempting to Disrupt Sweden's NATO Application

Anonymous Sudan: Threat Intelligence Report

What Is Anonymous Sudan?

Increased Risk of DDoS Attacks

How To Prevent Ransomware Attackers From Taking Over Your ESXi 8.0 Hosts

Copiloting the Cyber Threat Landscape in the Travel Industry

Co-Protecting the Next Unicorns

M365 Security Boost

5 Hygiene Hacks for IT: Reduce the Risk of Ransomware

To build long-term resilience against cyber attacks, Truesec launches Attack Prediction Service, a Threat Intelligence service to extend threat monitoring beyond your perimeter into the adversary’s space.
<blockquote>"The criminal underground market for buying and selling access to organizations is rapidly growing. These access brokerages have become essential to the entire cybercriminal ecosystem. Threat groups are actively purchasing access to organizations to scale and speed up their criminal activities." says Christoffer Strömblad, Threat Intelligence Analyst at Truesec. “Today, organizations need to monitor for credential leaks or access brokers selling access to their estate of infrastructure, servers, clients, and users.”</blockquote>
<h2>Build a Strong Cyber Defence With Attack Prediction Service</h2>
The attack timeline is wider than the time from breach to incident response. Attack Prediction Service extends the Attack Prediction Service capability to the outside of your perimeter, to the adversary’s space, taking back the initiative from the attackers. 
Attack Prediction Service provides unique access to a constant stream of relevant and actionable intelligence about threat activity that will enable strategic decisions to build defensive capabilities for long-term resilience against cyber attacks. 
<h3>About Truesecs Attack Prediction Service</h3>
Truesecs APS enables the capability to:
<ul><li>Predict attacks by discovering indications that may lead to an attack, such as typo-squatted domains, newly registered certificates, or targeted attacker campaigns. </li><li>Prevent attacks by reacting when access brokers are willing to buy or sell access to accounts, systems, or entire organizations.</li><li>Discover and respond to leaked credentials.</li></ul>
Learn more about how this service can help your organization build stronger cyberdefense <a href="https://www.truesec.com/how-we-help/our-services/threat-intelligence">here</a>.

Predict Cyber Attacks With Attack Prediction Service

VMware ESXi 8.0 and execInstalledOnly - The Good, the Bad and the Ugly

Public Sector Report - November

Cracking the Chaos Ransomware Family

In a joint quest against cybercrime, Europol, the Dutch National Hi-Tech Crime Unit, and selected IT security companies have joined forces to disrupt cybercriminal businesses with ransomware connections. The global initiative No More Ransom helps ransomware victims retrieve encrypted data without paying the criminals. 
<blockquote>For every ransom paid, cybercriminal groups grow stronger. At Truesec, we have a strong track record of helping hundreds of clients recover from ransomware attacks – without having to pay a ransom. By being an active contributor to No More Ransom, we can help more victims with our technical expertise and help them minimize the damage from cyber attacks, says Markus Lassfolk Vice President of Truesec Incident Response.</blockquote>
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/Users/markus-lassfolk.jpg?w=3090&auto=compress%2Cformat&fit=crop&crop=focalpoint&fp-x=0.498&fp-y=0.458&dm=1634307693&s=bc7cb9465c84f46b3d6d2ba06fe5ec5f" alt="Markus Lassfolk, Vice President, Truesec Incident Respons" /></figure>
Markus Lassfolk, Vice President of Truesec Incident Response.
The cybersecurity company Truesec has been appointed as Associate Partner after contributing to the development of the new unique decryption tool and keys for the Chaos ransomware family, which will help thousands of victims retrieve encrypted data and valuable information. Truesec has been at the forefront of fighting cybercrime for many years and has extensive experience managing some of the most significant and complex incidents worldwide.
<blockquote>At Truesec, we know firsthand what devastating impact ransomware attacks have on organizations and critical infrastructure. We are happy to contribute to the No More Ransom initiative and welcome any collaboration that helps create safety for our societies. This is a fight we must win together, says Anna Averud, CEO of Truesec Group.</blockquote>
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/Anna-Averud-CEO-Truesec-Group.jpg?w=2000&auto=compress%2Cformat&fit=crop&dm=1670431229&s=34f79a55dd181dd1e3e5bd7435d36959" alt="Anna Averud, CEO, Truesec Group" /></figure>
Anna Averud, CEO of Truesec Group.

