Showing Articles About
incident response
- 15 Jul 2020
The Fake Cisco
An IT company discovered hardware failures in suspected counterfeit Cisco Catalyst 2960-X network switches. F-Secure's Hardware Security team investigated the devices and identified an undocumented vulnerability that bypasses Secure Boot restrictions. The investigation concluded with reasonable confidence that no intentional backdoors were present in the counterfeit hardware.
- 16 Oct 2015
Journey Into Hunting The Attackers
A presentation at BSides Manchester 2015 explored stealthy credential retrieval techniques used by attackers targeting Windows systems. The talk focused on methods for extracting credentials that can bypass Anti-Virus detection. Techniques discussed included using built-in Windows commands and attacker tools designed to remain undetected during system intrusions.
- 24 Dec 2010
Forensic Readiness: A Primer
Forensic readiness is a critical component of cybersecurity incident management. The article outlines six key strategies for organizations to prepare for potential security incidents, including accepting that incidents will occur, educating staff, maintaining flexible response plans, enabling communication, implementing robust logging, and dedicating appropriate budget and resources.
- 2 Jun 2010
Journey to the Centre of the Breach
This whitepaper explores computer forensics techniques for investigating a server security breach. It details a case study of an FTP server incident, demonstrating how digital forensic methods can be applied to log file analysis and malware reverse engineering. The document highlights the broader application of forensic investigation techniques beyond law enforcement.