Introducing D-Modem: A software SIP modem
October 29, 2021 | Dan Bastone
Connect to dialup modems over VoIP using SIP, no modem hardware required.
Code similarity analysis with r2diaphora
October 27, 2021 | Fernando Dominguez
Executive summary Binary diffing, a technique for comparing binaries, can be a ...
CVE-2021-1825: Inadequate Input Encoding in WebKit
October 25, 2021 | Alex Camboe
In August 2020, Aon discovered and reported to Apple an issue relating to the ...
BlackByte Ransomware – Pt. 1 In-depth Analysis
October 15, 2021 | Rodel Mendrez, Lloyd Macrohon
Please click here for Part 2
BlackByte Ransomware – Pt 2. Code Obfuscation Analysis
October 15, 2021 | Rodel Mendrez, Lloyd Macrohon
In Part 1 of our BlackByte ransomware analysis, we covered the execution flow ...
A Handshake with MySQL Bots
October 14, 2021 | Radoslaw Zdonczyk
Edge Services It’s well known that we just don’t put services or devices on the ...
Missing Critical Vulnerabilities Through Narrow Scoping
September 16, 2021 | John Anderson
The typical process when scoping a penetration test is to get a list of targets ...
How Lack of Awareness and Clinging to the Past Threaten Your Networks
September 09, 2021 | John Anderson
The security landscape is always changing. New features are coming out all the ...
TeamTNT with new campaign aka "Chimaera"
September 08, 2021 | Ofer Caspi
Executive summary LevelBlue Labs™ has discovered a new campaign by threat group ...
Cobalt Strike Configuration Extractor and Parser
August 27, 2021 | Noah Rubin
Cobalt Strike Beacons continue to be the norm for persistence, lateral ...
PRISM attacks fly under the radar
August 23, 2021 | Fernando Dominguez
LevelBlue SpiderLabs has recently discovered a cluster of Linux ELF executables ...
Patch Tuesday, August 2021
August 10, 2021 | Karl Sigler
Here we are in August and it's Patch Tuesday once more. It's another light ...
SQL Injection in WordPress Plugins: ORDER and ORDER BY as Overlooked Injection Points
August 06, 2021 | Martin Vierula
Trustwave SpiderLabs recently undertook a survey of some 100 popular WordPress ...
Telegram Self-Destruct? Not Always
August 05, 2021 | Reegun Jayapaul
Summary Secret-Chats in Telegram use end-to-end encryption, which is meant for ...
New sophisticated RAT in town: FatalRat analysis
August 02, 2021 | Ofer Caspi
This blog was written by Ofer Caspi and Javi Ruiz.
Vulnerability in ON24 Plugin for macOS Shares More Than Just Your Screen
July 21, 2021 | Martin Rakhmanov
ON24 presenter mode requires you to install a plugin that is used to share your ...
Compromising a Network Using an "Info" Level Finding
July 21, 2021 | John Anderson
Anyone who has ever read a vulnerability scan report will know that scanners ...
Patch Tuesday, July 2021
July 13, 2021 | Karl Sigler
We're a little over halfway through the year now as July's Patch Tuesday is ...
ModSecurity v3 and URI Fragments
July 08, 2021 | Martin Vierula
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...
Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails
July 07, 2021 | Rodel Mendrez, Nikita Kazymirskyi
On, July 2nd, a massive ransomware attack was launched against roughly 60 ...
Unauthenticated XXE in Multiple Mitsubishi Electric Air Conditioner Control Systems
July 06, 2021 | Howard McGreehan
CVE-2021-20595: Unauthenticated XXE affecting multiple Mitsubishi Electric Air ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
REvil’s new Linux version
July 01, 2021 | Fernando Martinez
This blog was jointly authored with Ofer Caspi.
Cyber Secure Select: Protecting High-Net-Worth Individuals
June 28, 2021 | Faisal Tameesh
A behind the scenes look at an Executive Vulnerability Assessment.
Yet Another Archive Format Smuggling Malware
June 24, 2021 | Diana Lopera
The use of novel disk image files to encapsulate malware distributed via spam ...
Darkside RaaS in Linux version
June 22, 2021 | Ofer Caspi
Executive summary LevelBlue Labs recently analyzed the Linux version of the ...
Thousands of Vulnerable VMWare vCenter Servers Still Publicly Exposed (CVE-2021-21985, CVE-2021-21986)
June 14, 2021 | Jason Villaluna
Background On May 25th, 2021, VMWare released patches to address ...