<h4>About No More Ransom </h4><figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/logo_no-more-ransom_Logo-full-blue.png?w=1771&auto=compress%2Cformat&fit=crop&dm=1670575566&s=c57885aced19c16b50686636b4949b77" alt="No More Ransom" /></figure>
No More Ransom, launched in July 2016, is a collaboration between Europol, the Dutch National Hi-Tech Crime Unit, and selected IT security companies, helping ransomware victims retrieve encrypted data without paying the cyber criminals.
Read more here: <a href="https://www.nomoreransom.org/">https://www.nomoreransom.org/</a>

Truesec Joins Forces With Europol To Fight Cybercrime

Swedish Energy Sector Report - October

In Times of Espionage and War – The Ethics of Security Vetting

Swedish Manufacturing Industry Report - September

How Much Money Should You Invest in Preventive Cybersecurity?

Holistic Cybersecurity – From Assessment to Strategy

Fortinet CVE-2022-40684 Vulnerability From an Incident Response Perspective

People Change Over Time − So Does the Human Threat Risk

To help strengthen Danish organizations' cyber resilience, reduce risk and limit the consequences, Truesec and WTW in Denmark have developed a new service for all insurance clients launched in 2022. WTW Cyber Defender covers the entire spectrum from prevention to insurance to crisis management.
<h3>Strengthened Cybersecurity With Truesec and WTW Cyber ​​Defender</h3>
WTW Cyber ​​Defender covers the entire spectrum from prevention to insurance to crisis management, with Truesec and WTW each contributing their unique expertise – Truesec in cybersecurity and WTW in cyber insurance. WTW Cyber ​​Defender contributes to reducing the risk of a cyber attack and limiting the consequences.
“We have combined our strengths and created WTW Cyber ​​Defender, which consists of six sub-elements, each of which helps to strengthen a company's cybersecurity. All combined, these elements provide the best prerequisite for preventing damage and avoiding loss due to data security breaches for companies in Denmark,” says Morten von Seelen, CEO ofTruesec A/S.
Read more about <a href="https://www.wtwco.com/-/media/WTW/Insights/2022/10/wtw-cyber-defender.pdf?modified=20221004092528" target="_blank" rel="noreferrer noopener">WTW Cyber Defender here.</a>
<h3>About WTW</h3>
WTW is Denmark's most prominent independent insurance adviser, with more than 35 years of experience in the Danish market. Today, it has over 400 employees in offices throughout the country.
WTW has local and global experts in cyber insurance and can tailor insurance programs for companies in all industries. WTW also provides advice and guidance in claims cases and looks after the company's interests vis-à-vis the insurance company. 

To learn how WTW Cyber ​​Defender can improve your organization’s cybersecurity, contact: <a href="mailto:cyberdefender@willistowerswatson.com">cyberdefender@willistowerswatson.com</a>.
Web: <a href="http://wtwco.com/">http://wtwco.com</a>
<h3>About Truesec</h3>
Truesec is a global cybersecurity company with a clear purpose: Creating safety and sustainability in a digital world by preventing cyber breach and minimizing impact. Over the years, Truesec has gained a strong reputation and earned the trust of organizations worldwide. Today, Truesec consists of 250+ dedicated cyber specialists covering the full spectrum of cybersecurity. <h4>Contacts</h4>
Morten von Seelen, CEO Truesec A/S: <a href="mailto:morten.von.seelen@truesec.com">morten.von.seelen@truesec.com</a>
Web: <a href="http://www.truesec.com/">www.truesec.com</a>

