Leading cyber security experts

Whitepapers

The latest research on threats and technology.

ROI of Cyber Security

The ability to quantify your cyber security ROI with confidence and conviction is the key to defending your business case to the C-suite.
F-Secure’s cyber security ROI calculator is out now! It’s based on extensive experience combined with robust statistical models. Learn about the factors behind the formula and see some example calculations from different industries and company sizes.
Download PDF

Demystifying Threat Hunting

‘Threat hunting’ has become something of a buzzword in the cyber security industry, and like any other buzzword the term is often misused.
Proactive threat hunting is very different from manually searching through raw data to find an attacker, and threat hunting as a service is complementary to detection & response operations rather than a replacement for them.
Download PDF

Understanding the email threat landscape

We’re seeing a rise in phishing attacks against cloud-based email services such as Microsoft Office 365 as an increasing number of companies transition to the more cost-efficient cloud solutions. Email has been, and remains as, the primary initial attack vector used by attackers to infiltrate an organization’s server.
Download PDF

Outerhaven: The UEFI Memory space just itching to be misused

UEFI – the link between a machine’s hardware and operating system – is also a potential path for attacks that can persist even if the device is wiped and a fresh OS installed. Let’s look at attacks – and potential methods of detection.
Download PDF

F-Secure Ultralight

F-Secure Ultralight combines several unique and advanced technologies to improve protection level, performance, and user experience in our consumer and corporate products
Download PDF

Killsuit research

Exposed by the Shadow Brokers in the 2017 “Lost in Translation” leak, not much is known about the persistence component employed in the DanderSpritz framework…until now.
Download PDF

F-Secure Security Cloud

F-Secure Security Cloud is a cloud-based threat analysis system operated by F-Secure. It’s growing knowledge base of digital threats is fed by data from client systems and automated threat analysis services.
Download PDF

Automating advanced threat identification with Broad Context Detection™

We explore the skills and technologies needed for a context-aware approach to effectively evaluate and respond to targeted threats.
Download PDF

Hunting For SOTI

In this follow-on to the Killsuit research, we look into the advanced bootloader mechanism employed in The Equation Groups frameworks, which can be used in conjunction with the Killsuit modular component.
Download PDF

The state of cyber security 2017

Observations and insights to help users and businesses keep pace with a rapidly evolving threat landscape.
Download PDF

F-Secure Deepguard, 3rd Edition

We summarize the trends and developments in computing that have made host-based behavioral analysis and exploit interception necessary elements of computer security.
Download PDF

NanHaiShu: "Rat"ing the South China Sea

We detail the malware being used by a threat actor to target government and private-sector organizations involved in a territorial dispute centered on the South China Sea.
Download PDF

Ransomware: How to prevent, predict, detect & respond

Ransomware is one of the most prominent cyber threats today. Yet just like any other threat…
Download PDF

The Dukes

This whitepaper explores the tools – such as MiniDuke, CosmicDuke, OnionDuke, CozyDuke, etc- of the Dukes, a well-resourced, highly dedicated and organized cyberespionage group that we believe has been working for the Russian Federation since at least 2008 to collect intelligence in support of foreign and security policy decision-making.
Download PDF

CozyDuke

An overview of CozyDuke, a set of tools used by one or more malicious actors for performing targeted attacks against high profile organizations…
Download PDF

Reflash: practical ActionScript3 instrumentation with RABCDAsm

The research described on this paper concentrates exclusively on the Flash part of this complete picture.
Download PDF

How to stop data breaches & prevent GDPR fines

You are welcome to download one of our whitepapers off our website on How to Stop Data Breaches & Prevent GDPR Fines which is a Data Breach Toolkit for Small and Medium-Sized Companies to find out how to predict, prevent, detect & respond to data breaches and the fines that they can cause.
Download PDF

W64/Regin, Stage 1

We describe the inner workings of the stage #1 of the complex malware threat by the name of Regin…
Download PDF

W32/Regin, Stage 1

We analyze a set of 32-bit samples which represents stage #1 of the complex threat that is known as Regin…
Download PDF

BlackEnergy & Quedagh: The convergence of crimeware and APT attacks

BlackEnergy is a toolkit that has been used for years by various criminal outfits. In the summer of 2014
Download PDF

COSMICDUKE: Cosmu with a twist of MiniDuke

CosmicDuke — the first malware seen to include code from both the notorious MiniDuke APT Trojan and another…
Download PDF

Rethinking Response

This whitepaper is for CISOs, CIOs, and any security professional who needs to successfully manage and respond to incidents.
Download PDF