labs.withsecure.com Open in urlscan Pro
2a02:26f0:7100::210:141  Public Scan

Form analysis
0 forms found in the DOM

Text Content

JavaScript is disabled in your web browser

For full functionality of this site it is necessary to enable JavaScript.
Instructions how to enable JavaScript in your web browser.

 * Careers

 * Research
   
 * Expertise
   
 * Tools
   

 * Advisories
 * Contact Us


WITHSECURE™ LABS: WITH GREAT RESEARCH COMES GREAT RESPONSIBILITY

Research, development, updates and tooling you can use.






LATEST PUBLICATION

Read all publications


31. Oktober 2024

A BITWISE ANALYSIS OF AWS ACCESS KEY IDENTIFIERS

AWS access keys have been the subject of research over the past few years. This
page documents the findings, observations and open questions from our analysis
into the access key ID component of an AWS access key.

Read more


21. Oktober 2024

FINE-TUNING LLMS TO RESIST INDIRECT PROMPT INJECTION ATTACKS

We fine-tuned Llama3-8B to improve its resistance to indirect prompt injection
attacks on question/answer tasks involving emails and articles. Reproducible
fine-tuning scripts, along with the model and a quantized version, are available
on Hugging Face and Ollama for testing and experimentation.

Read more


22. August 2024

RANSOMWARE LANDSCAPE H1/2024

This comprehensive analysis uncovers the business mechanics of ransomware
groups, their ecosystems, and how they interact. The report not only provides a
clear picture of the current ransomware situation but also reveals some
unexpected trends.

Read more


15. Juli 2024

OLYMPICS – CYBER THREATS TO PARIS 2024

In our latest research paper, Tim West, W/Intelligence’s Director of Threat
Intelligence and Outreach, has looked into the cyber threats facing the Paris
2024 Olympics. As one of the world’s greatest events, there is always going to
be unwanted interest, but how much should we worry and who are the main
antagonists?

Read more


12. Juni 2024

MASS EXPLOITATION: THE VULNERABLE EDGE OF ENTERPRISE SECURITY

This report will explore the trend of mass exploitation of Edge Services and
Infrastructure and will put forward several theories as to why they have been so
heavily and successfully targeted by attackers.

Read more


4. Juni 2024

WHEN YOUR AI ASSISTANT HAS AN EVIL TWIN

We demonstrate how Google’s Gemini Advanced can be coerced into performing a
social engineering attack. By sending a malicious email, attackers can
manipulate Gemini's responses when analyzing the user's mailbox, causing it to
display convincing messages that trick the user into revealing confidential
information from other emails. 

Read more

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263


LATEST ADVISORIES

Find out all advisories

November 6, 2024

PROMPT INJECTION IN JETBRAINS RIDER AI ASSISTANT

Read more

--------------------------------------------------------------------------------

October 26, 2023

OPTIMIZELY CMS ADMIN PANEL DOM XSS

Read more

--------------------------------------------------------------------------------

October 23, 2023

IOS SINGLE APP MODE ESCAPE

Read more

--------------------------------------------------------------------------------

September 25, 2023

FUJITSU MPOLLUX FOR MACOS MULTIPLE VULNERABILITIES

Read more

--------------------------------------------------------------------------------

September 7, 2023

SQL INJECTION IN ZTE 4G ROUTERS AND MODEMS

Read more

--------------------------------------------------------------------------------

September 5, 2023

MEND.IO CROSS-TENANT ACCESS VIA VULNERABLE SAML IMPLEMENTATION

Read more

--------------------------------------------------------------------------------

August 21, 2023

SYNOLOGY ROUTER MANAGER REFLECTED XSS

Read more


FEATURED TOOLS

Check out all tools

August 30, 2024


ENCAP-ATTACK

A tool to break into encapsulated networks by exploiting absent overlaps between
host and overlay firewalls in Kubernetes deployments.

Read more
November 2, 2023


DEJECT: MALWARE REVERSE ENGINEERING TOOLBOX

Deject is a commandline tool for reverse engineers to quickly analyse memory
dumps and executable files.

Read more
August 30, 2022


GARBAGEMAN: DUMPSTER-DIVING THE .NET HEAP

GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
These tools - researched and developed by Jarkko Turkulainen from W/Intel.

Read more
July 21, 2022


DETECTREE: DETECTION VISUALISATION FOR BLUE TEAMS

Detectree is a tool for visualising cyber security events and their
relationships.

Read more
June 8, 2022


DROZER

drozer allows you to assume the role of an Android app and interact with other
apps. It can do anything that an installed application can do, such as make use
of Android’s Inter-Process Communication (IPC) mechanism and interact with the
underlying operating system.

Read more
October 20, 2021


CAT-SCALE LINUX INCIDENT RESPONSE COLLECTION

On 30 September 2019, Joani Green and John Rogers gave a talk titled "Performing
Linux Investigations at Scale" at the SANS DFIR Summit in Prague.

Read more

With Great Research Comes Great Responsibility.
Resources
 * Research
 * Expertise
 * Tools
 * Advisories

Find Labs
 * Contact us
 * GitHub

WithSecure™ Company
 * Contact WithSecure™
 * Careers at WithSecure™



WithSecure™ Newsletter

 * Vulnerability Disclosure Policy

WithSecure™ Labs Home
© WithSecure 2024
Cookies Button


WE VALUE YOUR PRIVACY

We need your consent so that we can access cookies, unique identifiers, personal
data, and information on your browsing behavior on this device. By clicking
“Accept All Cookies”, you agree to the storing of cookies on your device to
enhance site navigation, analyze site usage, and assist in our marketing
efforts. You can change your preferences at any time by clicking on the
'Advanced Settings’ icon located at the bottom left of any page.Privacy Policy
Accept All Cookies
Reject All
Advanced Settings


Your Opt Out Preference Signal is Honored


PRIVACY PREFERENCE CENTER

When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information
Allow All


MANAGE CONSENT PREFERENCES

PERFORMANCE COOKIES

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.

STRICTLY NECESSARY COOKIES

Always Active

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.

TARGETING COOKIES

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.

Back Button


COOKIE LIST



Search Icon
Filter Icon

Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label

Reject All Confirm My Choices