Reduce the Risk of Cyber Attacks With Truesec and WTW's Cyber Defender

Cyber threats continue to rise, and the demand for qualified cybersecurity expertise is greater than ever. Truesec is the market-leading cybersecurity company in Sweden, with established operations in Denmark, Finland, and the US, with more regions joining soon.
<h2>Erik Jönsson, New Managing Director for Truesec Sweden</h2>
To lead Truesec Sweden, Erik Jönsson has been recruited as Managing Director starting on October 3, 2022. Erik has extensive experience in cybersecurity and has previously worked at Trend Micro.
<blockquote>"Truesec really stands out with its strong culture and dedicated experts. I'm incredibly proud and happy to join a company that consistently and passionately works towards a common goal – to prevent cyber breach", says Erik Jönsson, Managing Director of Truesec Sweden.</blockquote>In 2018, Anna Averud took over as CEO of the cybersecurity group. She has since then, together with the leadership team, established Truesec's managed services, developed the portfolio of consulting services and increased its incident response capacity. Today, Truesec has the largest dedicated Incident Response team in the Nordics and has tripled its turnover in the last three years (in 2021, turnover was 300M SEK). To focus on her role as Group CEO, Anna Averud is handing over operational responsibility for Truesec Sweden to Erik Jönsson.
<blockquote>"Welcoming Erik to our team feels fantastic. His leadership and knowledge in the industry will strongly benefit our customers and take Truesec to the next level together with the team", says Anna Averud, CEO of Truesec Group. "Local leadership in combination with relevant services is central to Truesec Sweden, and the establishment of Truesec in new regions."</blockquote>
<blockquote>"With large investments in our range of services and solid delivery capacity, Truesec is in an attractive position to meet the market's growing need for cyber protection. In Sweden today, we are 220 employees. Within a couple of years, we will double our capacity. It's required if we're to be the number one cyber partner", says Erik Jönsson.</blockquote>
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/News/Erik-J%C3%B6nsson.jpg?w=3000&auto=compress%2Cformat&fit=crop&dm=1664982167&s=c91f3dc2f2f8717808be328049bf8685" alt="Erik Jönsson" /><figcaption>Erik Jönsson, Managing Director Truesec Sweden.</figcaption></figure>

Truesec Strengthens Its Position in Sweden

Manage and Reduce Cybersecurity Risk with NIST Cybersecurity Framework

“We are honored to be recognized as one of the world’s top managed security services providers by MSSP Alert.” says Tomas Sjöström, CEO of Truesec Inc.<blockquote>"As exciting as this recognition is for Truesec as a company, it's highly reflective of our aim to always stay at the forefront of protecting organizations against cyber threats", Thomas Sjöström says. </blockquote><h3>6th Annual List &amp; Research Identifies Leading MSSPs Worldwide </h3>
The rankings are based on MSSP Alert’s 2022 readership survey combined with the site’s editorial coverage of MSSP, MDR, and MSP security providers. The sixth-annual list and research track the MSSP market’s ongoing growth and evolution. "MSSP Alert congratulates Truesec on this year's honor. The MSSP Alert readership and Top 250 honorees continue to outpace the cybersecurity market worldwide", says Joe Panettieri, editorial director of MSSP Alert. <h4>About CyberRisk Alliance </h4>
CyberRisk Alliance (CRA) is a business intelligence company serving the high growth, rapidly evolving cybersecurity community with a diversified portfolio of services that inform, educate, build community, and inspire an efficient marketplace. <a href="https://www.cyberriskalliance.com/">Learn more</a>.

Truesec Named to MSSP Alert’s Top 250 MSSPs List for 2022

Vulnerabilities in Microsoft Exchange (CVE-2022-41040, CVE-2022-41082)

How Secure Boot Protects Your VMware ESXi Hosts Against Persistant VIB Threats VIRTUALPITA and VIRTUALPIE

Espionage in the 21st Century – How Do We Predict and Prevent This Growing Threat?

