Whitepapers & reports
The latest research on cyber threats and technology
Data-stealing ransomware attacks, information harvesting malware, and supply chain attacks are some of the critical threats facing organizations highlighted in F-Secure’s latest attack landscape update.
A new F-Secure study reveals how people who used breached services — The Walking Breached — are significantly more likely to experience cyber crime. For users with kids, the likelihood is even higher. Sadly, the numbers of The Walking Breached grow every day.
F-Secure’s latest attack landscape update, Attack Landscape 2020, provides defenders with a big picture on how the threat landscape changed during the first half of the year.
The report takes a look at consumer surveys from 11 countries and finds the explosion of devices that go online began in the middle of the last decade, led by the massive adoption of smart TVs. This led to the creation of smart home entertainment centers with internet-connected streaming devices, speaker systems and gaming consoles.
According to new F-Secure research, most people think they’ll likely be victims of identity theft or cyber crime. And with good reason. Criminals who get ahold of personal data data try anything from hacking our critical accounts to taking over our identities. Or—if the crooks think you’re worth it—they’ll use the data for a targeted attack.
The last year of the decade set a new standard for cyber attacks. F-Secure’s Attack Landscape H2 2019 notes that while the impact of sophisticated ransomware attacks continues to be devastating, most of the billions of attacks we see target devices that don’t have keyboards.
Criminals have been robbing banks for over 200 years. It’s a rotten tradition that continues to this day. In fact, F-Secure’s Cyber threat landscape for the finance sector indicates that it might be getting worse worse, with the cyber attack capabilities of nation-states spreading to more common cyber criminals.
To no one’s surprise, internet of things (IoT) device insecurity has emerged as a top concern and top driver of internet attack traffic in the first half of 2019. According to our new report, Attack Landscape H1 2019, which details traffic measured by F-Secure’s global network of honeypots, the number of attack events measured from January through June was twelve times higher when compared with the same period in 2018, an increase largely driven by IoT-related traffic.
In this follow-on to the Killsuit research, we look into the advanced bootloader mechanism employed in The Equation Groups frameworks, which can be used in conjunction with the Killsuit modular component.
Exposed by the Shadow Brokers in the 2017 "Lost in Translation" leak, not much is known about the persistence component employed in the DanderSpritz framework...until now.
Our adversaries in cyber space have been busy. That much is evident from our statistics from our global network of honeypots throughout the last half of 2018. Our servers registered a fourfold jump in attack and reconnaissance traffic for the period.
2017 had WannaCry, NotPetya, and an explosion of activity on our global network of honeypots. 2018 in comparison has been, well, a little quieter.
Observations and insights to help users and businesses keep pace with a rapidly evolving threat landscape.
Ransomware is one of the most prominent cyber threats today. Yet just like any other threat...
We detail the malware being used by a threat actor to target government and private-sector organizations involved in a territorial dispute centered on the South China Sea.
The research described on this paper concentrates exclusively on the Flash part of this complete picture.
This whitepaper explores the tools - such as MiniDuke, CosmicDuke, OnionDuke, CozyDuke, etc- of the Dukes, a well-resourced, highly dedicated and organized cyberespionage group that we believe has been working for the Russian Federation since at least 2008 to collect intelligence in support of foreign and security policy decision-making.
An overview of CozyDuke, a set of tools used by one or more malicious actors for performing targeted attacks against high profile organizations...
We describe the inner workings of the stage #1 of the complex malware threat by the name of Regin...
We analyze a set of 32-bit samples which represents stage #1 of the complex threat that is known as Regin...
BlackEnergy is a toolkit that has been used for years by various criminal outfits. In the summer of 2014