Raiding the Piggy Bank: Webshell Secrets Revealed
December 19, 2016 | James Antonakos
Introduction
Microsoft Patch Tuesday, December 2016
December 13, 2016 | SpiderLabs Researcher
December's Patch Tuesday is here to greet you with the pleasant tidings of ...
A Backdoor in Skype for Mac OS X
December 12, 2016 | SpiderLabs Pen Testing LAC
Trustwave recently reported a locally exploitable issue in the Skype Desktop ...
New Carbanak / Anunak Attack Methodology
November 14, 2016 | SpiderLabs Researcher
In the last month Trustwave was engaged by multiple hospitality businesses for ...
OWASP Core Rule Set 3.0.0 (Final) release
November 11, 2016 | Chaim Sanders
The OWASP Core Rule Set (CRS) team is excited to announce the immediate ...
Microsoft Patch Tuesday, November 2016
November 08, 2016 | SpiderLabs Researcher
The November Patch Tuesday is here and it's a big one with 14 bulletins ...
Bopup Communications Server Remote Buffer Overflow Vulnerability
November 04, 2016 | Neil Kettle
Trustwave recently discovered a remotely exploitable issue in all current ...
About SAP Adaptive Server Enterprise dbcc import_sproc SQL injection vulnerability (CVE-2016-7402)
October 20, 2016 | Martin Rakhmanov
This vulnerability was introduced in SAP Adaptive Server Enterprise 16.0 SP02 ...
OWASP ModSecurity CRS Version 3.0 RC2 Released
October 19, 2016 | Chaim Sanders
The OWASP Core Rule Set (CRS) is an Open Source project run by the Open Web ...
Down the Rabbit Hole: Extracting Maliciousness from MSG Files Without Outlook
October 12, 2016 | Rodel Mendrez
Email As Infection Vector
Microsoft Patch Tuesday, October 2016
October 11, 2016 | SpiderLabs Researcher
October has arrived with seasonal changes and a new Microsoft Patch Tuesday. ...
RIG's Facelift
September 30, 2016 | Rami Kogan
RIG EK has been in the headlines recently mainly because both EITEST and ...
Steganography... what is that?
September 19, 2016 | Jesus Olguin
When people think about Information Security the first word that generally ...
Necurs – the Heavyweight Malware Spammer
September 14, 2016 | Phil Hay
Today we want to dwell upon a pesky botnet that goes by the name of Necurs, and ...
Microsoft Patch Tuesday, September 2016
September 13, 2016 | SpiderLabs Researcher
September's Patch Tuesday is upon us and it's the biggest one so far this year. ...
Sundown EK – Stealing Its Way to the Top
September 02, 2016 | SpiderLabs Researcher
Sundown is one of the newest Exploit Kits on the market these days, and like ...
OWASP ModSecurity CRS Version 3.0 RC1 Released
August 15, 2016 | Chaim Sanders
Trustwave has been dedicated to supporting ModSecurity and the associated ...
Microsoft Patch Tuesday, August 2016
August 08, 2016 | SpiderLabs Researcher
Today is August's Patch and with only 9 bulletins with 27 unique CVEs it's one ...
Turning Up The Heat on IoT: TRANE Comfortlink XL850
August 07, 2016 | Jeff Kitson
The Internet of Things (IoT) continues to explode in the consumer market as ...
To Obfuscate, or not to Obfuscate
August 04, 2016 | Eric Merritt
Malware's goal is to bypass computer defenses, infect a target, and often ...
SAP ASE file creation vulnerability (CVE-2016-6196)
August 02, 2016 | Martin Rakhmanov
Recently SAP released a patch for an Adaptive Server Enterprise vulnerability ...
Slinging Hash: Speeding Cyber Threat Hunting Methodologies via Hash-Based Searching
August 01, 2016 | James Antonakos
The term "hash" is thrown around in casual IT conversation quite a bit ...
Denial of Service: A Survival Guide
August 01, 2016 | Yannick Bedard
From Anonymous style SYN flooding to Application layer denial of service, ...
Microsoft Patch Tuesday, July 2016
July 12, 2016 | SpiderLabs Researcher
July's Patch Tuesday is here and brings with it five bulletins rated Critical ...
How I Cracked a Keylogger and Ended Up in Someone's Inbox
July 01, 2016 | Rodel Mendrez
It all started from a spam campaign. Figure 1 shows a campaign we picked up ...
Malware Authors Adopt CEO Fraud Techniques
June 29, 2016 | Erwin Balunsat
CEO Fraud scams, a type of Business Email Compromise (BEC), have gained ...
CEO Fraud Scams and How to Deal With Them at the Email Gateway
June 28, 2016 | Phil Hay
Email scams known as "CEO Fraud" are very common right now. They are a type of ...
PoSeidon Adventures in Memory
June 24, 2016 | Shawn Kanady
Background