SpiderLabs Blog
Explore the latest threats, critical vulnerability disclosures, cutting-edge research, and intelligence from our elite global threat experts.
2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector
October 29, 2024
As the holiday shopping season approaches, the 2024 Trustwave Risk Radar ...
How Threat Actors Conduct Election Interference Operations: An Overview
October 18, 2024 | Pauline Bolaños
The major headlines that arose from the three most recent US presidential ...
Threat Intelligence News from LevelBlue SpiderLabs October 2024
October 01, 2024
October 2024
Exploring an Experimental Windows Kernel Rootkit in Rust
September 09, 2024
Around two years ago, memN0ps took the initiative to create one of the first ...
Hypervisor Development in Rust for Security Researchers (Part 1)
September 06, 2024
In the ever-evolving field of information security, curiosity and continuous ...
Threat Intelligence News from LevelBlue SpiderLabs September 2024
September 01, 2024
September 2024
Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules
August 19, 2024 | Zachary Reichert
Stroz Friedberg identified a stealthy malware, dubbed “sedexp,” utilizing Linux ...
Threat Intelligence News from LevelBlue SpiderLabs August 2024
August 01, 2024
August 2024
Threat Intelligence News from LevelBlue SpiderLabs July 2024
July 01, 2024
July 2024
Search & Spoof: Abuse of Windows Search to Redirect to Malware
June 11, 2024 | Bernard Bautista
LevelBlue SpiderLabs has detected a sophisticated malware campaign that ...
Dissection Of Makop Ransomware Group
February 05, 2024 | Aishwarya Desai
This blog post outlines attack patterns identified across Makop ransomware ...
2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies
October 11, 2023
Cyberattacks striking the financial services industry are more prevalent, ...
Cybersecurity in the Healthcare Industry: Trustwave SpiderLabs Report
July 13, 2023 | SpiderLabs Researcher
In their latest report titled "Cybersecurity in the Healthcare Industry: ...
APT X – Process Hollowing
January 27, 2021 | Faisal Tameesh
A detailed walkthrough of the process hollowing injection technique.
Wowza Streaming Engine Manager Directory Traversal And Local File Inclusion
February 11, 2019 | Sean Melia
CVE-2018-19365: Root local file inclusion in Wowza SRM 4.7.4.01.
Breaking Randomness In The Ethereum Universe [Part 1]
June 01, 2018 | Elliot Ward
This article focuses on generating random numbers on-chain and what the ...
Reviewing Ethereum Smart Contracts
September 27, 2017 | Eric Rafaloff
This article examines the similarities between traditional code review and ...
Exploiting Padding Oracle To Gain Encryption Keys
October 26, 2015 | Georg Chalupar
Practical tricks on exploiting a padding oracle vulnerability.
SSH Weak Diffie-Hellman Group Identification Tool
August 03, 2015 | Fabian Foerg
Check SSH servers for weak Diffie-Hellman key exchange configurations.