Frequent verification codes may appear for non-Mainland China IP visits. If visitors are severely affected, please send [IP|ASN](126.96.36.199|AS14618) to the bottom mailbox to add to the whitelist
2022-05-04 00:00 Scheduled Task Tampering #f-secure #安全文章 Microsoft recently published an article that documented how the HAFNIUM threat actor leveraged a flaw in how scheduled tasks are stored in the registry to hide their presence.
2022-04-21 21:02 Faking Another Positive COVID Test #f-secure #安全文章 WithSecure conducted research into the Cue Health Home COVID-19 Test with the intention of finding methods to create fraudulent COVID-19 test results.
2022-04-05 21:04 Performing and Preventing Attacks on Azure Cloud Environments through Azure DevOps #f-secure #安全文章 Many organisations have recognised the risk of assigning cloud engineers with direct privileges to their production Azure Cloud resources. With Owner or Contributor privileges assigned to an engineer’s day-to-day Azure Active Directory (Azure AD) account, an...
2022-04-05 21:04 Detecting Attacks against Azure DevOps #f-secure #安全文章 This post will cover detection opportunities specific to the attack path discussed in the previous blog. In this path, a malicious Azure Active Directory application was registered from a low privileged foothold.
2021-12-21 21:02 Faking A Positive COVID Test #f-secure #安全文章 F-Secure conducted research into the Ellume COVID-19 Home Test with the intention of finding methods to fake a COVID test result. This device was chosen specifically because of the Bluetooth device that is used as the...
2021-12-20 00:00 ESFang - Exploring the macOS Endpoint Security Framework (ESF) for Threat Detection #f-secure #安全文章 Endpoint Security Framework (ESF) is the new(ish) security auditing tool that Apple has introduced to provide the security industry with a one stop shop for all its telemetry needs.
2021-11-24 21:01 A bit of a Fixer Upper - Testing FIX-backed applications #f-secure #安全文章 I woke up one day and realized I didn't know much about the FIX protocol. So I spent a few days looking into it and then created a Burp extension to make my life easier.
2021-10-01 00:00 Analysis of CVE-2021-1810 Gatekeeper bypass #f-secure #安全文章 In my previous blog post, I wrote about how I found a Gatekeeper bypass vulnerability in how archive
2021-10-01 00:00 The discovery of Gatekeeper bypass CVE-2021-1810 #f-secure #安全文章 When extracted by Archive Utility, file paths longer than 886 characters would fail to inherit the c
2021-08-03 00:00 Playing with PuTTY #f-secure #安全文章 During adversarial simulation exercises we often have to solve complex problems with novel technique
2021-05-10 00:00 Prelude to Ransomware: SystemBC #f-secure #安全文章 In late February 2021, F-Secure’s Managed Detection and Response (MDR) service identified the execut
2021-04-28 00:00 Attack Detection Fundamentals 2021: Azure - Lab #1 #f-secure #安全文章 In the final part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, w
2021-04-28 00:00 Attack Detection Fundamentals 2021: Azure - Lab #2 #f-secure #安全文章 In the final part of F-Secure Consulting's Attack Detection Fundamentals workshop series for 2021, w
2021-04-28 00:00 Attack Detection Fundamentals 2021: Azure - Lab #3 #f-secure #安全文章 In the previous lab, we learnt that with read-only permissions, we can still read Azure Logic App Wo
2021-04-27 00:00 Heavy Metal Debugging #f-secure #安全文章 Reversing Engineering on zOS has some challenges - one of the biggest is attempting to get started.