For full functionality of this site it is necessary to enable JavaScript. Instructions how to enable JavaScript in your web browser.
Read about our expertise areas. We bring world class expertise to solve cyber security challenges.
How bugs in Amazon CloudWatch and Cognito allowed attackers to see beyond Dashboards.
Read more
We introduce a prompt injection technique called multi-chain prompt injection, that targets modern LLM application workflows based on multiple LLM chains. To help testers experiment with this technique, we also release a sample app (https://github.com/WithSecureLabs/workout-planner) and a public CTF challenge (https://myllmdoc.com).
With the rapid emergence of new malware variants, accurately classifying and attributing malware samples has become more challenging than ever. To address this, WithSecure developed a machine learning model that classifies Windows binaries and identifies connections between similar samples.
AWS access keys have been the subject of research over the past few years. This page documents the findings, observations and open questions from our analysis into the access key ID component of an AWS access key.
We fine-tuned Llama3-8B to improve its resistance to indirect prompt injection attacks on question/answer tasks involving emails and articles. Reproducible fine-tuning scripts, along with the model and a quantized version, are available on Hugging Face and Ollama for testing and experimentation.
