Stealthy VBA Macro Embedded in PDF-like Header Helps Evade Detection
September 20, 2023 | Rodel Mendrez
In the ever-evolving landscape of malware threats, threat actors are ...
To OSINT and Beyond!
September 13, 2023 | Medz Barao
Open-Source Intelligence (OSINT) can be valuable for an organization and ...
The Evolution of Phishing Campaigns
September 11, 2023 | Rachel Kang, Anthony Mussario
In 2022, phishing was responsible for more than half of the incidents ...
LevelBlue SpiderLabs Releases Actionable Cybersecurity Intelligence for the Hospitality Industry
September 07, 2023
The LevelBlue SpiderLabs team conducted a multi-month investigation into the ...
A Bucket of Phish: Attackers Shift Tactics with Cloudflare R2 Public Buckets
September 06, 2023 | Karla Agregado
In our previous blog, we found a lot of phishing and scam URLs abusing ...
Threat-Loaded: Malicious PDFs Never Go Out of Style
August 31, 2023 | Bernard Bautista
Introduction In the realm of cybersecurity, danger hides where we least expect ...
The Evolution of Persistent Threats: From Chernobyl to BlackLotus
August 30, 2023 | Jose Tozo
In this blog post, we will explore how the computer security landscape has ...
Think Before You Scan: The Rise of QR Codes in Phishing
August 29, 2023 | Mike Casayuran
QR Codes, the square images that contain coded information that can be scanned ...
Behind the Invite: The Rise of Google Group Fake Order Fraud Emails
August 25, 2023 | Maria Katrina Udquin and John Kevin Adriano
As the world shifted into remote work and distant learning during the pandemic ...
BEC Trends: Payroll Diversion Dominates and Sneaky Multi-Persona Attacks Emerge
August 24, 2023 | Maria Katrina Udquin
Business Email Compromise (BEC) remains a lucrative threat vector for ...
ProxyNation: The dark nexus between proxy apps and malware
August 16, 2023 | Ofer Caspi
Executive summary LevelBlue Labs researchers recently discovered a massive ...
Mac systems turned into proxy exit nodes by AdLoad
August 10, 2023 | Fernando Martinez
AdLoad malware is still infecting Mac systems years after its first appearance ...
Gootloader: Why your Legal Document Search May End in Misery
August 10, 2023 | Rodel Mendrez
Introduction Recently, we’ve seen a noticeable surge in malware cases linked to ...
WormGPT and FraudGPT – The Rise of Malicious LLMs
August 08, 2023 | Arthur Erzberger
As technology continues to evolve, there is a growing concern about the ...
New Rilide Stealer Version Targets Banking Data and Works Around Google Chrome Manifest V3
August 03, 2023 | Pawel Knapczyk, Wojciech Cieslak
LevelBlue SpiderLabs discovered a new version of the Rilide Stealer extension ...
DarkGate Keylogger Analysis: masterofnone
August 02, 2023 | Zachary Reichert
Aon’s Stroz Friedberg Incident Response Services encountered a group utilizing ...
Honeypot Recon: New Variant of SkidMap Targeting Redis
July 30, 2023 | Radoslaw Zdonczyk
Intro Since Redis is becoming increasingly popular around the world, we decided ...
Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector
July 27, 2023 | Serhii Melnyk , Greg Monson
The healthcare sector has been under constant threat from cybercriminals due to ...
ModSecurity v3: DoS Vulnerability in Four Transformations (CVE-2023-38285)
July 25, 2023 | SpiderLabs Researcher
ModSecurity is an open-source Web Application Firewall (WAF) engine maintained ...
New Burp Suite Extension: BlazorTrafficProcessor
July 20, 2023 | Will Rabb
Pentesting web applications that use Blazor server comes with unique ...
Cybersecurity in the Healthcare Industry: Trustwave SpiderLabs Report
July 13, 2023 | SpiderLabs Researcher
In their latest report titled "Cybersecurity in the Healthcare Industry: ...
It’s Raining Phish and Scams – How Cloudflare Pages.dev and Workers.dev Domains Get Abused
July 11, 2023 | Karla Agregado
As they say, when it rains, it pours. Recently, we observed more than 3,000 ...
Honeypot Recon: Enterprise Applications Honeypot - Unveiling Findings from Six Worldwide Locations
July 05, 2023 | Pawel Knapczyk, Wojciech Cieslak
To obtain a better perspective of attacks worldwide, LevelBlue has implemented ...
SNAPPY: Detecting Rogue and Fake 802.11 Wireless Access Points Through Fingerprinting Beacon Management Frames
June 27, 2023 | Tom Neaves
Honeypot Recon: MSSQL Server – Database Threat Overview '22/'23
June 20, 2023 | Radoslaw Zdonczyk, Mariusz Siedlecki
Introduction In a constantly connected world, protecting sensitive data in what ...
Brute-forcing ButterflyMX Virtual Keys and Hacking Time Limits
June 15, 2023 | Robert Foggia
Recently, I discovered two vulnerabilities in the ButterflyMX system which were ...
KillNet, Anonymous Sudan, and REvil Unveil Plans for Attacks on US and European Banking Systems
June 15, 2023 | SpiderLabs Researcher
In a recent development, Russian hackers have declared their intention to ...
Honeypot Recon: Global Database Threat Landscape
June 13, 2023 | Radoslaw Zdonczyk
In today's digital era, the importance of securing databases cannot be ...