Experiencing a breach?
Select Language
Request demo
Languages
Request demo
Back to Home

Partners

Partner offeringPartner success services
Back to Home

Resources

Resources Hub Resources
Back to Resources

Resources Hub

See all
Contact us
Back to Resources

Resources

Success storiesWebinarsEventsPodcastsPressroomBlogW/LabsIndustry recognition
Contact us
Back to Home

About

About WithSecureLeadershipCompany contacts & officesCareers at WithSecureMuseum of Malware ArtAchievements & certificationsSustainabilityCompare UsVulnerability reward program
Contact us
Back to Home

Platform

Elements Cloud Elements capabilities
Back to Platform

Elements Cloud

See overview
Back to Platform

Elements capabilities

Exposure ManagementExtended Detection & ResponseCo-Security Services
Back to Home

Solutions

Industry Use case
Back to Solutions

Industry

Solution industry page linkSolution industry page linkSolution industry page link
Back to Solutions

Use case

ComplianceSolution use case page linkAI threatsSolution use case page linkSOC transformationSolution use case page link
Back to Home

Login

Back to Home

Languages

English Finnish French German Japanese

WithSecure Labs.

Most up-to-date information regarding WithSecure

Blog post

Endpoint Security Threat Intelligence

The ‘vice’ in tech advice: ClickFix-style commands disguised as tech tips across social media platforms and beyond

Source: https://labs.withsecure.com/publications/clickfix-social-media

Read more

Blog post

Dfir Server Security Threat Intelligence

Ivanti EPMM Exploitation: Hit-and-Run

This blogpost, written by WithSecure’s STINGR Group, presents the analysis of a security incident that happened in February 2026 and was investigated by the WithSecure Incident Response team.

Read more

Blog post

Network Security Ransomware

The Changing Economics of Cybercrime-as-a-Service: What Defenders Need to Know

Back in 2023, when we last wrote about Cybercrime-as-a-Service, we described cybercrime as an economy that had figured out how to scale

Read more

Blog post

Attack Detection Threat Intelligence

To the past and beyond: Andariel’s latest arsenal and cyberattacks

WithSecure proactively identified and notified a European customer belonging to the public/legal sector of a breach attributed with high confidence to the Andariel group, a state-sponsored cyber group linked to the Reconnaissance General Bureau (RGB) 3rd bureau of Democratic People’s Republic of Korea (DPRK).

Read more

Blog post

Ransomware Software Protection Threat Intelligence

TangleCrypt: a sophisticated but buggy malware packer

WithSecure's STINGR Group is releasing a detailed technical analysis of TangleCrypt, a previously undocumented packer for Windows malware.

Read more

Blog post

Attack Detection Network Security Threat Intelligence

WEBJACK: Evolving IIS Hijacking Campaign Abuses SEO for Fraud and Monetization

WithSecure’s STINGR has been investigating a malware campaign, tracked as WEBJACK, which compromises Microsoft IIS servers

Read more

Blog post

Email Security Ransomware Threat Intelligence

Email-Delivered RMM: Abusing PDFs for Silent Initial Access

Since November 2024, WithSecure has been tracking a slight uptick of targeted activities leveraging Remote Monitoring and Management (RMM) tools embedded within PDF documents.

Read more

Research

Attack Detection Endpoint Security

EDR bypassing via memory manipulation techniques

Endpoint Detection & Response systems (EDR), delivered by in-house teams or as part of a managed service, are a feature of modern intrusion detection and remediation operations.

Read more

Blog post

Attack Detection Threat Intelligence

FIN7 tradecraft seen in attacks against Veeam backup servers

WithSecure Intelligence identified attacks which occurred in late March 2023 against internet-facing servers running Veeam Backup & Replication software.

Read more

Research

Attack Detection Software Protection Threat Intelligence

Silkloader

Commercial and open-source command-and-control (C2) frameworks have become a staple in most adversary toolkits, with Cobalt Strike (CS) being one of the most popular.

Read more

Research

Software Protection Threat Intelligence

Ducktail

The threat actor targets individuals and employees that may have access to a Facebook Business account with an information-stealer malware.

Read more

Not Found

No results found, please try something else!