WithSecure™ Labs: With great research comes great responsibility

Research, development, updates and tooling you can use.

Latest Publication

Read all publications

September 30, 2022

Prototype Pollution Primer for Pentesters and Programmers

Prototype pollution is a vulnerability that exploits inheritance behavior in JavaScript to create malicious instances of data types, which in the right conditions, can result in the execution of attacker-supplied code. Depending on the context, this can have impacts ranging from DOM-based Cross Site Scripting to even Remote Code Execution.

September 30, 2022

DUCKTAIL: An infostealer malware targeting Facebook Business accounts

WithSecure™ has discovered an ongoing operation (dubbed "DUCKTAIL") that targets individuals and organizations that operate on Facebook’s Business and Ads platform.

September 30, 2022

Spoofing Call Stacks To Confuse EDRs

Call stacks are an understated yet often important source of telemetry for EDR products.

September 30, 2022

Scheduled Task Tampering

Microsoft recently published an article that documented how the HAFNIUM threat actor leveraged a flaw in how scheduled tasks are stored in the registry to hide their presence.

September 30, 2022

Faking Another Positive COVID Test

WithSecure conducted research into the Cue Health Home COVID-19 Test with the intention of finding methods to create fraudulent COVID-19 test results.

September 30, 2022

Performing and Preventing Attacks on Azure Cloud Environments through Azure DevOps

Many organisations have recognised the risk of assigning cloud engineers with direct privileges to their production Azure Cloud resources.