Like all good researchers, we publish our findings for everyone’s benefit. The articles here evidence our commitment to technical excellence and the breadth of the disciplines we cover.
Cobalt Strike is a well known framework used to perform adversary simulation exercises by offensive security professionals. Its flexibility and broad feature set have made it the de facto framework for red team operations.Cobalt Strike's implant,...
Read more
In the first part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered advanced defense evasion and credential access techniques targeting Windows endpoints.
Read more
In the first part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered advanced defense evasion and credential access techniques targeting Windows endpoints.
Read more
In the first part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered advanced defense evasion and credential access techniques targeting Windows endpoints.
Read more
In the first part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered advanced defense evasion and credential access techniques targeting Windows endpoints.
Read more
A malicious application could also trick users into setting itself as the “Preferred" handler, disabling all future prompts... Historical incidents have shown that relying on users for security decisions can be a bad practice and...
Read more
Source: [7] and [8]Sniffing SPI busSerial Peripheral Interface (SPI) is a synchronous serial communication protocol supporting full-duplex communication with high-speed clock frequencies. It uses master-slave architecture, where the master device always initiates the communication.
Read more
sysdiagnose is a utility on most macOS and iOS devices that can be used to gather system-wide diagnostic information. Currently on version 3.0, sysdiagnose collects a large amount of data from a wide array of locations...
Read more
During recent years, the Cobalt Strike framework has gained significant popularity amongst red teamers and threat actors alike. Its functionality, flexibility and stability make it the state of the art when it comes to commercially available...
Read more
IntroductionThis post introduces the novel concept of Command & Control (C2) using print jobs, and demonstrates how this can be achieved using C3's Print channel.
Read more
In this second blog post, we will continue to share actionable detection insights for blue teams to defend their organization against the Advanced Persistent Threat (APT) group – Lazarus Group.
Read more
F-Secure looked into exploiting the Samsung S20 device for Tokyo Pwn2Own 2020. An exploit chain was found for version 4.5.19.13 of the Galaxy Store application that could have allowed an attacker to install any application on...
Read more