Expertise

Tim West, WithSecure’s Director, Threat Intelligence & Outreach, takes a deep dive in to the cyber threat landscape of the European mid-market, in order to discover what we should expect over the course of this year and where the key battlegrounds will be fought in 2025.   

How bugs in Amazon CloudWatch and Cognito allowed attackers to see beyond Dashboards.

We introduce a prompt injection technique called multi-chain prompt injection, that targets modern LLM application workflows based on multiple LLM chains. To help testers experiment with this technique, we also release a sample app (https://github.com/WithSecureLabs/workout-planner) and a public CTF challenge (https://myllmdoc.com).

With the rapid emergence of new malware variants, accurately classifying and attributing malware samples has become more challenging than ever. To address this, WithSecure developed a machine learning model that classifies Windows binaries and identifies connections between similar samples.

AWS access keys have been the subject of research over the past few years. This page documents the findings, observations and open questions from our analysis into the access key ID component of an AWS access key.