Prevent Insider Threats From Getting a Foothold With Security Vetting

Organizations today are challenged to keep up with the rapidly growing cybercrime, and Finland is no exception. To help more companies prevent cyber breaches, Truesec continues its journey in making leading cybersecurity expertise available in multiple markets.
Leading Cybersecurity Expertise in Finland and the Nordics
Backed by its financial partner, IK Partners, Truesec now expands to Finland with a handpicked Finnish team of cybersecurity specialists. Truesec Oy will offer leading cyber expertise and solutions in Finland to help organizations prevent and respond to data breaches Expanding into the Finnish market will provide organizations with local support backed by Truesec's strong Nordic presence and capacity. 
<blockquote>Now, with Truesec in Finland, and backed by a team of 250 dedicated cybersecurity experts, we’ve greatly increased our capacity to protect Finnish organizations and respond to cyber attacks. Our combined resources give us a leading edge in preventing cybercrime in Finland and globally,” says Sami Laiho, Chief Research Officer, Truesec Oy.</blockquote>
New CEO Matti Vainio will, together with his experienced team, focus on growing and steering the Finnish operations guided by Truesec's purpose: Preventing cyber breach and minimizing impact.<blockquote>I look forward to leading the expansion of our Finnish business", says Matti Vainio CEO of Truesec Oy. “Having a local team of experienced cybersecurity experts, combined with Truesec’s strong Nordic presence and capacity, gives us an advantage in the current market. In Sweden, Truesec is the first choice when it comes to cybersecurity. Our goal is to become preferred cyber partner in Finland as well.”</blockquote>
Truesec Continues To Strengthen Its Presence in Europe
Cybersecurity is essential for all organizations to protect their digital assets, maintain service availability, and ensure operations. To meet the growing demand for cybersecurity abilities, Truesec's focus in the past years has been on increasing capacity and broadening its portfolio of cybersecurity solutions. Today, the cybersecurity group is established in the Nordics, Europe, and the US, helping organizations worldwide to prevent cyber breaches.
<blockquote>Given the increased complexity and impact of cyber attacks today, there’s a growing need for cybersecurity expertise to protect businesses and our society. Establishing operations in Finland is a natural development for Truesec, and Sami and Matti’s unique expertise and experience will have great value to our customers in Finland", says Anna Averud, CEO of Truesec Group.</blockquote>

Truesec Launches in Finland With Top Cybersecurity Experts

Through the collaboration, Dustin will strengthen its "Modern Workplace" service by adding Truesec's managed security service Detect and Disarm, which actively monitors and protects customers’ IT environments by detecting and identifying threats and attacks. If any abnormal events are detected, the attackers are stopped, and the company's operations can continue without interruption.
<h3>Small and Medium Businesses Are Exposed to Cyber Threats</h3>
The number of cyber threats and data breaches has increased in recent years, and the growing security challenges are many. Not least, because many businesses are exposed to data breaches and fraud without knowing it. Small and medium-sized companies are exposed to the same risks as larger ones but often do not have the same opportunities to invest in their IT security.
<blockquote>We are very proud and happy to now be able to offer our customers increased security at an attractive price. Truesec is one of the leading security companies in the Nordics with leading expertise in cybersecurity. Together, we are now doing something wholly unique and filling a need in a way that no other actor does today”, says Rebecca Tallmark, EVP SMB Nordic, Dustin.</blockquote>
Dustin's strengthened security offer, "Modern Workplace," will be launched throughout the Nordics on September 2, 2022.
<blockquote>“We are proud and happy about Dustin's trust in choosing us as a security partner. We see an increase in inventive and brutal attacks against businesses of all sizes, and together we’ll increase cybersecurity by making our services available to more organizations. It motivates us greatly as we aim to help organizations and society prevent data breaches", says Anna Averud, CEO of Truesec Group.</blockquote>
<h4>About Dustin:</h4>
Dustin is a leading online-based IT partner in the Nordics and Benelux. They help their customers stay ahead by providing the right IT solutions for their needs, offering approximately 280,000 products with associated services to companies, the public sector, and private individuals. Dustin Group has about 2,400 employees and has been listed on Nasdaq Stockholm since 2015, with its headquarters in Nacka Strand just outside central Stockholm in Sweden.
<h4>Contact:</h4>
Karin Tränk Press &amp; PR Manager press@dustin.se +46 73 850 54 85

