/var/log/messages

Like all good researchers, we publish our findings for everyone’s benefit. The articles here evidence our commitment to technical excellence and the breadth of the disciplines we cover.

Rethinking Credential Theft

By Robert Bearsby and Timo Hirvonen on 14 February 2020

Modern defensive security solutions use sophisticated techniques to prevent, detect and/or respond to malicious actions. These solutions are effective and are starting to hit red teamers where it hurts.

Read more

TamaGo

By Andrea Barisani on 11 February 2020

What you see in this screenshot is a secure shell (SSH) connection to a host, you might think that this is business as usual and wonder why is it worth showing off...

Read more

Forging SWIFT MT Payment Messages for fun and pr... research!

By Oliver Simonnet on 7 February 2020

TLDR: With a bit of research and support we were able to demonstrate a proof of concept for introducing a fraudulent payment message to move £0.5M from one account to another, by manually forging a raw...

Read more

Misadventures in AWS

By Christian Demko on 17 January 2020

When performing security assessments of AWS environments, it is typical to do configuration reviews of AWS services. Several well-known tools exist already that assist in these reviews and are best used with broad access to the environment.

Read more

Hackin' around the Christmas tree

By Stefano Farletti on 24 December 2019

This year at F-Secure Consulting's offices, Christmas came early. Dave Hartley, our local Santa Claus, gifted us some new shiny smart devices to break.

Read more

Opening Up the Samsung Q60 series smart TV

By Aliz Hammond on 20 December 2019

F-Secure has a long-standing record of success in ZDI’s pwn2own contests. This year’s event in Tokyo was no different – the same team scored major points across the board, pwning everything from the TP-Link router all...

Read more

Blog

Digital lockpicking - stealing keys to the kingdom

By Krzysztof Marciniak on 11 December 2019

In the era of smart devices, it should come as no surprise that more and more appliances "turn" smart. The KeyWe Smart Lock is no exception.

Read more

AWS: Such auspices are very hard to read

By Craig Koorn on 4 December 2019

If you’ve ever looked into AWS security, you’ll know that getting it right is far from easy. If you don’t believe me, just search for anything along the lines of “S3 leaks” and look at the...

Read more

Uncommon SQL Database Alert - Informix SQL Injection

By Ken Gannon on 20 November 2019

A client was looking to upgrade their Cisco UCM software and wanted assurance that their implementation was configured securely. During the assessment, we had discovered an authenticated SQL Injection issue within the Cisco UCM administrator portal.

Read more

Prince of the Honeycomb

By Fabian Beterke on 15 November 2019

This story begins with a request for an internal penetration test in November of last year: Countercept[1] (F-Secure’s Managed Detection and Response service) implemented a few new features in Honeycomb (its client-facing Ruby on Rails web application).

Read more

OU having a laugh?

By Petros Koutroumpis on 6 November 2019

Overviewtl;dr When we have permission to modify an OU, we can modify its gpLink attribute in order to compromise any computer or user that belongs to that OU or its child OUs.Before writing SharpGPOAbuse, I wanted...

Read more

Automating Pwn2Own with Jandroid

By Pallavi Sivakumaran on 1 November 2019

In this post, we describe a purpose-built tool for automatically (or, more accurately, semi-automatically) identifying exploitable logic bugs within Android applications.BackgroundFirstly, what are logic bugs and why do we care about them?A logic bug is a...

Read more