SpiderLabs Blog

April 09, 2014

In this third installment of Detecting A Surveillance State blog series I will ...

April 09, 2014 | woodbusy

As Karl noted in his Patch Tuesday post, yesterday was the last day of support ...

April 09, 2014 | Mike Park

Apart from our typical application penetration testing engagements, clients ...

April 08, 2014

April's Microsoft Patch Tuesday is on par with the prior releases this year. ...

April 03, 2014 | Robert Foggia

The Microsoft April security release is almost upon us with security updates ...

April 03, 2014

In this episode I talk about GMail making HTTPS mandatory, a move some people ...

April 03, 2014 | Trustwave SpiderLabs

A zero-day vulnerability in Microsoft Word involving the handling of the RTF ...

March 31, 2014 | Brian Bebeau

Looking to refinance your house? Install solar panels? Hey, this email about ...

March 31, 2014 | Christophe De La Fuente

During our last ATM review engagement, we found some interesting executable ...

March 31, 2014 | Wendel Guglielmetti Henrique

Since 2003 a large part of my workday has been devoted solely to hacking ...

March 31, 2014 | David Kirkpatrick

On a recent gig I was hit with hundreds of hosts running a service on port TCP ...

March 26, 2014 | Ryan Barnett

Our web honeypots picked up some increased exploit attempts for an old Joomla ...

March 20, 2014

In this episode we talk about the Windigo malware campaign, how a ...

March 20, 2014 | Bryant Smith

OWASP is again participating in the Google Summer of Code (GSoC) Program for ...

March 18, 2014 | Robert Rowley

In the last post we reviewed a few hardware implants that may have been used by ...

March 18, 2014 | Ryan Barnett

In a previous blog post, I provided "Method of Entry" analysis for a ColdFusion ...

March 13, 2014

In this episode we talk about Microsoft Patch Tuesday providing patches for an ...

March 12, 2014 | Ryan Barnett

There were news stories this week outlining how attackers are abusing the ...

March 12, 2014 | Ben Hayak

A lot has already been said about CVE-2014-0502, the Adobe Flash Player ...

March 11, 2014

This is the first in a series of four blog posts that will cover defenses and ...

March 11, 2014 | Neal Hindocha

This is the third and final part on the subject of Touchlogging. I do recommend ...

March 11, 2014

March's Patch Tuesday includes five bulletins, two rated "Critical" and three ...

March 08, 2014

In this episode we talk about a new Russian rootkit called Uroburos, another ...

March 06, 2014 | Neal Hindocha

This is part two in my Touchlogging series, you can find part one here.

March 06, 2014

Submitted by Ziv Mador and Ryan Barnett

March 06, 2014

The Microsoft Security release for March will include patches for Windows, ...

March 04, 2014 | Rodel Mendrez

In this blog post, we'll be describing the functionality of a spamming botnet ...

March 03, 2014 | Neal Hindocha

Although there have been numerous articles posted, I thought I would write ...