Truesec and Dustin Increase Security for Small and Medium-sized Businesses

The Beautiful Peruvian Jeweller That Turned Out to Be a Russian Spy

Hybrid Warfare and the Effects of Hybrid Threats on Cybersecurity

Russian Hacktivism

Stopping the Insider Threat at the Gate

Enterprises deploy Industrial IoT/OT solutions to enable data-driven automation. These solutions are at the core of a connected business; it’s the key enabler for efficient manufacturing, predictive maintenance, smart buildings, energy optimization, and many more use-cases.
Industrial IoT/OT (IIoT/OT) comprises hardware and software that monitors and controls industrial equipment, assets, processes, and events in real-time. The ecosystem of Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Distributed Control Systems (DCS), Remote Terminal Units (RTU), and Programmable Logic Controllers (PLC) are critical to ensure the operational efficiency and uptime within manufacturing and connected industries.
Industry 4.0 paves the way for more connected industries. This means more exposure of critical infrastructure to cyber threats, which in turn increases the risk of operational outages, both for enterprises and society as a whole.
The attacks on IIoT/OT environments are increasing, and we believe it will continue to be the trend for years to come, in essence, a rotation from attacking enterprise IT environments to attacking what is the backbone of industrial business operations: the OT environments.
Generally speaking, we believe that the expertise and focus on cybersecurity within IIoT/OT is not at the level it needs to be, especially not in relation to the potential impact significance of a breach.
There are a few key challenges we see that make up the cybersecurity dilemma for IIoT/OT environments:
<ul><li>Lack of monitoring and insight into industrial networks</li><li>Systems have many legacy devices running unpatched software with limited ability to be updated</li><li>Networks aren’t isolated from the enterprise IT networks</li><li>Networks aren’t properly segmented in between</li><li>Traditional IT EDR/NDR solutions don’t understand industrial protocols, limiting detection possibilities</li></ul>
Most importantly, we believe that the fear of operational outage limits the willingness to upgrade hardware/software in production environments. Hence, we’re pleased to share with you that our new service has zero performance impact on existing operational IIoT/OT environments.
Our new service, Detect and
Disarm for Industrial IoT/OT, extends our SOC with IIoT/OT-aware behavioral analytics and threat intelligence.
Through agentless NDR monitoring, we bring full visibility into assets and risks in your Industrial IoT/OT environments to enable real-time threat monitoring.
In addition to 24/7/365 managed detection of your IIoT/OT environment, we also bring insights into:
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/detect_disarm_iiot_ot_capabilities.jpg?w=1280&h=800&auto=compress%2Cformat&fit=clip&dm=1654256599&s=b6cfaa30f31a774b74adb499d0898465" alt="" /></figure>
This service is seamlessly integrated with all our existing EDR and XDR services to enable interoperability across IT-IoT-OT and a holistic detection; however, it can also be provided as a separate service in those scenarios where it’s needed.
Don’t hesitate to contact us if you want to discuss the IIoT/OT cybersecurity needs for your particular business.
<a href="https://www.truesec.com/service/detect-disarm-for-industrial-iot-ot">Click to Learn More</a>

Introducing Detect and Disarm for Industrial IoT/OT

The Importance of Detecting Cyber Threats Before Operations are Impacted

Take Immediate Action to Mitigate Cyber Incidents

The Importance of a Holistic Cybersecurity Approach

Cyber attacks are continuing to increase at a worrying pace globally; at the same time, the adoption of IoT (Internet of Things) continues to lead the way for industry digitalization and transformation. We believe that the demand for security and advisory services within the IoT domain will grow dramatically because of the need to protect critical infrastructure from breach and outage.
With the number of reported IoT vulnerabilities skyrocketing exponentially in recent years and 57% of already deployed IoT devices being vulnerable to medium- or high-severity attacks, we believe it’s time to act.
<h3>IoT Is Everywhere </h3>
IoT today is seen everywhere, in all industries, and installations are growing at an exceptionally fast pace, expected to surpass almost 20 billion connected IoT devices globally by the end of 2022, a doubling in just a few years. This means that any elevator, digital lock, industrial production line, and other critical infrastructure is already or will be exposed to the internet.
Enterprises deploy IoT solutions to understand how their products are being used and to be able to make data-driven decisions to optimize operational efficiency. While IoT can enable significant business optimization, it certainly comes with risks. IoT security is today remarkably neglected; Truesec wants to contribute to a mindset shift to bring cybersecurity to the top of the IoT and digitalization agenda.															 







<h3>Dedicated IoT Cybersecurity Unit Ready To Help</h3>
We have appointed Patrik Axelsson as CEO for Truesec IoT. He will lead the way for the
dedicated business unit that focuses exclusively on services and advisory for IoT cybersecurity.

The commitment to the mission of preventing cyber breach and minimizing impact is at the core. We provide a tailored set of services and advice to support enterprises in building secure and sustainable IoT. Whether the enterprise is new to IoT or has a fully operational global IoT deployment, we work with companies of all sizes in any industry.

Truesec Launches IoT Cybersecurity Domain

Ransomware Attacks Linked to Russian Sanctions

Spring4Shell/SpringShell Spring Remote Code Execution Vulnerability: Impact and Response

How Do Red Teams Legally Hack Into Banks?

Analysis of CaddyWiper - Wiper Targeting Ukraine

Anticipating a Russian Cyber Response to Economic Sanctions

10 Recommendations To Prepare for an Escalating Cyber Conflict

Understanding the Value and Use of Threat Profiles

FIN12/Conti Syndicate Use TeamTNT Tools in Ransomware Attacks

Increased Cyber Threat to Critical Infrastructure

A First Step Towards Building a Cyber Threat Intelligence Capability

Threat Intelligence Report 2022

Threats to the Swedish Financial Sector in 2021

Current cyber threat situation in Sweden

Cybercriminals are becoming increasingly efficient at exploiting vulnerabilities to gain access to environments, forcing organizations to assume a breach mentality going forward. The speed of the attacks, from the initial foothold to when the attackers reach their goal, has increased. In less than 24 hours after the initial breach, threat actors can obtain full administrative privileges, which means complete control over the victim's network and IT infrastructure. 
<h3>Some Key Findings in our Threat Intelligence Report:</h3>
<ul><li>Ransomware remains the most significant and serious threat to medium and large companies. The number of ransomware attacks in 2021 increased by 26% compared to 2020. </li><li>The increase in the number of cyber attacks is due to the fact threat actors are now using automated tools that enable quicker attacks. Additionally, they recruit less-skilled affiliates that need only follow ready-made instruction manuals to act.</li><li>A majority of intrusions in 2021 began with threat actors exploiting known vulnerabilities in public-facing systems. Cybercriminals can quickly leverage such exploits in mass attacks against unpatched systems. </li></ul>
<h2>Know How to Protect Your Organization in the Coming Year</h2>
In our <a href="https://www.truesec.com/hub/report/threat-intelligence-report-2022" target="_blank" rel="noreferrer noopener">Threat Intelligence Report 2022</a>, you'll find actionable insight into the current threat landscape in Scandinavia and globally and advice on how to prioritize your cybersecurity efforts in the coming year. 
Our suggested priorities and cybersecurity recommendations are based almost entirely on responding to real incidents and stopping attacks during 2021. We have delved into every one of them to fully understand the root causes, what could have prevented the breaches, and minimized the impact.

Cybercriminals Have Shifted Tactics to Increase Profit

What Do Drones Have To Do With Social Engineering and Recruited Spies?

State-Sponsored Cyber Attacks Against Ukraine

Vulnerability Analysis of CVE-2022-21907 - HTTP Protocol Stack RCE

Organizations today are challenged to keep up with the rapidly growing cybercrime, given the increased complexity and impact of cyberattacks. In addition, with an ever-evolving threat landscape, there is a growing need for cybersecurity abilities to protect businesses against data intrusion. 
To help more organizations prevent cyber breaches, Truesec's focus has been increasing capacity and broadening its portfolio of cybersecurity solutions in the past years. Backed by its new financial partner, IK Partners, Truesec now sets off in Denmark together with a handpicked Danish team of cybersecurity experts. The expansion into the Danish market will give the organizations local support backed by a strong Nordic presence. 
Truesec A/S will, through its expertise in cybersecurity, offer increased cyber resilience through threat intelligence-driven services, active IT surveillance, and incident response. Morten von Seelen and his experienced team will steer the Danish operations guided by Truesec's common purpose: Preventing cyber breach and minimizing impact. 
<blockquote>Our goal is to secure companies established in Denmark from cyberattacks and minimize impact. Having a team of experienced Danish incident responders and 24/7 monitoring in the Nordics gives us an advantage in the current market. Our team has been a part of many of the biggest incidents in the Nordics in the past years. Combined with Truesec’s total capacity, it will become a real game-changer for our customers in Denmark. Morten von Seelen, CEO of Truesec A/S.</blockquote>

