#TWContest: The industry that ranked third is...
February 10, 2012 | SpiderLabs Anterior
On Thursday we posted our second question of the Trustwave 2012 Global Security ...
#TWContest: 1 out of every ~800 devices on the Internet is vulnerable to…
February 09, 2012 | SpiderLabs Anterior
On Tuesday we posted our first question of the Trustwave 2012 Global Security ...
WASC Distributed Web Honeypots Project Update
February 08, 2012
As the WASC Distributed Web Honeypots Project Sponsor, we are excited to ...
[Honeypot Alert] Status Report for January 2012
February 06, 2012 | Ryan Barnett
Monthly Web Honeypot Status Report We have received a tremendous amount of ...
Clarifying The LevelBlue CA Policy Update
February 04, 2012
We've seen a number of comments and questions on Twitter regarding a recent ...
Death to PDF!
February 03, 2012
SpiderLabs customers are frustrated with PDF reports:
Island Hopping the SpiderLabs Way
February 02, 2012 | Nathan Drier
More and more, I find myself having to fight with highly segmented networks and ...
HOIC DDoS Analysis and Detection
January 27, 2012 | Ryan Barnett
In a previous blog post, we provided details of a DDoS attack tool called LOIC ...
Cuckoo for Cuckoo Box
January 26, 2012 | Ryan Merritt
Cuckoo Sandbox is an automated, open source, malware analysis system that ...
TWSL2012-002: Multiple Vulnerabilities in WordPress
January 24, 2012 | Robert Foggia
Trustwave SpiderLabs has published a new advisory today for multiple ...
On Null Byte Poisoning and XPath Injection
January 23, 2012 | Dan Crowley
Recently I released a tool called XMLmao, a configurable testbed for learning ...
[Honeypot Alert] Simple Page Options Module for Joomla! Local File Inclusion Attack Detected
January 19, 2012 | Ryan Barnett
Our web honeypots generated the following ModSecurity alert today:
Android IRC Bot - This Ain't Your Granny's Android Malware (Or Maybe It Is)
January 18, 2012 | Josh Grunzweig
As I'm sure many of you know, the rise of mobile-based malware has been on the ...
[Honeypot Alert] phpMyAdmin Superglobal Session Manipulation Attack Detected
January 17, 2012 | Ryan Barnett
Our web honeypots have identified attempts to exploit CVE-2011-2505. OSVDB ...
Scripting Metasploit using MSGRPC
January 13, 2012 | Ryan Linn
While there are many aspects of network pen testers that sets the good testers ...
[Honeypot Alert] Is-human Wordpress Plugin Remote Command Execution Attack Detected
January 13, 2012 | Ryan Barnett
Our web honeypot logs picked up an attack aimed at exploiting the Is-human ...
[Honeypot Alert] Extensive 'setup.php' Scanning Detected
January 12, 2012 | Ryan Barnett
The SpiderLabs Research Team has identified an extensive scanning campaign ...
Microsoft Patch Tuesday (January 2012): Media Player and The BEAST
January 10, 2012
The statisticians over at the Patch Tuesday Farmer's Almanac are saying that 7 ...
ModSecurity Mitigations for ASP.NET HashTable DoS Vulnerability (CVE-2011-3414)
January 09, 2012 | Ryan Barnett
ThreatPost had a news story today about PoC code that was released to the full ...
[Honeypot Alert] Multiple Local File Inclusion Attacks
January 09, 2012 | Ryan Barnett
Our web server honeypot log analysis has picked up some targeted local file ...
Analyzing PDF Malware - Part 2
January 06, 2012
Where were we?
ModSecurity Advanced Topic of the Week: Mitigation of 'Slow Read' Denial of Service Attack
January 06, 2012 | Ryan Barnett
Slow-Read DoS Attack Background Another tweak in the ongoing "Slow" DoS attacks ...
Introducing SQLol
January 06, 2012 | Dan Crowley
At the most recent Austin Hackers Association meeting I unveiled a project I've ...
Virtual Patch for ASP.Net Forms Authentication Bypass Vulnerability (CVE-2011-3416)
January 04, 2012 | Ryan Barnett
Last Thursday, Microsoft released an out-of-band security patch (MS11-100) ...
[Honeypot Alert] phpThumb() 'fltr[]' Parameter Command Injection Detected
December 28, 2011 | Ryan Barnett
The SpiderLabs Research Team has identified active scanning for the phpThumb() ...
[Honeypot Alert] Plone and Zope Remote Command Execution Detected
December 27, 2011 | Ryan Barnett
We have identified active scanning for the recent Plone and Zope Remote Command ...
TWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin
December 23, 2011 | Robert Foggia
The Spiderlabs team at Trustwave published a new advisory for a ...
TWSL2011-018: Authentication Bypass Vulnerability in IBM TS3100/TS3200 Web User Interface
December 21, 2011 | Robert Foggia
The Spiderlabs team at Trustwave published a new advisory for a authentication ...