SpiderLabs Blog

June 11, 2019 | Karl Sigler

For June's Patch Tuesday, Microsoft is releasing four advisories and patches ...

May 14, 2019 | Karl Sigler

May's Patch Tuesday is here and brings with it patches for 79 CVEs. Twenty-two ...

May 02, 2019 | James Quinn

This is a guest post James Quinn, a SOC analyst from Binary Defense.

April 25, 2019

Today we released our 2019 Global Security Report. The report is based on the ...

April 22, 2019 | Anat Davidi

What's worse than annoying ads on a website? Crypto Miner on a website!

April 22, 2019 | Dr. Fahim Abbasi

Scam Overview Her Majesty's Revenue & Customs (HMRC) is the UK department ...

April 22, 2019 | Dr. Fahim Abbasi

In our previous blog we highlighted how a group of scammers were targeting ...

April 15, 2019 | Manoj Cherukuri

CVE-2019-10068: RCE as Administrator via deserialization vulnerability in ...

April 11, 2019 | Nicholas Ramos

Back in August 2017, Trustwave Spiderlabs reported a spam campaign that ...

April 09, 2019 | Jacob Wilkin

EDIT (9.April.2019): We have applied for a retraction of CVE-2019-9193 ...

April 09, 2019 | Karl Sigler

Along with "Spring Showers" up here in the Northern Hemisphere, April also ...

April 08, 2019 | Dr. Fahim Abbasi

We witnessed a widespread phishing campaign targeting O2 customers, that ...

April 05, 2019 | Phil Hay, Rodel Mendrez

Contributing authors: Phil Hay, Rodel Mendrez

April 04, 2019 | Diana Lopera

Another round of sextortion scam emails with a pdf attachment were pushed out ...

March 28, 2019 | Dustin Cobb

CVE-2019-6714: RCE via path traversal in BlogEngine.NET 3.3.6.0.

March 25, 2019 | James Quinn

This is a guest post by independent security researcher James Quinn. This will ...

March 21, 2019 | Jacob Wilkin

Just a short post from me today, bringing you a pretty simple Cross-Site ...

March 13, 2019 | Dr. Fahim Abbasi

Con men have been exploiting human psychology since the dawn of time. Equipped ...

March 12, 2019 | Karl Sigler

This month's Patch Tuesday brings with it four advisories and patches for 64 ...

March 07, 2019 | Homer Pacag

Sextortion is a form of sex-themed exploitation via email where victims are ...

March 04, 2019 | Bryant Smith

WebSockets allow a single TCP connection to have full duplexing communications. ...

March 04, 2019 | Matt Lorentzen

When I first released Sheepl 0.1 in September 2018 as part of a talk, I wanted ...

March 04, 2019 | SpiderLabs Researcher

A few days ago we encountered a breach on a Pakistani government site which was ...

February 27, 2019 | Nikita Kazymirskyi

In the world of Phishing emails, we often see schemes which involve enticing ...

February 21, 2019 | Rodel Mendrez

Last week, one of my SpiderLabs colleagues was working on a PCI forensic triage ...

February 14, 2019 | Phil Hay

We are seeing more reports from organizations being targeted by what could be ...

February 14, 2019 | Dr. Fahim Abbasi

We witnessed a sophisticated phishing campaign on 16th August 2017, targeting ...

February 13, 2019 | SpiderLabs Researcher

Evading AV detection is part of a malware author's routine in crafting spam ...