/var/log/messages

Like all good researchers, we publish our findings for everyone’s benefit. The articles here evidence our commitment to technical excellence and the breadth of the disciplines we cover.

Playing with PuTTY

By Tim Carrington on 3 August 2021

During adversarial simulation exercises we often have to solve complex problems with novel techniques. More often than not it is the solution to these problems that drives progress.

Read more

Blog

Prelude to Ransomware: SystemBC

By Callum Roxan and Sami Ruohonen on 10 May 2021

In late February 2021, F-Secure’s Managed Detection and Response (MDR) service identified the execution of SystemBC malware as part of a hands on keyboard crimeware intrusion.

Read more

Attack Detection Fundamentals 2021: Azure - Lab #3

By Masande Mtintsilana on 28 April 2021

In the previous lab, we learnt that with read-only permissions, we can still read Azure Logic App Workflow definitions to search for sensitive information.

Read more

Attack Detection Fundamentals 2021: Azure - Lab #2

By Masande Mtintsilana on 28 April 2021

In the final part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered a walkthrough of an end-to-end kill chain in Azure.

Read more

Attack Detection Fundamentals 2021: Azure - Lab #1

By Masande Mtintsilana on 28 April 2021

In the final part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered a walkthrough of an end-to-end kill chain in Azure.

Read more

Heavy Metal Debugging

By Jake Labelle on 27 April 2021

Reversing Engineering on zOS has some challenges - one of the biggest is attempting to get started.

Read more

Attack Detection Fundamentals 2021: AWS - Lab #3

By Alfie Champion on 21 April 2021

In part three of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered an end-to-end kill chain, from initial access and discovery using some 'compromised' credentials, through to the installation of persistence and the...

Read more

Attack Detection Fundamentals 2021: AWS - Lab #2

By Alfie Champion on 21 April 2021

In part three of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered an end-to-end kill chain, from initial access and discovery using some 'compromised' credentials, through to the installation of persistence and the...

Read more

Attack Detection Fundamentals 2021: AWS - Lab #1

By Alfie Champion on 21 April 2021

In part three of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered an end-to-end kill chain in AWS, from initial access and discovery using some 'compromised' credentials, through to the installation of persistence...

Read more

Data poisoning in action

By Andrew Patel and Matti Aksela on 16 April 2021

Figure 1: Poisoning attack in the lifecycle of a machine learning modelThere are two different sub-goals for a data poisoning attack:

Read more

Attack Detection Fundamentals 2021: macOS - Lab #3

By Calum Hall and Luke Roberts on 14 April 2021

As we enter the final Lab of F-Secure Consulting's Attack Detection Fundamental's macOS workshop we must reflect on what we have a covered so far.

Read more

Attack Detection Fundamentals 2021: macOS - Lab #2

By Calum Hall and Luke Roberts on 14 April 2021

In the first lab of F-Secure Consulting's Attack Detection Fundamentals workshop focussing on macOS we played around with Office Macros. This lab demonstrated how macros can be abused within the macOS ecosystem, and namely focussed on...

Read more