SpiderLabs Blog

September 24, 2012

This year I've been very busy in terms of conferences, and ...

September 24, 2012 | Tim Maletic

CVSS needs to be extended to accommodate combinations of vulnerabilities. The ...

September 24, 2012 | Alex Fernandez-Gatti

I entered into school with the hope and dream of someday entering into the ...

September 24, 2012 | Marc Bown

Recently I've found myself performing a lot of forensic examinations of X-Cart ...

September 20, 2012

So, last time I showed how to get a Unix reverse shell up and running just by ...

September 20, 2012 | Rami Kogan

The ride on the rollercoaster called the web security world never stops and ...

September 20, 2012

Regular Expressions for Input Validation If your web application defensive ...

September 18, 2012 | Barry O’Connell

Numerous technical articles emerge each day about the latest vulnerabilities, ...

September 14, 2012 | Art Dahnert

This article (along with subsequent articles) will cover the journey I've taken ...

September 12, 2012 | Space Rogue

The recent GoDaddy DNS outage illustrates that the Internet does not just work ...

September 11, 2012

As we mentioned last week there are only two patches this month! Not to mention ...

September 10, 2012 | Chris Vinecombe

In Louisville, Kentucky next month at Derbycon, Daniel Crowley and I will be ...

September 07, 2012 | Bruno Oliveira

Yes, I imagine you are probably tired to see blog posts about "real-world" ...

September 06, 2012 | Nate Sanders

This has been a fairly common topic over the last year and I've seen plenty of ...

September 06, 2012 | Space Rogue

Microsoft has released its Advanced Notification for September 2012. The bad ...

September 05, 2012 | Space Rogue

If you combine the dictionary definitions for 'media' and 'hype' you come up ...

September 05, 2012

It has been about 3 months since CryptOMG was released and I will start going ...

August 30, 2012

As someone who's worked in the financial industry for years, I'm fascinated by ...

August 30, 2012 | Dan Crowley

Patsy (slang) - A person easily taken advantage of, cheated, blamed, or ...

August 29, 2012 | Robert Foggia

Trustwave SpiderLabs has published a new advisory today for a Cross-Site ...

August 29, 2012 | Wendel Guglielmetti Henrique

My name is Wendel Guglielmetti Henrique, and I'm a senior security consultant ...

August 29, 2012 | Moshe Basanchig

Maintaining backward compatibility in software products is hard. Technology ...

August 29, 2012 | Ryan Linn

I had the opportunity to do the Stripe-CTF (Capture The Flag) contest this past ...

August 29, 2012 | Ryan Barnett

Submitted By Breno Silva Pinto and Ryan Barnett

August 29, 2012 | Nathan Drier

Being a PenTester for Trustwave Spiderlabs, I work with a huge amount of ...

August 28, 2012 | Josh Grunzweig

Recently, I found myself in a common situation—helping a comrade in our ...

August 27, 2012 | SpiderLabs Researcher

Java exploits have been used for distributing malware for a while. See for ...

August 27, 2012

So, you just bought that fancy new box with the blinky lights that's supposed ...