WithSecure™'s Avatar

WithSecure™

@withsecure.bsky.social

WithSecure™ is the strategic partner for businesses that want measurable cyber security outcomes. From Europe. Trusted by the world. Formerly F-Secure Business.

111 Followers  |  2 Following  |  5 Posts  |  Joined: 13.11.2024  |  1.341

Latest posts by withsecure.bsky.social on Bluesky

Preview
Email-Delivered RMM: Abusing PDFs for Silent Initial Access Since November 2024, WithSecure has been tracking a slight uptick of targeted activities leveraging Remote Monitoring and Management (RMM) tools embedded within PDF documents. The activity primarily t...

RMM tools are being misused to bypass defenses – often without malware.

Our latest blog breaks down how this works, why most targets are in Europe, and how to stay protected.

🔗 Read more: labs.withsecure.com/publications...

#CyberSecurity #RMM #ThreatIntel

01.08.2025 08:21 — 👍 2    🔁 2    💬 0    📌 0
Post image

🔍 New from WithSecure™ Labs:
We reverse engineered a Lumma Stealer infection to uncover how it works and how to stop it.

🛠️ We:
- Traced the infection chain through obfuscation
- Extracted IOCs
- Shared threat hunting ideas

Read the full blog: labs.withsecure.com/publications...

#CyberSec

26.07.2025 19:03 — 👍 1    🔁 0    💬 0    📌 0
Preview
Active exploitation of on-premise SharePoint Server vulnerabilities “ToolShell” On July 19th 2025, Microsoft reported on a set of vulnerabilities being actively exploited in-the-wild targeting on-premise SharePoint Servers, which were addressed through CVE-2025-53770 and CVE-2025...

🚨 Our team has published fresh insights into a targeted exploitation campaign using #ToolShell against on-prem SharePoint servers. The focus is on new post-compromise activity.

📖 Read more: labs.withsecure.com/publications...

#CyberSecurity #ThreatIntel #ToolShell #Infosec

24.07.2025 14:39 — 👍 0    🔁 0    💬 0    📌 0
Post image

🚨 A new exploited vulnerability is published every 2 days. Zero-days? Every 3.

“Reactive defense is no longer enough.”

📖 Read more: labs.withsecure.com/publications...

#CyberSecurity #ZeroDay #InfoSec #WithSecure

23.07.2025 12:09 — 👍 0    🔁 0    💬 0    📌 0
Post image

🚨 Two SharePoint Server vulns (CVE-2025-53770 & CVE-2025-53771) are being exploited for RCE. On-prem only.

🔍 WithSecure detects activity via "Exploit:W32/W3WPLaunch.A!DeepGuard"

🛡️ Patch now & check for spinstall0.aspx, encoded PowerShell via w3wp.exe.

#CyberSecurity #Vulnerability #Infosec

21.07.2025 09:52 — 👍 1    🔁 1    💬 0    📌 0

@withsecure is following 2 prominent accounts