SpiderLabs Blog
Explore the latest threats, critical vulnerability disclosures, cutting-edge research, and intelligence from our elite global threat experts.
Debugging SAP ASE .NET Provider Issues
September 03, 2015 | Martin Rakhmanov
I've recently been chasing a bug that made it impossible to call one built-in ...
SpiderLabs Radio for the Week of August 24, 2015
August 31, 2015
In this week's episode:
SpiderLabs Radio for the Week of August 17, 2015
August 24, 2015
In this week's episode:
Two Vulnerabilities Reported by SpiderLabs Fixed in Oracle Critical Patch Update July 2015
August 17, 2015 | Martin Rakhmanov
In July, Oracle released a Critical Patch Update for multiple products ...
Microsoft Patch Tuesday for August 2015
August 11, 2015
Today marks Patch Tuesday for August. Almost identical to last month's list, ...
RIG Reloaded - Examining the Architecture of RIG Exploit Kit 3.0
August 03, 2015 | SpiderLabs Researcher
A few months ago the RIG exploit kit took quite a hit when its source code was ...
SSH Weak Diffie-Hellman Group Identification Tool
August 03, 2015 | Fabian Foerg
Check SSH servers for weak Diffie-Hellman key exchange configurations.
SpiderLabs Radio for the Week of July 27, 2015
August 03, 2015
In this week's episode:
Username Enumeration against OpenSSH-SELinux with CVE-2015-3238
July 30, 2015 | Sebastien Macke
I recently disclosed a low-risk vulnerability in Linux-PAM versions prior to ...
Tsar Team Microsoft Office Zero Day CVE-2015-2424
July 29, 2015 | Rami Kogan
After the publication of Flash and IE zero days following the Hacking Team ...
Finding XSS Vulnerabilities More Quickly with Dynamic Contextual Analysis
July 20, 2015 | Michael Yuen
Cross-Site Scripting (XSS) has been around since the 1990s and countless ...
SpiderLabs Radio for the Week of July 13, 2015
July 17, 2015
In this week's episode:
Microsoft Patch Tuesday July 2015
July 14, 2015
July's Patch Tuesday is here and brings with it a rather large 14 bulletins ...
SpiderLabs Radio for the Week of Jul 6, 2015
July 13, 2015
In this week's episode we talk about the Hacking Team getting hacked.
A Flash Exploit (CVE-2015-5119) From the Hacking Team Leak
July 08, 2015
***Update July 12, 2015--It was recently discovered that Hacking Team possessed ...
AppDetectivePRO and DbProtect Knowledgebase Update 4.51
July 07, 2015 | SpiderLabs Researcher
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now ...
Malvertisement – A Nuclear EK Tale
July 06, 2015 | Anat (Fox) Davidi
Over the past couple of years delivering malware via advertisements, or ...
Attacking Ruby Gem Security with CVE-2015-3900
June 23, 2015 | Jonathan Claudius
A Ruby gem is a standard packaging format used for Ruby libraries and ...
SpiderLabs Radio for the Week of June 15, 2015
June 22, 2015
In this week's episode:
Microsoft Patch Tuesday, June 2015
June 09, 2015
It's that time of the month again, Patch Tuesday for June! With only eight ...
Trustwave 2015 Global Security Report Available Now
June 09, 2015 | Trustwave SpiderLabs
SpiderLabs Radio for the Week of June 1, 2015
June 08, 2015
In this week's episode:
New Episode of Punkey PoS Malware Airs
June 08, 2015 | Eric Merritt
Reruns from the 1980s are all the rage these days, and like the sitcom it's ...
AppDetectivePRO and DbProtect Knowledgebase Update 4.50
June 04, 2015 | SpiderLabs Researcher
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now ...
Changes in Oracle Database 12c password hashes
June 01, 2015 | Martin Rakhmanov
Oracle has made improvements to user password hashes within Oracle Database ...
SpiderLabs Radio for the Week of May 25, 2015
May 29, 2015
In this week's episode:
Adventures in Social Engineering: The Evil Reference
May 29, 2015
I recently completed a social engineering gig targeting four bank locations. ...
Malicious Macros Evades Detection by Using Unusual File Format
May 27, 2015 | Rodel Mendrez
A couple of months ago we observed an influx of XML spam attachments that were ...