WithSecure™ Labs: With great research comes great responsibility

Research, development, updates and tooling you can use.

WithSecure_abstract_blue1

Latest Publication

Read all publications
November 6, 2024
Leveraging EDR Behavioral Data for Zero-Day Vulnerability Discovery and Triage of Known Vulnerabilities

At WithSecure, we have the benefit of a comprehensive set of capabilities, allowing us to conduct research on how to better integrate our various services. One such topic has been the use of behavioral information provided by Endpoint Detection and Response (EDR) to detect potential privilege escalation vulnerabilities. 

Read more

November 6, 2024
CrazyHunter: The Rising Threat of Open-Source Ransomware

A ransomware attack on the Mackay Memorial hospital in Taiwan is the latest example of a growing number of incidents revolving around publicly available, offensive tools and code that threat actors are utilizing. The ransomware encryptor used in this incident, dubbed “CrazyHunter”, was built using a ransomware builder called “Prince Ransomware” which was publicly available on GitHub. WithSecure has observed a growing number of actors employing this specific ransomware builder in ransomware attacks.

Read more

November 6, 2024
Cyber Threat Landscape – European Mid Market 2025

Tim West, WithSecure’s Director, Threat Intelligence & Outreach, takes a deep dive in to the cyber threat landscape of the European mid-market, in order to discover what we should expect over the course of this year and where the key battlegrounds will be fought in 2025.   

Read more

November 6, 2024
CloudWatch Dashboard (Over)Sharing

How bugs in Amazon CloudWatch and Cognito allowed attackers to see beyond Dashboards.

Read more

November 6, 2024
Multi-Chain Prompt Injection Attacks

We introduce a prompt injection technique called multi-chain prompt injection, that targets modern LLM application workflows based on multiple LLM chains. To help testers experiment with this technique, we also release a sample app (https://github.com/WithSecureLabs/workout-planner) and a public CTF challenge (https://myllmdoc.com).

Read more

November 6, 2024
From similarity to attribution: Machine learning-driven malware analysis

With the rapid emergence of new malware variants, accurately classifying and attributing malware samples has become more challenging than ever. To address this, WithSecure developed a machine learning model that classifies Windows binaries and identifies connections between similar samples.

Read more

Latest Advisories

Find out all advisories

Featured Tools

Check out all tools