Welcome to WithSecure Labs - Cyber security research and development

With Great Research Comes Great Responsibility.

Welcome to our research and development platform: WithSecure Labs. Here we dissect industry news and trends, publish research, and share our tools with the security community.

The Fake Cisco

By Dmitry Janushkevich on 15 July, 2020

In fall 2019, an IT company found some network switches failing after a software upgrade. The company would find out later that they had inadvertently procured suspected counterfeit Cisco equipment. The hardware failure initiated a wider investigation to which the F-Secure Hardware Security team was called and asked to analyse the suspected counterfeit Cisco Catalyst 2960-X series switches and, primarily, provide evidence as to whether any kind of a "backdoor" functionality existed in those devices.

This paper details the process which led to the conclusion and aims to share the technical knowledge the team gained during this journey.

Rethinking Credential Theft

By Robert Bearsby and Timo Hirvonen on 14 February, 2020

Printing Shellz

Nov 30, 2021

Threat Intelligence Report: Lazarus Group Campaign Targeting the Cryptocurrency Vertical

Aug 25, 2020

The Fake Cisco

Jul 15, 2020

Forging SWIFT MT Payment Messages for fun and pr... research!

By Oliver Simonnet on 7 February, 2020

Xiaomi Mi9 (Pwn2Own 2019)

By Mark Barnes and Toby Drew on 14 April, 2020

Tools

The following are recent tools published by WithSecure Labs.

Metasploit Modules for RCE in Apache NiFi and Kong API Gateway

Two exploit modules for the Metasploit framework to assist consultants in verifying vulnerabilities when encountering Kong API Gateway and Apache NiFi on network security assessments.