/var/log/messages

Like all good researchers, we publish our findings for everyone’s benefit. The articles here evidence our commitment to technical excellence and the breadth of the disciplines we cover.

Attack Detection Fundamentals 2021: Azure - Lab #3

By Masande Mtintsilana on April 28, 2021 at 11:11 AM

In the previous lab, we learnt that with read-only permissions, we can still read Azure Logic App Workflow definitions to search for sensitive information.

Read more

Attack Detection Fundamentals 2021: Azure - Lab #2

By Masande Mtintsilana on April 28, 2021 at 11:11 AM

In the final part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered a walkthrough of an end-to-end kill chain in Azure.

Read more

Attack Detection Fundamentals 2021: Azure - Lab #1

By Masande Mtintsilana on April 28, 2021 at 11:11 AM

In the final part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered a walkthrough of an end-to-end kill chain in Azure.

Read more

Heavy Metal Debugging

By Jake Labelle on April 27, 2021 at 8:03 AM

Heavy Metal Debugging; Debugging and Reversing HLASM with TSO TESTTerms:
zOS: IBM's mainframe operating system
TSO: Time Sharing Option - Interactive access to zOS
PDS: zOS folder
HLASM: High Level Assembly - Assembly on z/Architecture
TSO TEST: Terminal Debugger pre-installed on…

Read more

Attack Detection Fundamentals 2021: AWS - Lab #3

By Alfie Champion on April 21, 2021 at 3:45 PM

In part three of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered an end-to-end kill chain, from initial access and discovery using some 'compromised' credentials, through to the installation of persistence and the…

Read more

Attack Detection Fundamentals 2021: AWS - Lab #2

By Alfie Champion on April 21, 2021 at 3:45 PM

In part three of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered an end-to-end kill chain, from initial access and discovery using some 'compromised' credentials, through to the installation of persistence and the…

Read more

Attack Detection Fundamentals 2021: AWS - Lab #1

By Alfie Champion on April 21, 2021 at 3:45 PM

In part three of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, we covered an end-to-end kill chain in AWS, from initial access and discovery using some 'compromised' credentials, through to the installation of persistence…

Read more

Data poisoning in action

By Andrew Patel and Matti Aksela on April 16, 2021 at 12:08 PM

While machine learning applications can be exposed to common security threats at the hardware, application, and network level, they are also exposed to domain specific threats that are currently overlooked.

Read more

Attack Detection Fundamentals 2021: macOS - Lab #3

By Calum Hall and Luke Roberts on April 14, 2021 at 9:32 AM

As we enter the final Lab of F-Secure Consulting's Attack Detection Fundamental's macOS workshop we must reflect on what we have a covered so far.

Read more

Attack Detection Fundamentals 2021: macOS - Lab #2

By Calum Hall and Luke Roberts on April 14, 2021 at 9:32 AM

In the first lab of F-Secure Consulting's Attack Detection Fundamentals workshop focussing on macOS we played around with Office Macros.

Read more

Attack Detection Fundamentals 2021: macOS - Lab #1

By Calum Hall and Luke Roberts on April 14, 2021 at 9:32 AM

Following on from the previous workshops we've delivered as part of F-Secure Consulting's Attack Detection Fundamentals series, this workshop is going to delve into a topic far less discussed within the security world - detection on…

Read more

Detecting Exposed Cobalt Strike DNS Redirectors

By Riccardo Ancarani and Giulio Ginesi on April 9, 2021 at 10:21 AM

IntroCobalt Strike is a well known framework used to perform adversary simulation exercises by offensive security professionals. Its flexibility and broad feature set have made it the de facto framework for red team operations.

Read more