Cyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns
March 25, 2022 | Trustwave SpiderLabs
The Trustwave SpiderLabs email security team has been monitoring the ongoing ...
Vidar Malware Launcher Concealed in Help File
March 24, 2022 | Diana Lopera
Appending a malicious file to an unsuspecting file format is one of the tricks ...
Trustwave’s Action Response: The Lapsus$ Hacker Group Shows Us the Importance of Securing the Digital Supply Chain
March 23, 2022 | Trustwave SpiderLabs
Update March 24: This blog has been updated to reflect the new information ...
Dissecting a Phishing Campaign with a Captcha-based URL
March 22, 2022 | Karla Agregado
In today’s environment, much of the population are doing their banking or ...
The Attack of the Chameleon Phishing Page
March 16, 2022 | Homer Pacag
Recently, we encountered an interesting phishing webpage that caught our ...
A Simple Guide to Getting CVEs Published
March 14, 2022 | Adeeb Shah Bobby Cooke
We were once newcomers to the security research field and one of the most ...
Bypassing MFA: A Pentest Case Study
March 11, 2022 | Adeeb Shah
When a company implements multifactor authentication, the organization is ...
Dark Web Insights: Evolving Cyber Tactics Aim to Impact the Russia-Ukraine Conflict
March 03, 2022 | Ziv Mador
Update: March 9: Additional phishing emails have been sighted by Trustwave ...
Yours Truly, Signed AV Driver: Weaponizing an Antivirus Driver
February 26, 2022 | Eduardo Mattos and Rob Homewood
In 2021, Stroz Friedberg observed novel indicators of compromise (IOCs) and a ...
BlackCat ransomware
February 25, 2022 | Santiago Cortes
LevelBlue Labs™ is writing this report about recently created ransomware ...
Trustwave’s Action Response: Russia-Ukraine Crisis – Defending Your Organization From Geopolitical Cybersecurity Threats
February 24, 2022 | SpiderLabs Researcher
Feb. 28 Update: The latest economic sanctions imposed upon Russia could inspire ...
Microsoft 365: Identifying Mailbox Access
February 08, 2022 | Rachel Kang
Stroz Friedberg's testing and investigations into incidents in Microsoft’s ...
From Stored XSS to Code Execution using SocEng, BeEF and elFinder CVE-2021-45919
February 08, 2022 | John Jackson
Summary A stored cross-site scripting vulnerability, tracked as CVE-2021-45919, ...
ServiceNow - Username Enumeration Vulnerability (CVE-2021-45901)
February 04, 2022 | Victor Hanna
During a recent engagement Trustwave SpiderLabs discovered a vulnerability ...
CVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability
January 27, 2022 | Reegun Jayapaul
Summary: During an investigation of a malware campaign, I discovered that ...
Trustwave Action Response: Polkit Privilege Escalation Vulnerability - PwnKit (CVE-2021-4034)
January 26, 2022 | SpiderLabs Researcher
Summary of Trustwave Actions (updated 1/26/2022): Trustwave security and ...
BotenaGo strikes again - malware source code uploaded to GitHub
January 26, 2022 | Ofer Caspi
Executive summary In November 2021, LevelBlue Labs™ first published research on ...
LevelBlue Threat Hunting Guide: Identifying PwnKit (CVE-2021-4034) Exploitation
January 26, 2022 | Reegun Jayapaul
The Trustwave Threat Hunting team has authored a practical guide to help the ...
Dark Web Recon: Cybercriminals Fear More Law Enforcement Action in the Wake of the REvil Takedown
January 21, 2022 | Ziv Mador
In the wake of the takedown of the REvil/Sodinokibi ransomware gang by the ...
Decrypting Qakbot’s Encrypted Registry Keys
January 13, 2022 | Lloyd Macrohon, Rodel Mendrez
Since the return of the Qakbot Trojan in early September 2021, especially ...
COVID-19 Phishing Lure to Steal and Mine Cryptocurrency
December 23, 2021 | Bernard Bautista
Recently, we observed a malware spam campaign leveraging the current COVID-19 ...
Holiday shopping? Get an amazing 75% discount offer? A case study on evaluating a special holiday sale
December 23, 2021 | Ofer Caspi
Executive summary Malicious actors always try to be creative and find new ways ...
Global outbreak of Log4Shell
December 16, 2021 | Santiago Cortes
Executive summary Log4Shell is a high severity vulnerability (CVE-2021-44228) ...
Trustwave's Action Response: Multiple Log4j Zero-Day Vulnerabilities
December 10, 2021 | SpiderLabs Researcher
Updates: Dec. 29: Updated to cover three additional CVEs: CVE-2021-4104, ...
Law Enforcement Collaboration Has Eastern-European Cybercriminals Questioning Whether There Is A Safe Haven Anymore
December 08, 2021 | Trustwave SpiderLabs
Through the active Dark Web research that Trustwave SpiderLabs conducts for its ...
ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)
November 24, 2021 | Trustwave SpiderLabs
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...
LevelBlue Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits
November 11, 2021 | Ofer Caspi
Executive summary LevelBlue Labs™ has found new malware written in the open ...
CrypKey License Service Allows Privilege Escalation
November 04, 2021 | Martin Rakhmanov
Overview CrypKey (https://www.crypkey.com/) is a third-party licensing service ...