CozyDuke, TLP: White
This whitepaper provides an overview of CozyDuke, a set of tools used by one or more malicious actors for performing targeted attacks against high profile organizations, such as governmental...
View ArticleNew Threat Report
Our latest comprehensive threat report, based on our analysis of H2 2014 data, is now available. Get it and more from: f-secure.com/labsOn 23/04/15 At 02:20 PM
View ArticleFreedome VPN For Mac OS X
Take a look at this:F-Secure Freedome for OS X (freshly installed on a Labs Mac Team MacBook).The beta is now open for everyone to try for 60 days at no cost.Download or share. On 24/04/15 At 12:37 PM
View ArticleReply All #21 Hack the Police
Banned from using "the Internet" in 2015? What's that like when you're surrounded by an Internet of Things?Alex Goldman discovered the answer in episode #21 of Reply All:Hack the Police"When Higinio...
View ArticleVideo: Mikko's Stanford Seminar
Mikko recently presented at Stanford University:The seminar is available via YouTube. On 30/04/15 At 12:15 PM
View ArticleMore than 22 Thousand Finns Clicked WhatsApp Spam Today
Daavid, a senior researcher on our Threat Intelligence team, received two "Samsung Galaxy Pro" themed spam messages to his WhatsApp account this morning."Onneksi olkoon! Olet voittanut Samsung Galaxy...
View ArticleTinba - Yet another anti-sandbox tricks
Malware authors certainly do not take a breather when it comes to inventing new tricks for detecting sandbox, a very useful system to automatically analyze millions of samples nowadays. Recently,...
View ArticleHackerStrip: Brain
"Hackerstrip is a comics website that publishes comics about hackers and their real life stories."Brain: Searching for the first PC virus in PakistanRead the rest of the story at hackerstrip.com; watch...
View ArticleMac Hack Demonstration
Securing your SSH password is very important. Otherwise, you might be pwned by a little girl with her Raspberry Pi.Don't worry, it's an authorized hack, she asked her mom for permission. On 15/05/15...
View ArticleRansomware spam e-mails targeting users in Italy and Spain
In the past few days, we received some cases from our customers in Italy and Spain, regarding malicious spam e-mails that pointed to Cryptowall or Cryptolocker ransomware.The spam e-mails pretended to...
View ArticleSMS Exploit Messages
There's an iOS vulnerability affecting iPhone, iPad, and even Apple Watch that allows for a denial of service.Crashing a phone with an SMS? That's so 2008.S60 SMS Exploit MessagesUnlike 2008, this...
View ArticleFound Item: UK Wi-Fi Law?
I visited the UK last Thursday, found a coffee shop offering "free" Wi-Fi, and read this…"UK Law states that we must know who is using our Wi-Fi at all times."Now I'm not a lawyer — but that seems...
View ArticleProblematic Wassenaar Definitions
The Wassenaar Arrangement, a multilateral export control regime, defines "intrusion software" as software specially designed or modified to avoid detection by monitoring tools, or to defeat protective...
View ArticleThe Trusted Internet: Who governs who gets to buy spyware from surveillance...
When hackers get hacked, that's when secrets are uncovered. On July 5th, Italian-based surveillance technology company Hacking Team was hacked. The hackers released a 400GB torrent file with internal...
View ArticleHacking Team 0-day Flash Wave with Exploit Kits
After Hacking Team was compromised, a lot of information were publicly disclosed beginning 5th of July, particularly its business clients and a zero-day vulnerability for the Adobe Flash Player that...
View ArticleIOS Crash Report: Blocking "Pop-Ups" Doesn't Really Help
The Telegraph published an article on Thursday about a scam targeting iOS users. Here's the gist: scammers are using JavaScript generated dialogs to display warnings of so-called "IOS Crash" reports...
View Article'Zero Days', the documentary
VPRO (the Dutch public broadcasting organisation) produced a 45-minute documentary about hacking and the trade of zero days. The documentary has now been released in English on Youtube.The documentary...
View ArticleDuke APT group's latest tools: cloud services and Linux support
Recent weeks have seen the outing of two new additions to the Duke group's toolset, SeaDuke and CloudDuke. Of these, SeaDuke is a simple trojan made interesting by the fact that it's written in...
View Article"IOS Crash Report" Update: Safari Adds Block Feature
Ask, and sometimes, you shall receive.Last Friday, we wrote about call center scammers targeting iOS. And today, Apple released a new (beta) feature that should help.Apple released iOS 9 Public Beta...
View ArticleWork In Progress
Regular readers will have noticed it's been slow here of late.Under ConstructionWe're finally undertaking an upgrade from Greymatter 1.7.3. This may be the world's oldest Greymatter blog… that will...
View Article