Services

 

©

SiteLock

Petrus Toxy Law Firm ©

Client Supra Omnes

Anno 2015

T Office

24/7/365 Highend service

Legal holistic approach The only way to achieve defensive security is through an offensive mindset and approach

T Office ©

Offensive Network Security

 

 

T Office © Services

 

Client Supra Omnes.

 

Disloyal employees, whistle-blowers and cyber criminals cause every year companies and organizations multi-billion USD loses. Many companies do not want publicly speak about weaknesses in their cyber security. Hidden statistics is high.

 

  • Disloyal employees you will find in every organization, both public-, and private.

An disloyal employee who at work e.g. surf privately on unsuitable Internet sites, steal company secrets to start a competing business or vilify her employer on the Internet, cause huge economic damages to their employers.

 

  • Especially government organizations suffer from whistle-blowers. A whistle-blower can alone cause fatal injury to an entire country. See for example the case Mordechai Vanunu. See FAQ.

 

When it comes to whistle-blowers T Office © works according to the core in Jewish law. It means that T Office © share the view that employees shall in first place be loyal to their employers. Not to their trade union, not to a 3rd part etc etc.

With some exceptions. See FAQ.

 

  • Companies which particularly are vulnerable to cyber criminals are:

banks, creditcard companies, bookmakers and R & D - research and development companies.

Where big money flows, there you find criminals.

 

  • During the last 15 years terrorist organizations have moved online. Already in 90's Al Qaida found their way to Internet. Today terrorist organizations as Daesh (Islamic State) has their own cyber terror "departments". These "departments" are not only located in Middle East. You find offspring around the world incl. in EU and US.

Particularly vulnerable to cyber terrorism is state and local government organizations as well as international companies.

 

  • During last years a new cyber threat has arrived - trade unions and left-wing extremism.

E g of this new cyber threath is the Swedish bakery Paus in Stockholm. They have experienced cyber criminality. This happened during a trade union blockade.

The company's Internet pages was hacked and shut down. Their Facebook account was hijacked etc. The police was and are powerless, lacking of will, lacking of IT knowledge and resources.

 

 

Petrus Toxy Law Firm auxiliary company T Office © combat problems, before problems become problems. T Office counter-act without public light.

 

 

T Office © map out, track down and point out the security risks in your organization.

Petrus Toxy Law Firm ensures dismissals of the safety risks.

 

  • I has been active in Ethical hacking (EH) and computer security since 1985.

 

  • I was the first in Sweden to virtual map the Swedish right-wing extremism and their contacts within and outside Sweden. I did it in six (6) months in a time when Google didn't exist, Floppy disk was state of the art and Internet was a sinkhole of information.

My work was requisitioned by a Swedish intelligence unit. The Intelligence unit manager felt that my work saved the unit one (1) year of work.

 

  • I'm University educated Historian. My speciality is extremism and terrorism.

 

  • I have at college and Universities studied and will continue to study: Law, Artificial Intelligence and Computer Science.

My personal interests beside law and mapping undemocratic groups, are cryptography, mathematics and theoretical physics.

 

  • I have since 90's been active in different parts of defense forces and in the Security Industry.

 

  • Associate of (ISC) ².

For us self-taught, Associate of (ISC)² is the entrance to the CISSP and CCFP.

 

 

It takes creativity, holistic approach and analytical skills to succeed in ICT Forensics.

 

 

24/7 - service.

As my client, you reach T Office 24/7/365. This is done via a private client number.

 

Within ICT Forensics, ICT Security and IT law, I take assignments worldwide.

 

 

 

ICT Forensics.

 

  • ICT Forensics. The technical aspect of an ICT Forensic investigation is divided into several parts: forensic analysis of computers, forensic data analysis, forensic analysis of mobile devices, forensic analysis of networks. Each part is divided into several sub-parts. E g forensic analysis of computers are diveded into preservation, identification, extraction, documentation and interpretation of computer data. Forensics process involves the seizure of data and / or digital media, forensic imaging of the seizured data, analysis of the seized data, and written reports of collected evidence, which is forwarded to the customer and / or law enforcement authorities for further action.

