Microsoft Patch Tuesday, May 2016
May's Patch Tuesday is here and brings with it 16 Bulletins with 51 unique CVEs. The bulletins are ...
Read MoreMicrosoft Patch Tuesday, April 2016
April is here and with it comes a new Patch Tuesday. This month Microsoft is releasing 13 bulletins ...
Read MoreAngler Takes Malvertising to New Heights
We have just discovered an advertising campaign that has been placing malicious advertisements on ...
Read MoreMicrosoft Patch Tuesday, March 2016
Today is March's Patch Tuesday with 13 bulletins and 39 unique CVEs, which is about the same level ...
Read MoreAngler Takes Malvertising to New Heights
We have just discovered an advertising campaign that has been placing malicious advertisements on ...
Read MoreMicrosoft Patch Tuesday, January 2016
It's a new year and with it comes a fresh batch of CVEs. As expected this January's Patch Tuesday ...
Read MoreAppDetectivePRO and DbProtect Knowledgebase Update 4.54
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available.
Read MoreRIG Reloaded - Examining the Architecture of RIG Exploit Kit 3.0
A few months ago the RIG exploit kit took quite a hit when its source code was leaked by a ...
Read MoreAppDetectivePRO and DbProtect Knowledgebase Update 4.51
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available.
Read MoreAppDetectivePRO and DbProtect Knowledgebase Update 4.50
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available.
Read MoreAppDetectivePRO and DbProtect Knowledgebase Update 4.49
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available.
Read MoreMicrosoft Patch Tuesday, December 2014
December's Microsoft Patch Tuesday is upon us and, hopefully, marks the last batch of bulletins for ...
Read MoreMagnitude Exploit Kit Backend Infrastructure Insight - Part II
Welcome back to another edition of "exposing Magnitude exploit-kit internals"! As already mentioned ...
Read MoreHacking a Reporter: UK Edition
Over the summer, a U.K. journalist asked the Trustwave SpiderLabs team to target her with an online ...
Read MoreExploring and Exploiting iOS Web Browsers
Today we begin a three-post series about mobile security. We start with a discussion of ...
Read MoreExecuting Apps on Jailbroken Devices
This post is part two of a three-part series about mobile security. Today's post will discuss the ...
Read More'Cyber' Security - must become a board level issue in the UK ...really?
The UK Government is "committed to helpingreduce vulnerability to attacks and ensure that the UK is ...
Read MoreIt's a sunny (zero) day for Java
Java exploits have been used for distributing malware for a while. See for example our blog post ...
Read MoreWhat did the Java applet say to the SWF? Don't leave me alone in this Blackholeee!
Last week as we were analyzing the new version of Blackhole with the new Java exploit ...
Read MoreNow IronSpider - Go hard or Go home, I'm an Ironman!
Probably in the same period I started at Trustwave SpiderLabs I decided to start my training for an ...
Read MorePutting Out the Flame
There's a lot of buzz going around in the security field about a big piece of malware, code named ...
Read More“Catch Me If You Can” Trojan Banker Zeus Strikes Again (Part 2 of 5)
This is the second blog in this series of blogs. The previous blog provided a general overview of ...
Read More“Catch Me If You Can” Trojan Banker Zeus Strikes Again (Part 4 of 5)
This is the fourth part in a series of blogs. The prior blogs describe the technical details of the ...
Read More“Catch Me If You Can” Trojan Banker Zeus Strikes Again (Part 1 of 5)
In the next series of blogs we will describe in detail an attack from one of the most sophisticated ...
Read MoreOWASP Virtual Patching Survey Results
In a previous blog post, we issued a call for assistance to help OWASP with a virtual patching ...
Read More