SpiderLabs Blog

February 12, 2019 | Karl Sigler

With today's Patch Tuesday for February, things are back to normal with patches ...

February 11, 2019 | Sean Melia

CVE-2018-19365: Root local file inclusion in Wowza SRM 4.7.4.01.

February 08, 2019 | SpiderLabs Researcher

“Not having to worry about money is almost like not having to worry about ...

February 07, 2019 | Simon Kenin

While working on various vulnerability research projects, I encountered ...

February 06, 2019 | Diana Lopera

Sextortion scams were a hit campaign last year and are continuing in 2019 with ...

February 06, 2019 | Diana Lopera

Sextortion scams were a hit campaign last year and are continuing in 2019 with ...

January 31, 2019 | SpiderLabs Researcher

CVE-2018-15982 is the Flash 0day that was patched by Adobe at the beginning of ...

January 23, 2019 | Alejandro Baca

When an attacker uses tools native to the operating system it is referred to as ...

January 23, 2019 | SpiderLabs Researcher

Introduction

January 22, 2019 | SpiderLabs Researcher

You have probably heard the news of new vulnerabilities that affect most major ...

January 21, 2019 | Dr. Fahim Abbasi

In 2018 we saw a rise in sextortion scams in which cyber-criminals notified ...

January 08, 2019 | Karl Sigler

Historically January has been a relatively light month for Patch Tuesday, but ...

December 20, 2018 | Neil Kettle

Trustwave recently reported a Kernel based vulnerability in a driver bundled ...

December 19, 2018 | Oren Mashal

About a year ago webminers began to appear on more and more websites. It was ...

December 18, 2018 | Lena Frid

We all shop online. How many times, just before placing an online order, have ...

December 11, 2018 | Karl Sigler

The last Patch Tuesday of 2018 is here and we are easing into the New Year with ...

December 06, 2018 | Victor Hora

Summary This blog post offers insight into Magecart and offers advice on how to ...

December 05, 2018 | Philip Pieterse

‘Scavenger’ - definition [noun]: a person who searches for and collects ...

December 05, 2018 | Victor Hora

We are happy to announce ModSecurity version 2.9.3!

November 27, 2018 | Bryant Smith

Many types of malware send and receive data via HTTP. They may either be ...

November 27, 2018 | Martin Rakhmanov

Sometimes pentesters and security researchers need to modify existing Java ...

November 27, 2018 | Manuel Nader

Context AJAX stands for Asynchronous JavaScript And XML. It’s a set of web ...

November 27, 2018 | Karl Sigler

The second to last Patch Tuesday of 2018 is here with patches for 55 CVEs. This ...

November 27, 2018 | Matt Lorentzen

Whilst there is a wealth of information out there about how to build ...

November 27, 2018 | Felipe "Zimmerle" Costa

At precisely 155 commits ahead of the latest version, ModSecurity version 3.0.3 ...

November 26, 2018 | Rodel Mendrez

During Thanksgiving week, we noticed this quite unusual XML-format MS Office ...

November 19, 2018 | Simon Kenin

After coming back from a vacation, the first thing to do is catch up with what ...

October 26, 2018 | David Middlehurst

Introduction David Middlehurst of Trustwave SpiderLabs presented at the first ...