 

T Office are active in all these parts of ICT forensics. During the years T Office speciality have become Memory forensics. The main reason is my (Petrus Toxy) personal interest in malware programming since 80's.

 

Memory Forensics is arguably the most fruitful, interesting, and provocative realm of digital forensics. Each function performed by an operating system (OS) or application (app) results in specific modifications to the computer’s memory (RAM), which can often persist a long time after the action, essentially preserving them.

Additionally, memory forensics provides unprecedented visibility into the runtime state of the system, such as which processes were running, open network connections, and recently executed commands.

You can extract these artifacts in a manner that is completely independent of the system you are investigating, reducing the chance that malware or rootkits can interfere with your results. Critical data often exists exclusively in memory, such as disk encryption keys, memory-resident injected code fragments, off-the-record chat messages, unencrypted e-mail messages, and non-cacheable Internet history records.

 

 

  • Preliminary investigation.

 

T Office has take the traditional ICT Forensics to next level.

T Office offers preliminary investigations to law firms.

T Office collects digital evidens, find perpetrators and witnesses, and create animations of crime scenes. This is a more advance work than e g Police do.

Which give the defense a stronger plattform defend their client. In this work the key factors are T Office strong knowledge from the Security Industry and the long time knowledge about Offensive Network Security.You find more information here. The side is in Swedish.

 

 

ICT Security.

 

  • A.I. Software.

 

  • Asset Security.

 

  • Bug bounty.

 

  • Communications and Network Security.

 

  • Counter Surveillance.

 

  • Cracking. A method with the intent of the computer system to access data, software, and / or processing power. In the 80's cracking was e.g. to break into commercial computer games. Today cracking have a broader sense.

 

  • Crisis Management.

 

  • Cryptology.

 

  • Cyber Security.

 

  • Data mining.

 

  • E-mail monitoring.

 

  • Ethical hacking.

 

  • Forecasting.

 

  • Hardening.

 

  • Homepage monitoring. T Office © use custom made software.

 

  • Identity. T Office © map out identities and links between identities.

 

  • Identity and Access Management.

 

  • Individual based research.

 

  • Linquistics.

 

  • Machine Learning - A.I. Software.

 

  • Malware. A collective term for unwanted software or parts of software that has been developed in order to disrupt IT systems and / or to gather information.

 

Ex. of malware is: worms, viruses, Trojans, adware, spyware and keyloggers.

There are malware that can be multiple-in-one, so called blended.

 

Today you can let private companies custom make malware to you.

T Office © is one of these private security companies.

 

T Office © do reverse engineering and have an own lab. The foundations to what today is T Office © Official Lab was layed 1994 during my economical studies.

 

  • Organizational based research.

 

  • Penetration test a k a Pentest. Organizations are exposed to various types of security threats and need to counter-act unauthorized access to the organization, exposure of sensitive data, data corruption, data fraud and more.

The goal with a pentest is to look for security weaknesses in an organization, and access to the computer's functions and data, before bad guys do it.

 

What does a Pentest Operator do:

 

  • Seek and find an exploitable vulnerability;
  • Design an attack around the vulnerability;
  • Test the attack;
  • Seize a line in use;
  • Enter the attack;
  • Exploit the entry for information recovery.

 

The Pentest goals are:

 

  1. Determine feasibility of a particular set of attack vectors;
  2. Identify high-risk vulnerabilities from lower-risk vulnerabilities, exploited in a particular sequence;
  3. Identify vulnerabilities that may be difficult and / or impossible to detect with automated network and / or application vulnerability scanning software;
  4. Assess the magnitude of potential business and operational impacts of successful attacks;
  5. Test the ability of network defenders to detect and respond to attacks;
  6. Provide evidence to support increased investments in security personnel and technology.

