Apex Secure Coding Considerations
July 02, 2012 | Rohini Sulatycki
Apex is an on-demand language that extends the Force.com platform by providing ...
Wham Bam, the Cutwail/Blackhole Combo
July 02, 2012 | Phil Hay
Over the past few weeks we have seen a resurgence of malicious spam with links ...
Stolen Laptop Recovery via OSX Trap Partition
July 02, 2012
My Macbook Air has 2 partitions, one that is my normal everyday partition that ...
Oops, I pwned your router- Part One
June 30, 2012 | Videoman
Embedded computing is very much about making a computer as small as possible, ...
Analyzing PDF Malware - Part 3B
June 27, 2012 | Ryan Merritt
Down that dusty trail… As the big blue letters above state, this is part 3B of ...
eHarmony Password Dump Analysis
June 26, 2012 | Mike Kelly
Unless you've been hauled up in a bunker, eating MREs and watching Doomsday ...
Security Capture the Flag Competitions
June 24, 2012 | John Hoopes
Many people look at capture the flag competitions with varying reactions. Some ...
I Forgot Your Password
June 24, 2012 | Chris Vinecombe
I'm now going into my second year in application security, and as I learn more ...
Five E-Commerce Security Myths (Part 1)
June 23, 2012 | Marc Bown
Compromises of e-commerce websites are increasingly common. In our 2012 Global ...
Five E-Commerce Security Myths (Part 2)
June 23, 2012
In part 1 of this series I gave an introduction into how most merchants accept ...
CVSS for Penetration Test Results (Part I)
June 22, 2012 | Tim Maletic
Trustwave has been adding support for the Common Vulnerability Scoring System ...
Internet Explorer Vulnerabilities Gone Wild
June 20, 2012 | Anat (Fox) Davidi
It's a busy time for Internet Explorer: Patch Tuesday addressed quite a few ...
Metasploit = tips, tricks, hashes and tokens
June 20, 2012
Metasploit is one of the many tools that can be used during a penetration test, ...
[Honeypot Alert] PHP-CGI Vuln Targeted For Database Dumping
June 19, 2012 | Ryan Barnett
Thanks to my SpiderLabs Research colleague @claudijd for collaborating with ...
ModSecurity and OWASP CRS Updates Available
June 15, 2012 | Ryan Barnett
Security Fix Release: ModSecurity v2.6.6 The ModSecurity Development Team has ...
Using Nmap to Screenshot Web Services
June 14, 2012 | Ryan Linn
As part of Trustwave SpiderLabs network penetration testing team, I perform ...
Introducing CryptOMG
June 12, 2012 | Andrew Jordan
CryptOMG is CTF-style testbed for exploiting various flaws in cryptographic ...
Microsoft Patch Tuesday: RDP - Keep on Knockin' But You Can't Come In
June 12, 2012
Another month, another Patch Tuesday. This one has seven bulletins three of ...
MySQL/MariaDB: Trade You a Banana for Root Access?
June 12, 2012 | Jonathan Claudius
Summary
The Return of Zuc.A and and Ancient OSX Viruses?
June 11, 2012 | Space Rogue
A few weeks ago I caught a tweet from Chris Wysopal (@WeldPond) noticing how ...
Zap(ped) into Foca(s)
June 08, 2012 | Theresa
An external penetration test isn't just about the network addresses to pwn, but ...
Analyzing PDF Malware - Part 3A
June 08, 2012 | Ryan Merritt
When we last left our heroes…
Discussions on Targeted Attacks
June 06, 2012
Even though targeted attacks performed by groups such as LulzSec and Anonymous ...
Dynamic DAST/WAF Integration: Realtime Virtual Patching
June 05, 2012 | Ryan Barnett
At the recent OWASP AppSecDC conference, I presented on this topic. I received ...
Rogue Certificates Set on Flame
June 05, 2012 | Rami Kogan
It was only a matter of time before we felt Flame's aftershock. Yesterday ...
Dynamic DAST/WAF Integration: Realtime Virtual Patching
June 05, 2012 | Ryan Barnett
At the recent OWASP AppSecDC conference, I presented on this topic. I received ...
Now IronSpider - Go hard or Go home, I'm an Ironman!
June 04, 2012 | SpiderLabs Researcher
Probably in the same period I started at Trustwave SpiderLabs I decided to ...
iOS Application Security: Review of Top 50 Free iPad Apps [Part 2 of 2]
June 01, 2012
The View From The Top Isn't Much Better