SpiderLabs Blog

March 12, 2020 | SpiderLabs Researcher

In the hustle and bustle of everyday work life we tend to look at the current ...

March 11, 2020 | Diana Lopera

In light of the recent blog by my colleague Rodel Mendrez, we looked back at ...

March 10, 2020 | Karl Sigler

Today marks Microsoft's March Patch Tuesday. While it may not be on the top of ...

March 05, 2020 | Rodel Mendrez

A recent blog by Didier Steven’s showed how malicious Excel 4 macros can be ...

March 02, 2020 | Bruno Oliveira

Introduction Hello again! We are back with more Windows internals and it's time ...

February 27, 2020 | Diana Lopera

The Remote Access Tool (RAT) is one of the malware types we often encounter ...

February 19, 2020 | Dr. Fahim Abbasi, Phil Hay

Credential phishing is one of the leading threats faced by organizations today. ...

February 13, 2020 | Noah Rubin and Erik Iker

On December 17, 2019, Citrix announced a vulnerability affecting NetScaler ...

February 13, 2020 | Homer Pacag

It’s out there in the newspaper, social media, and television headlines. The ...

February 11, 2020 | Karl Sigler

February's Patch Tuesday is here and brings with it patches for 98 CVEs. These ...

February 04, 2020

Unauthenticated Remote Code Execution in IIOP protocol via Malicious JNDI ...

February 04, 2020 | Tom Neaves

Picture the scene - you’re on a penetration test, somehow you’ve got hold of a ...

February 04, 2020 | Javier Ruiz

The LevelBlue Labs team is in charge of writing correlation rules and releasing ...

January 21, 2020 | SpiderLabs Researcher

2020 is not starting out quietly for Microsoft, it seems. After the first Patch ...

January 20, 2020 | Trustwave SpiderLabs

ModSecurity is an open-source WAF engine maintained by Trustwave. As a lively ...

January 17, 2020 | Karl Sigler

One of the most notable vulnerabilities patched during Microsoft's first Patch ...

January 16, 2020 | Bryant Smith

The Citrix vulnerability (CVE-2019-19781) was first identified in December of ...

January 14, 2020 | Karl Sigler

Happy 2020! Microsoft is helping you celebrate the new decade with patches for ...

January 14, 2020 | SpiderLabs Researcher

It is a pleasure to announce the release of ModSecurity version 3.0.4 ...

January 09, 2020 | Bruno Oliveira

Introduction Hi, my fellow friends! How are you? Hopefully, you had a terrific ...

January 09, 2020 | Fernando Dominguez

This blog post provides an overview of the LevelBlue Labs™ technical analysis ...

January 02, 2020 | Stephan Borosh

Introduction In this blog post, I intend to provide some insight into using the ...

December 23, 2019 | Joshua Deacon, Diana Lopera, Fahim Abbasi

This year we observed a notable uptick in disc imaging software (like .ISO) ...

December 20, 2019 | Rodel Mendrez

Contributors: Lloyd Macrohon and Rodel Mendrez

December 18, 2019 | Michael Yuen

In the past, there have been plenty of articles and blog posts recommending the ...

December 13, 2019 | Radoslaw Zdonczyk

Python's popularity is amazing and constantly growing. For the first time, ...

December 10, 2019 | Karl Sigler

December's Patch Tuesday is upon us, and, as in years gone by, it's a rather ...

December 09, 2019 | Charles Hamilton

During red team engagements, lateral movement in a network is crucial. In ...