[Honeypot Alert] More WordPress is_human Plugin Remote Command Injection Attack Detected
March 12, 2012 | Ryan Barnett
As we first noted in a previous Honeypot Alert Blog post, our web honeypots ...
[Honeypot Alert] Status Report for February 2012
March 12, 2012 | Ryan Barnett
Monthly Web Honeypot Status Report We have received a tremendous amount of ...
OWASP Virtual Patching Survey Results
March 09, 2012 | SpiderLabs Researcher
In a previous blog post, we issued a call for assistance to help OWASP with a ...
Detecting Brazilian Banking Trojans with Snort http_inspect
March 08, 2012
If you take a look at malware samples down here in Brazil, probably in most of ...
Virtual Patch for Movable Types XSS (CVE 2012-1262)
March 01, 2012 | Ryan Barnett
My SpiderLabs Research colleague Jonathan Claudius recently identified an XSS ...
PIG - Finding Your Target Without Saying a Word
February 27, 2012 | Ryan Linn
You see blogs, talks, presentations, and tutorials on how to break into boxes ...
SpiderLabs Threat Intelligence Program
February 23, 2012
So a lot of people have been asking me "What do you do at Trustwave?" and I ...
[Honeypot Alert] phpMyAdmin Code Injection Attacks for Botnet Recruitment
February 21, 2012 | Ryan Barnett
Our web honeypots picked up the following attacks today:
#TWContest: And the winner of the @Trustwave @SpiderLabs 2012 Global Security Report contest is...
February 21, 2012 | SpiderLabs Anterior
Here is a summary of the questions and answers:
#TWContest: One in how many organizations use insecure remote access...
February 20, 2012 | SpiderLabs Anterior
The question was… "One in how many organizations use insecure remote access ...
Call for Assistance: OWASP Virtual Patching Survey
February 17, 2012 | Ryan Barnett
Identification of web application vulnerabilities is only half the battle with ...
#TWContest: The two main motivations for web-based attacks are...
February 16, 2012 | SpiderLabs Anterior
On Thursday we posted our sixth question of the Trustwave 2012 Global Security ...
Trustwave SpiderLabs: My First Nine Days
February 15, 2012 | Space Rogue
So as some of you may have heard I now work at Trustwave for their SpiderLabs ...
Patch Tuesday, Feb 2012: What I did this Valentine's Day
February 15, 2012 | nosteve
#TWContest: The correct data aggregation technique is...
February 15, 2012 | SpiderLabs Anterior
On Tuesday we posted our fifth question of the Trustwave 2012 Global Security ...
Top Ten Web Protection Techniques of 2011
February 14, 2012 | Ryan Barnett
Top Ten Web Hacking Techniques of 2011 Every year the web security community ...
#TWContest: The top 'origin' of attack is...
February 14, 2012 | SpiderLabs Anterior
The question was… "What was the top "origin" of attack as seen through ...
#TWContest: The 7th most popular password is...
February 13, 2012
On Friday we posted our third question of the Trustwave 2012 Global Security ...
Common Attack Methodologies Identified in European Customers
February 13, 2012 | Ryan Barnett
As you may have heard, Trustwave SpiderLabs released our Global Security Report ...
#TWContest: The industry that ranked third is...
February 10, 2012 | SpiderLabs Anterior
On Thursday we posted our second question of the Trustwave 2012 Global Security ...
#TWContest: 1 out of every ~800 devices on the Internet is vulnerable to…
February 09, 2012 | SpiderLabs Anterior
On Tuesday we posted our first question of the Trustwave 2012 Global Security ...
WASC Distributed Web Honeypots Project Update
February 08, 2012
As the WASC Distributed Web Honeypots Project Sponsor, we are excited to ...
[Honeypot Alert] Status Report for January 2012
February 06, 2012 | Ryan Barnett
Monthly Web Honeypot Status Report We have received a tremendous amount of ...
Clarifying The LevelBlue CA Policy Update
February 04, 2012
We've seen a number of comments and questions on Twitter regarding a recent ...
Death to PDF!
February 03, 2012
SpiderLabs customers are frustrated with PDF reports:
Island Hopping the SpiderLabs Way
February 02, 2012 | Nathan Drier
More and more, I find myself having to fight with highly segmented networks and ...
HOIC DDoS Analysis and Detection
January 27, 2012 | Ryan Barnett
In a previous blog post, we provided details of a DDoS attack tool called LOIC ...
Cuckoo for Cuckoo Box
January 26, 2012 | Ryan Merritt
Cuckoo Sandbox is an automated, open source, malware analysis system that ...