 

  • T Office © pentest service include:

• Investigation and identification of Zero Day Attacks in the Operating System (Windows, Linux, *nix);

• Modbus, OPC protocol eavesdropping using TAP or IP networks (ARP Poisoning Eth Bridging);

• Reverse Engineering of existing threats, research and analysis of threat behavior;

• Writing custom made malware that are not identified by AV;

• Identification of malwares in cellular phones and in the network;

• ICT Forensics. Testing and analysis of work stations and servers, testing of protection and monitoring systems, testing of log files and event analysis of access and data theft;

• and more

 

  • T Office © have experiens since three decades of following pentest:

 

• Application tests to the Internet sites of the organization, including, Intranet, Company portal for service providers, and more.

• Communication tests for prevention of access via communication channels to the internet.

• Access to the network via custom made malware such as Trojan horse.

• Access via telephone.

• Eavesdropping on wireless networks.

• Examination of hostile take-over via long-distance work-stations (RAS, Citrix, VPN, Terminal).

• Periodic and permanent monitoring and scanning for alterations in the organization's exposure to the internet.

• Collection of intelligence on internet driven attacks.

.

 

 

  • Predictive analysis.

 

 

  • Red Cell. Red Cell is originally a US military term.

Red Cell is not the same as Red Team.

 

Red Cell is an organized mission to physical and / or virtual infiltrate and test an organization security.

It can be for example test the customers physical security and alertness.

The Red Cell will infiltrate the customers organization with different methods.

The Red Cell can for example have as a goal to get industry secrets deep inside the customers organization, or plant symbolic bugs, or do symbolic sabotage etc., to demonstrate how vulnerable the organization is. After the operation the Red Cell will help the customer to fix the security holes in the attack surface and all data mining from the operation will be given back to the customer.

 

You could call my work as Historian in 90's, 00s, 10s for Red Cell operations.

The goal then was not test an organizations security. The goal in those cases was Data Mining for the best of science, and by extension for the best of Western democracy. Some would also call it the art of infiltration. I (Petrus Toxy) call it science.

 

  • Security Assessment and Testing.

 

  • Security engineering.

 

  • Security and Risk Management.

 

  • Security Operations.

 

  • Social engineering. T Office © has also create Double-Social engineering where social engineers are let to engineer desinformation. The idea is social engineer social engineers. Double-Social engineering can be used together with e g Monkey on the shoulder Ops.

 

  • Social media monitoring.

 

  • Software Development Security.

 

  • Terrorism financing. T Office © trace terrorism financing both in the physical world and in the virtual world. One part of this is cryptocurrency tracing.

 

  • Terrorism research. My specialities as educated historian are: malware, terrorism and undemocrati groups. Modern conflicts in Middle east is my special interest.

 

  • Tiger Team. Tiger Team is originally a US military term. Tiger Team is a mission for the assembled group of experts, whose task is to investigate and / or resolve an organization technical and / or system problems.

 

  • Tracking. T Office © track down security service risks such as: cyber bullies a k a doxers, cyber criminals, cyber terrorists, disloyal employees and whistle-blowers.

 

  • Vulnerability scanning: EPS, FW, HF, HW, ICT, IDS, IPS, POS, SIEM, site, SW.

 

 

 

Counter-act problems before problems become problems,

 

Petrus Toxy

/ Petrus Toxy

Founder of T Office © - Offensive Network Security

 

 

 

 

 

 

Flag Counter

All rights reserved. © Petrus Toxy 2015.

Client Supra Omnes

 

Hire a lawyer and EH all-in-one, who thinks "outside the box".

Hire Petrus Toxy. I will point out the security attack surface in your organization;

 

Disloyal employees, whistle blowers and cyber criminals.

 

Lua

T Office © is a proud user of Lua.