Security Affairs
Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Barclays creates its own red team to attack its systems to find flaws

Barclays has created a red team to hack its own computer systems to discover and exploit security vulnerabilities before external attacker do. For someone working in the security area, it’s known that many companies have red teams to attack their own system, but this information is never recognized by the company. Barclays did exactly the […]

Barclays creates its own red team to attack its systems to find flaws

Barclays has created a red team to hack its own computer systems to discover and exploit security vulnerabilities before external attacker do.

For someone working in the security area, it’s known that many companies have red teams to attack their own system, but this information is never recognized by the company.

Barclays did exactly the opposite and confirmed that it has created a red team to attack the company systems in order to assess their resilience to cyber attacks.

The red team thinks and operate like a group of hackers that target the Barclays systems, the purpose is to identify exploitable vulnerabilities and fix them before a real attacker do it.

Troels Oerting joined Barclays in February as a CISO and the first thing he did, was creating his red team, just to refresh the reader’s memory, Oerting was the former head of Europol’s European Cybercrime Center.

Troels Oerting is one of the leading experts in cyber security with a deep understanding of the criminal ecosystem, but mostly it is a forward-looking professional with an impressive skill.

barclays Troel Oerting

“We emulate how criminals will try to get into the bank,” explained Troels Oerting “Then the red unit will do the same work, testing our ability to detect, to prevent, to resist.”

Security experts are aware of the importance to think as a criminal to prevent their attacks as confirmed by Mr. Oerting, and the constitution of a red team is a good step in this direction.

 “operate and think like cybercriminals” states Oerting.

A red team needs to be independent of any other department and report directly the C-Level executive. The independence is one of the most important requirement to have an efficient a Red team.

“They improve the ways to get in all the time”, “The reality is that there are actually more cases than you read in the press.”

This happens because companies fear damages to their reputation.

Barclays is planning on spending more 20% in their new cyber-defense strategy, a significant effort for bank that is demonstrating that right skills and competent management could make the difference.

Oerting will be supervising an internal team composed of 8 persons having in mind, “We want to keep our employees and our customers safe,”, “This is why it’s so important that we assess the threats, the controls and see if we have any gaps.”

Unfortunately, many banks have a different approach to cyber security that is not effective and in some cases. Instead actively preventing incident some financial institutions appear more interested in limiting the data exposure following a potential data breach.

The trend is that big companies will invest more in cyber security, security experts and ethical hackers are among the professionals that most of all will make our banks more secure, and Barclay and its red team are aware of it.

About the Author Elsio Pinto

Elsio Pinto (@high54security) is at the moment the Lead McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog McAfee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Edited by Pierluigi Paganini

(Security Affairs – Barclays, Red Team)