Software engineers automate everything…
Today I was testing iOS 9 “Split View” multitasking with Freedome and KEY… …and discovered that we have a new Freedome exit node? A happy Festivus to us all!
On December 15th, US Senator Ron Wyden sent a letter to FBI Director James Comey regarding crypto-ransomware. The reported costs are quite surprising. $10,000? My guess is that this is due to multiple computers being hit rather than one overall fee. Here are Wyden’s questions. Hopefully the FBI will provide a detailed reply sooner than […]
Available from F-Secure GitHub: SEE Introduction: Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments. The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility. Different type of Hypervisors (Qemu, VirtualBox, LXC) can be employed to run the Test Environments. Plugins can be added to a Test Environment […]
The Online Arms Race Mikko at Web Summit 2015.
I’ve been doing some password research and was recently reminded of this iOS 9 feature. Apple: “The default for passcodes on your Touch ID–enabled iPhone and iPad is now six digits instead of four. If you use Touch ID, it’s a change you’ll hardly notice. But with one million possible combinations — instead of 10,000 […]
We noticed an unusual spike in “Flash redirector” detection hits during October. The source was compromised websites. The compromised websites had an injected code which loaded a malicious flash object that attempted to redirect users to the Angler exploit kit. This flash redirector is not a new thing. It was written about by MalwareBytes a […]
In the era of APT’s, it feels like something is amiss when there is a forum of governments and no malware arises. But the 3rd ASEAN-United States Summit on 21 November 2015 did not disappoint. A few days before the Kuala Lumpur summit, a subdomain under asean.org for the ASEAN Secretariat Resource Centre (ARC) was compromised. Malicious code was appended […]
Bad news: Dell has installed a rogue root CA on customer PCs. Dell ships laptops with rogue root CA. https://t.co/70LCd9JAoZ #reddit #DellRoot pic.twitter.com/25QhJTRzZs — Mikko Hypponen (@mikko) November 23, 2015 Why is it bad? Because it’s trivial to perform man-in-the-middle attacks against any computer with the cert installed. Dan Goodin has an excellent writeup here. […]
Artturi Lehtiö, a researcher on our Threat Intelligence team, recently presented a paper on abusing third-party web services as C&C channels at VB2015. Here’s the abstract: A secure, reliable and undetectable method of communicating with and controlling malware is essential for modern malware operations. But designing, implementing and maintaining your own communication infrastructure isn’t an […]
How F-Secure Labs handles customer data is of the utmost importance for those of us who work here. We would therefore like to invite you to read our latest white paper which details our back end technology a.k.a. “Security Cloud” [PDF]. The paper explains the purpose, function and benefits of our technology and explains the […]