Law Enforcement Collaboration Has Eastern-European Cybercriminals Questioning Whether There Is A Safe Haven Anymore

December 08, 2021 | Trustwave SpiderLabs

Through the active Dark Web research that Trustwave SpiderLabs conducts for its ...

Read More

ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)

November 24, 2021 | Trustwave SpiderLabs

ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...

Read More

LevelBlue Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits

November 11, 2021 | Ofer Caspi

Executive summary LevelBlue Labs™ has found new malware written in the open ...

Read More

CrypKey License Service Allows Privilege Escalation

November 04, 2021 | Martin Rakhmanov

Overview CrypKey (https://www.crypkey.com/) is a third-party licensing service ...

Read More

Introducing D-Modem: A software SIP modem

October 29, 2021 | Dan Bastone

Connect to dialup modems over VoIP using SIP, no modem hardware required.

Read More

Code similarity analysis with r2diaphora

October 27, 2021 | Fernando Dominguez

Executive summary Binary diffing, a technique for comparing binaries, can be a ...

Read More

CVE-2021-1825: Inadequate Input Encoding in WebKit

October 25, 2021 | Alex Camboe

In August 2020, Stroz Friedberg discovered and reported to Apple an issue ...

Read More

BlackByte Ransomware – Pt. 1 In-depth Analysis

October 15, 2021 | Rodel Mendrez, Lloyd Macrohon

Please click here for Part 2

Read More

BlackByte Ransomware – Pt 2. Code Obfuscation Analysis

October 15, 2021 | Rodel Mendrez, Lloyd Macrohon

In Part 1 of our BlackByte ransomware analysis, we covered the execution flow ...

Read More

A Handshake with MySQL Bots

October 14, 2021 | Radoslaw Zdonczyk

Edge Services It’s well known that we just don’t put services or devices on the ...

Read More

Missing Critical Vulnerabilities Through Narrow Scoping

September 16, 2021 | John Anderson

The typical process when scoping a penetration test is to get a list of targets ...

Read More

How Lack of Awareness and Clinging to the Past Threaten Your Networks

September 09, 2021 | John Anderson

The security landscape is always changing. New features are coming out all the ...

Read More

TeamTNT with new campaign aka "Chimaera"

September 08, 2021 | Ofer Caspi

Executive summary LevelBlue Labs™ has discovered a new campaign by threat group ...

Read More

Cobalt Strike Configuration Extractor and Parser

August 27, 2021 | Noah Rubin

Cobalt Strike Beacons continue to be the norm for persistence, lateral ...

Read More

PRISM attacks fly under the radar

August 23, 2021 | Fernando Dominguez

LevelBlue SpiderLabs has recently discovered a cluster of Linux ELF executables ...

Read More

Patch Tuesday, August 2021

August 10, 2021 | Karl Sigler

Here we are in August and it's Patch Tuesday once more. It's another light ...

Read More

SQL Injection in WordPress Plugins: ORDER and ORDER BY as Overlooked Injection Points

August 06, 2021 | Martin Vierula

Trustwave SpiderLabs recently undertook a survey of some 100 popular WordPress ...

Read More

Telegram Self-Destruct? Not Always

August 05, 2021 | Reegun Jayapaul

Summary Secret-Chats in Telegram use end-to-end encryption, which is meant for ...

Read More

New sophisticated RAT in town: FatalRat analysis

August 02, 2021 | Ofer Caspi

This blog was written by Ofer Caspi and Javi Ruiz.

Read More

Vulnerability in ON24 Plugin for macOS Shares More Than Just Your Screen

July 21, 2021 | Martin Rakhmanov

ON24 presenter mode requires you to install a plugin that is used to share your ...

Read More

Compromising a Network Using an "Info" Level Finding

July 21, 2021 | John Anderson

Anyone who has ever read a vulnerability scan report will know that scanners ...

Read More

Patch Tuesday, July 2021

July 13, 2021 | Karl Sigler

We're a little over halfway through the year now as July's Patch Tuesday is ...

Read More

ModSecurity v3 and URI Fragments

July 08, 2021 | Martin Vierula

ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...

Read More

Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails

July 07, 2021 | Rodel Mendrez, Nikita Kazymirskyi

On, July 2nd, a massive ransomware attack was launched against roughly 60 ...

Read More

Unauthenticated XXE in Multiple Mitsubishi Electric Air Conditioner Control Systems

July 06, 2021 | Howard McGreehan

CVE-2021-20595: Unauthenticated XXE affecting multiple Mitsubishi Electric Air ...

Read More

Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)

July 06, 2021 | Victor Kahan

Sometimes when pen-testing a large network you come across a few exposed web ...

Read More

Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)

July 06, 2021 | Victor Kahan

Sometimes when pen-testing a large network you come across a few exposed web ...

Read More

REvil’s new Linux version

July 01, 2021 | Fernando Martinez

This blog was jointly authored with Ofer Caspi.

Read More