Malspam Campaign Targets Banks Using Microsoft Publisher
August 17, 2018 | Homer Pacag
It's very unusual for malware authors to utilize publishing software like ...
Patch Tuesday, August 2018
August 14, 2018 | Karl Sigler
Patch Tuesday, August 2018
Mapping Social Media with Facial Recognition: A New Tool for Penetration Testers and Red Teamers
August 08, 2018 | Jacob Wilkin
Performing intelligence gathering is a time-consuming process, it typically ...
CVE-2018-2892 - Kernel Level Privilege Escalation in Oracle Solaris
July 24, 2018 | Neil Kettle
Trustwave recently discovered a locally exploitable issue in all current ...
Malicious SettingContent now Delivered Through PDF
July 23, 2018
Recently, a proof-of-conceptemerged on how the filetype SettingContent can be ...
DanaBot Riding Fake MYOB Invoice Emails
July 16, 2018 | Dr. Fahim Abbasi
Authors: Dr. Fahim Abbasi and Diana Lopera
CUPS Local Privilege Escalation And Sandbox Escapes
July 11, 2018 | Dan Bastone
CVE-2018-4180, CVE-2018-4182, CVE-2018-4183, CVE-2018-6553, CVE-2018-4181: ...
Patch Tuesday, July 2018
July 10, 2018 | Karl Sigler
July's Patch Tuesday is here with patches for 53 CVEs and the standard roll up ...
Web Application Security-ModSecurity Commercial Rules, Update for June 2018
June 30, 2018
Overview for rules released by Trustwave SpiderLabs in November for ModSecurity ...
Adobe Flash Player 0-Day (CVE-2018-5002)
June 12, 2018 | SpiderLabs Researcher
An Adobe advisory regarding a zero-day vulnerability in Adobe Flash Player was ...
Patch Tuesday, June 2018
June 12, 2018 | Karl Sigler
For June's Patch Tuesday Microsoft is patching 50 CVEs and releasing 2 ...
Breaking Randomness In The Ethereum Universe [Part 1]
June 01, 2018 | Elliot Ward
This article focuses on generating random numbers on-chain and what the ...
Breakdown of the EFAIL Email Vulnerabilities
May 24, 2018 | Phil Hay
hullabaloo [huhl-uh-buh-loo], noun, plural hullabaloos.
CVE-2018-8174 and Forcing Internet Explorer Exploits
May 15, 2018 | Karl Sigler
A zero day exploit was discovered targeting trade agencies and other related ...
CVE-2018-1000136 - Electron nodeIntegration Bypass
May 10, 2018 | Brendan Scarvell
A few weeks ago, I came across a vulnerability that affected all current ...
Patch Tuesday, May 2018
May 08, 2018 | Karl Sigler
May's Patch Tuesday is here and it looks like these monthly releases have ...
'Drupalgeddon2' Recent Developments
April 27, 2018 | Victor Hora
Drupal, the popular Content Management System, (might) have seen better days. ...
Jolokia Vulnerabilities – RCE & XSS
April 18, 2018 | Olga Barinova
CVE-2018-1000130, CVE-2018-1000129: Remote Code Execution via JNDI injection ...
All Your Base64 Are Belong To Us – Dynamic vs. Static Analysis of Web Content
April 11, 2018 | Simon Kenin
I recently encountered an interesting phishing scheme when reviewing telemetry ...
Patch Tuesday, April 2018
April 10, 2018 | Karl Sigler
April's Patch Tuesday didn't let up much compared to March. Overall April ...
Crypter-as-a-Service Helps jRAT Fly Under The Radar
March 26, 2018 | Rodel Mendrez
(Contributor: Dr. Fahim Abbasi and Phil Hay)
Patch Tuesday, March 2018
March 13, 2018 | Karl Sigler
March is coming in like a lion with this Patch Tuesday. The release patches 73 ...
Fake ASIC Renewal Spam Delivers Malware to Australian Companies
February 21, 2018 | Dr. Fahim Abbasi
The Australian Securities and Investment Commission (ASIC) is an independent ...
Multi-Stage Email Word Attack Without Macros
February 14, 2018 | Homer Pacag
Malware authors often distribute malware through code macros in Microsoft ...
Advanced Deception with BEC Fraud Attacks
February 14, 2018 | Dr. Fahim Abbasi
Background Business Email Compromise (BEC) email fraud, also known as "CEO ...
Flash Zero Day (CVE-2018-4878)
February 13, 2018 | Karl Sigler
A zero day Flash exploit caught targeting South Korean users was announced by ...
Microsoft Patch Tuesday, February 2018
February 13, 2018
February's Patch Tuesday is here and after the light January, it's back with ...
Mass MikroTik Router Infection – First we cryptojack Brazil, then we take the World?
February 12, 2018 | Simon Kenin
On July 31st , just after getting back to the office from my talk at RSA Asia ...