Truesec Strengthens European Presence – Expands into Denmark

Log4j/Log4Shell Explained - All You Need to Know

Using a Legitimate Application to Create Persistence in Your Azure Active Directory

Log4j - How To Secure Your VMware Horizon, UAG and vCenter Servers Against the Log4Shell Vulnerability (CVE-2021-44228)

Log4Shell / Apache Log4j Injection Vulnerability CVE-2021-44228: Impact and Response

Common Active Directory Misconfiguration

This long-term partnership gives the Red Cross access to Truesec's full range of services and cybersecurity expertise. The organizations will also be collaborating on development projects, during which the Red Cross will offer Truesec its insight and know-how. 
With the ongoing digital transformation, IT and information security are becoming increasingly important for the Red Cross. The organization's ability to provide emergency assistance and disaster relief worldwide is dependent upon the robustness of its IT systems and security of its data.
“We are the world's foremost disaster organization. Our capability to provide relief in a crisis depends on our ability to communicate with each other as well as having access to the right information. As an increasingly digital organization, we need to reinforce our IT and information security. Therefore, we have chosen to enter a partnership with Truesec to develop and strengthen our cybersecurity capabilities in a structured way”, says Martin Tägtström, CIO at the Swedish Red Cross. 
The partnership is based on a mutual commitment toward a safer and more secure world. By supporting the Red Cross, Truesec is advancing its mission of a secure digital future. 
“We look forward to contributing to the Red Cross' important work. They make a true difference to so many in need, and we are grateful for their trust”, says Anna Averud, CEO of Truesec Group.

The Red Cross Calls on Truesec to Strengthen Its Security Posture

ProxyShell, QBot, and Conti Ransomware Combined in a Series of Cyber Attacks

In IK Partners we find our ideal partner to support our vision. Together, we commit to our mission, and endeavor to continuously protect organizations and society from cyber threats. 
“We firmly believe that a partnership between Truesec and IK Partners will form a solid basis for capturing value creation opportunities across several dimensions, specifically helping us to further solidify the Group’s market position in the Nordics as well as expand its presence outside current core markets.”, says Anna Averud, CEO Truesec Group.
Read our <a href="https://press.truesec.se/posts/pressreleases/truesec-announcing-a-new-financial-partner">press release</a> in our newsroom.

New Financial Partnership Announcement – Truesec and IK Partners

<h2>Highest Perceived Value in Relationship with Their Customers</h2>
The result from market research company Swedish Radar Ecosystem Specialist's report on IT security vendors (“IT-säkerhetsspecialister, tillit och varumärkeskännedom 2021”), puts Truesec as number one in perceived value in the relationship with their customers.
A total of 321 respondents (IT decision-makers) were asked the question about which suppliers transfer the highest value in relationship with their customers (i.e., perception of value in the relationship). The response was that a large majority (72%) of all respondents viewed Truesec to provide the highest value.
See below results for details (in Swedish):
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/Radar-Ecosystems-Specialists-2021-Report-Page-Emotionell-leverant%C3%B6rsutv%C3%A4rdering.PNG?w=1240&auto=compress%2Cformat&fit=crop&dm=1636025270&s=3cb23f41b50ec99a5d9f1174abe10311" alt="From Radar Ecosystem Specialists Report" /></figure>
To access the full report please visit <a href="https://radareco.se/" target="_blank" rel="noreferrer noopener">Radar Ecosystem Specialists webpage</a>.

