SpiderLabs Radio for the Week of September 28, 2015
October 05, 2015
In this week's episode:
Jumping through the hoops: multi-stage malicious PDF spam
September 30, 2015 | Phil Hay
We've recently encountered a number of malicious spam messages with PDFs ...
Quaverse RAT: Remote-Access-as-a-Service
September 23, 2015 | Rodel Mendrez
***UPDATE as of September 28, 2015 - see the bottom of this post for removal ...
HOW TO: Setting up Encrypted Communications Channels in Oracle Database
September 22, 2015 | Martin Rakhmanov
In this article, I will explain how to set up an encrypted communications ...
SpiderLabs Radio for the Week of September 14, 2015
September 21, 2015
In this week's episode:
Microsoft Patch Tuesday, September 2015
September 08, 2015
Today marks Patch Tuesday for September and this month brings with it 12 ...
Lessons in Spam JavaScript Obfuscation Layers
September 08, 2015 | Brian Bebeau
Spammers seem to be adding layers of obfuscation to their malware attachments ...
SpiderLabs Radio for the Week of August 31, 2015
September 06, 2015
In this week's episode:
About Two SAP Adaptive Server Enterprise (ASE) Extended Procedure Subsystem Vulnerabilities
September 03, 2015
Recently SAP patched two important security issues in Adaptive Server ...
Debugging SAP ASE .NET Provider Issues
September 03, 2015 | Martin Rakhmanov
I've recently been chasing a bug that made it impossible to call one built-in ...
SpiderLabs Radio for the Week of August 24, 2015
August 31, 2015
In this week's episode:
SpiderLabs Radio for the Week of August 17, 2015
August 24, 2015
In this week's episode:
Two Vulnerabilities Reported by SpiderLabs Fixed in Oracle Critical Patch Update July 2015
August 17, 2015 | Martin Rakhmanov
In July, Oracle released a Critical Patch Update for multiple products ...
Microsoft Patch Tuesday for August 2015
August 11, 2015
Today marks Patch Tuesday for August. Almost identical to last month's list, ...
RIG Reloaded - Examining the Architecture of RIG Exploit Kit 3.0
August 03, 2015 | SpiderLabs Researcher
A few months ago the RIG exploit kit took quite a hit when its source code was ...
SSH Weak Diffie-Hellman Group Identification Tool
August 03, 2015 | Fabian Foerg
Check SSH servers for weak Diffie-Hellman key exchange configurations.
SpiderLabs Radio for the Week of July 27, 2015
August 03, 2015
In this week's episode:
Username Enumeration against OpenSSH-SELinux with CVE-2015-3238
July 30, 2015 | Sebastien Macke
I recently disclosed a low-risk vulnerability in Linux-PAM versions prior to ...
Tsar Team Microsoft Office Zero Day CVE-2015-2424
July 29, 2015 | Rami Kogan
After the publication of Flash and IE zero days following the Hacking Team ...
Finding XSS Vulnerabilities More Quickly with Dynamic Contextual Analysis
July 20, 2015 | Michael Yuen
Cross-Site Scripting (XSS) has been around since the 1990s and countless ...
SpiderLabs Radio for the Week of July 13, 2015
July 17, 2015
In this week's episode:
Microsoft Patch Tuesday July 2015
July 14, 2015
July's Patch Tuesday is here and brings with it a rather large 14 bulletins ...
SpiderLabs Radio for the Week of Jul 6, 2015
July 13, 2015
In this week's episode we talk about the Hacking Team getting hacked.
A Flash Exploit (CVE-2015-5119) From the Hacking Team Leak
July 08, 2015
***Update July 12, 2015--It was recently discovered that Hacking Team possessed ...
AppDetectivePRO and DbProtect Knowledgebase Update 4.51
July 07, 2015 | SpiderLabs Researcher
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now ...
Malvertisement – A Nuclear EK Tale
July 06, 2015 | Anat (Fox) Davidi
Over the past couple of years delivering malware via advertisements, or ...
Attacking Ruby Gem Security with CVE-2015-3900
June 23, 2015 | Jonathan Claudius
A Ruby gem is a standard packaging format used for Ruby libraries and ...
SpiderLabs Radio for the Week of June 15, 2015
June 22, 2015
In this week's episode: