The latest research on threats and technology.
UEFI - the link between a machine's hardware and operating system - is also a potential path for attacks that can persist even if the device is wiped and a fresh OS installed. Let's look at attacks - and potential methods of detection.
F-Secure Ultralight combines several unique and advanced technologies to improve protection level, performance, and user experience in our consumer and corporate products.
In this follow-on to the Killsuit research, we look into the advanced bootloader mechanism employed in The Equation Groups frameworks, which can be used in conjunction with the Killsuit modular component.
Exposed by the Shadow Brokers in the 2017 "Lost in Translation" leak, not much is known about the persistence component employed in the DanderSpritz framework...until now.
F-Secure Security Cloud is a cloud-based threat analysis system operated by F-Secure. It’s growing knowledge base of digital threats is fed by data from client systems and automated threat analysis services.
We explore the skills and technologies needed for a context-aware approach to effectively evaluate and respond to targeted threats.
We summarize the trends and developments in computing that have made host-based behavioral analysis and exploit interception necessary elements of computer security.
Observations and insights to help users and businesses keep pace with a rapidly evolving threat landscape.
Ransomware is one of the most prominent cyber threats today. Yet just like any other threat...
We detail the malware being used by a threat actor to target government and private-sector organizations involved in a territorial dispute centered on the South China Sea.
The research described on this paper concentrates exclusively on the Flash part of this complete picture.
This whitepaper explores the tools - such as MiniDuke, CosmicDuke, OnionDuke, CozyDuke, etc- of the Dukes, a well-resourced, highly dedicated and organized cyberespionage group that we believe has been working for the Russian Federation since at least 2008 to collect intelligence in support of foreign and security policy decision-making.
An overview of CozyDuke, a set of tools used by one or more malicious actors for performing targeted attacks against high profile organizations...
We describe the inner workings of the stage #1 of the complex malware threat by the name of Regin...
We analyze a set of 32-bit samples which represents stage #1 of the complex threat that is known as Regin...
BlackEnergy is a toolkit that has been used for years by various criminal outfits. In the summer of 2014