Truesec Top-Rated by Clients in Perceived Value

Back in Business After the Largest Ransomware Attack of All Time

Swedish Red Cross on Staying Compliant Through Sensitive Data Breach

UAParser.js npm Package Supply Chain Attack: Impact and Response

Supply Chain

Kaseya Supply Chain Attack Targeting MSPs to Deliver REvil Ransomware

A Ciso's Guide to Incident Readiness

Threat Intelligence Report 2021

<h2>The jury’s motivation: </h2>
<blockquote>“In the last 12 months, we have seen both substantial growth in volume and several large well-known cases of cyber breaches and ransomware attacks. Consequently, increased security is now on everyone’s agenda and top-of-mind for far many more than before. Therefore, it feels safe to have the “Security Partner of the Year” in our corner: <a href="https://www.linkedin.com/company/truesec/">Truesec</a>!”</blockquote>
<figure><img src="https://optimise2.assets-servd.host/jealous-emu/production/MicrosoftTeams-image-18.png?w=1800&auto=compress%2Cformat&fit=crop&dm=1633331351&s=1d99d8ddc54a9901428d1b21b80e62a6" alt="Microsoft Partner of the year" /></figure>

Truesec Awarded Microsoft's "Security Partner of the Year" 2021

Test Your Company's IT Defenses: Conduct a Cyber Threat Assessment

When the Cyber Threat Comes From the Inside

Using PetitPotam to NTLM Relay to Domain Administrator

Why Safeguarding Your Digital Assets Is a Must

HiveNightmare aka SeriousSam Local Privilege Escalation in Windows - CVE-2021-36934

How the Kaseya VSA Zero-Day Exploit Worked

Origin of the Kaseya Breach

Secure Your Software Supply Chain – Trusting Third Parties

Secure Your Software Supply Chain  – Threats and Mitigations

Fix for PrintNightmare CVE-2021-34527 Exploit to Keep Your Print Servers Running While a Patch Is Not Available

Exploitable Critical RCE Vulnerability Allows Regular Users to Fully Compromise Active Directory – PrintNightmare CVE-2021-1675 and CVE-2021-34527

Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS) – ADV210003 – KB5005413 – PetitPotam

Ransomware continues to increase in both frequency and scope. <a title="https://www.willistowerswatson.com/sv-se" href="https://www.willistowerswatson.com/sv-SE" target="_blank" rel="noreferrer noopener">Willis Towers Watson</a> and Truesec have developed a joint set of guidelines outlining what companies should do to establish a good cybersecurity posture.
An increasing number of companies are suffering from cyber attacks, and recently this has led to the suspension of healthcare, and to entire communities being affected when critical infrastructure is attacked. The latest example of this is the shutdown of the Colonial fuel pipeline in the USA, which led to panic at the pumps and rising gasoline prices.
<h2>Guidelines for Establishing Good Cybersecurity</h2>
To make it easier for organizations that want to strengthen their cybersecurity, Truesec, and WTW, have developed clear guidelines that support companies in their effort to establish good cybersecurity. The guidelines are aimed at achieving a minimum basic level, where each organization can decide the next steps, based on its conditions and goals.
<blockquote>Our recommendations are based on our own experience from the countless incidents we have handled over the years. What protections must be in place to prevent or minimize the consequences of intrusion. It is important to understand that we are not talking about advanced protection here, but rather what is to be regarded as security hygiene, says Mats Hultgren, VP Cyber ​​Strategies at Truesec.</blockquote>

Cybersecurity challenges

Identify Your Vulnerabilities and Risks

Develop and Manage Your IT Securely

Detect and Respond to Intrusion

Respond to and Quickly Overcome a Cyber Attack

Get Cybersecurity Advice

How We Help

Essential cybersecurity capabilities

Our Services

Are you under attack?

Cybersecurity challenges

Identify Your Vulnerabilities and Risks

Develop and Manage Your IT Securely

Detect and Respond to Intrusion

Respond to and Quickly Overcome a Cyber Attack

Get Cybersecurity Advice

How We Help

Essential cybersecurity capabilities

Our Services

Are you under attack?

Cybersecurity Baseline Recommendations

Guidelines to Help Companies Strengthen Their Cybersecurity

Guidelines for Establishing Good Cybersecurity

Cyber Security Baseline

Stay ahead in cyber