Whitepapers & reports
The latest research on cyber threats and technology
Attack Landscape Update 2021
Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are some of the critical threats facing organizations highlighted in F-Secure’s latest attack landscape update.
The Walking Breached
A new F-Secure study reveals how people who used breached services — The Walking Breached — are significantly more likely to experience cyber crime. For users with kids, the likelihood is even higher. Sadly, the numbers of The Walking Breached grow every day.
Attack Landscape Update 2020
F-Secure’s latest attack landscape update, Attack Landscape 2020, provides defenders with a big picture on how the threat landscape changed during the first half of the year.
The Connected Home’s Second Wave
The report takes a look at consumer surveys from 11 countries and finds the explosion of devices that go online began in the middle of the last decade, led by the massive adoption of smart TVs. This led to the creation of smart home entertainment centers with internet-connected streaming devices, speaker systems and gaming consoles.
Is Identity Theft the Cyber Crime We Fear the Most?
According to new F-Secure research, most people think they’ll likely be victims of identity theft or cyber crime. And with good reason. Criminals who get ahold of personal data data try anything from hacking our critical accounts to taking over our identities. Or—if the crooks think you’re worth it—they’ll use the data for a targeted attack.
Attack Landscape Update H2 2019
The last year of the decade set a new standard for cyber attacks. F-Secure’s Attack Landscape H2 2019 notes that while the impact of sophisticated ransomware attacks continues to be devastating, most of the billions of attacks we see target devices that don’t have keyboards.
Cyber Threat Landscape for the Finance Sector
Criminals have been robbing banks for over 200 years. It’s a rotten tradition that continues to this day. In fact, F-Secure’s Cyber threat landscape for the finance sector indicates that it might be getting worse worse, with the cyber attack capabilities of nation-states spreading to more common cyber criminals.
Attack Landscape Update H1 2019
To no one’s surprise, internet of things (IoT) device insecurity has emerged as a top concern and top driver of internet attack traffic in the first half of 2019. According to our new report, Attack Landscape H1 2019, which details traffic measured by F-Secure’s global network of honeypots, the number of attack events measured from January through June was twelve times higher when compared with the same period in 2018, an increase largely driven by IoT-related traffic.
Hunting for SOTI
In this follow-on to the Killsuit research, we look into the advanced bootloader mechanism employed in The Equation Groups frameworks, which can be used in conjunction with the Killsuit modular component.
Killsuit research
Exposed by the Shadow Brokers in the 2017 "Lost in Translation" leak, not much is known about the persistence component employed in the DanderSpritz framework...until now.
Attack Landscape Update H2 2018
Our adversaries in cyber space have been busy. That much is evident from our statistics from our global network of honeypots throughout the last half of 2018. Our servers registered a fourfold jump in attack and reconnaissance traffic for the period.
Attack Landscape Update H1 2018
2017 had WannaCry, NotPetya, and an explosion of activity on our global network of honeypots. 2018 in comparison has been, well, a little quieter.
The State of Cyber Security 2017
Observations and insights to help users and businesses keep pace with a rapidly evolving threat landscape.
Ransomware: How to prevent, predict, detect & respond
Ransomware is one of the most prominent cyber threats today. Yet just like any other threat...
NanHaiShu: "Rat"ing the South China Sea
We detail the malware being used by a threat actor to target government and private-sector organizations involved in a territorial dispute centered on the South China Sea.
Reflash: practical ActionScript3 instrumentation with RABCDAsm
The research described on this paper concentrates exclusively on the Flash part of this complete picture.
The Dukes
This whitepaper explores the tools - such as MiniDuke, CosmicDuke, OnionDuke, CozyDuke, etc- of the Dukes, a well-resourced, highly dedicated and organized cyberespionage group that we believe has been working for the Russian Federation since at least 2008 to collect intelligence in support of foreign and security policy decision-making.
CozyDuke
An overview of CozyDuke, a set of tools used by one or more malicious actors for performing targeted attacks against high profile organizations...
W64/Regin, Stage 1
We describe the inner workings of the stage #1 of the complex malware threat by the name of Regin...
W32/Regin, Stage 1
We analyze a set of 32-bit samples which represents stage #1 of the complex threat that is known as Regin...
BlackEnergy & Quedagh: The convergence of crimeware and APT attacks
BlackEnergy is a toolkit that has been used for years by various criminal outfits. In the summer of 2014
COSMICDUKE: Cosmu with a twist of MiniDuke
CosmicDuke — the first malware seen to include code from both the notorious MiniDuke APT Trojan and another...