W/Labs - WithSecure™ (original) (raw)

Most up-to-date information regarding WithSecure

W/Labs

GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations

W/Labs

WithSecure uncovers Russia-nexus threat group using AI to target Ukraine and European organisations

W/Labs

DarkGate Rises: New version of DarkGate malware hunts like a Duck but bites like a RAT

Source: https://labs.withsecure.com/publications/darkgate-rises

W/Labs

Reverse engineering a Lumma infection

Lumma is an information stealer that the WithSecure Detection and Response Team (DRT) have encountered several times. It has seen wider use over the past couple of years, and makes for an interesting threat to monitor.

W/Labs

Machine learning-driven malware analysis

With the rapid emergence of new malware variants, accurately classifying and attributing malware samples has become more challenging than ever

W/Labs

DarkGate malware campaign

Vietnamese cybercrime groups are using multiple different Malware as a Service (MaaS) infostealers and Remote Access Trojans (RATs) to target the digital marketing sector.

W/Labs

Source: https://labs.withsecure.com/publications/clickfix-social-media

W/Labs

Ivanti EPMM Exploitation: Hit-and-Run

This blogpost, written by WithSecure’s STINGR Group, presents the analysis of a security incident that happened in February 2026 and was investigated by the WithSecure Incident Response team.

W/Labs

The Changing Economics of Cybercrime-as-a-Service: What Defenders Need to Know

Back in 2023, when we last wrote about Cybercrime-as-a-Service, we described cybercrime as an economy that had figured out how to scale

W/Labs

To the past and beyond: Andariel’s latest arsenal and cyberattacks

WithSecure proactively identified and notified a European customer belonging to the public/legal sector of a breach attributed with high confidence to the Andariel group, a state-sponsored cyber group linked to the Reconnaissance General Bureau (RGB) 3rd bureau of Democratic People’s Republic of Korea (DPRK).

W/Labs

TangleCrypt: a sophisticated but buggy malware packer

WithSecure's STINGR Group is releasing a detailed technical analysis of TangleCrypt, a previously undocumented packer for Windows malware.

W/Labs

WEBJACK: Evolving IIS Hijacking Campaign Abuses SEO for Fraud and Monetization

WithSecure’s STINGR has been investigating a malware campaign, tracked as WEBJACK, which compromises Microsoft IIS servers

Not Found

No results found, please try something else!

W/Labs - WithSecure™ (original) (raw)

GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations

WithSecure uncovers Russia-nexus threat group using AI to target Ukraine and European organisations

DarkGate Rises: New version of DarkGate malware hunts like a Duck but bites like a RAT

Reverse engineering a Lumma infection

Machine learning-driven malware analysis

DarkGate malware campaign

The ‘vice’ in tech advice: ClickFix-style commands disguised as tech tips across social media platforms and beyond

Ivanti EPMM Exploitation: Hit-and-Run

The Changing Economics of Cybercrime-as-a-Service: What Defenders Need to Know

To the past and beyond: Andariel’s latest arsenal and cyberattacks

TangleCrypt: a sophisticated but buggy malware packer

WEBJACK: Evolving IIS Hijacking Campaign Abuses SEO for Fraud and Monetization

Not Found