The Price Cybercriminals Charge for Stolen Data
For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a ...
Read MoreStay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
Stormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine
May 2 Stormous update: The Trustwave SpiderLabs team has noted Stormous’ underground website became ...
Read MoreCyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns
The Trustwave SpiderLabs email security team has been monitoring the ongoing Russia-Ukraine crisis ...
Read MoreTrustwave’s Action Response: The Lapsus$ Hacker Group Shows Us the Importance of Securing the Digital Supply Chain
Update March 24: This blog has been updated to reflect the new information provided by vendors ...
Read MoreLaw Enforcement Collaboration Has Eastern-European Cybercriminals Questioning Whether There Is A Safe Haven Anymore
Through the active Dark Web research that Trustwave SpiderLabs conducts for its clients, we have ...
Read MoreModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog post discusses an issue ...
Read MoreTrustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise
UPDATES This blog post was updated March 17 to include information on new Trustwave IDS updates.
Read MoreTrustwave’s Action Response To the FireEye Data Breach
Update With the new information and developments released by FireEye, we have published a new blog ...
Read MoreModSecurity Denial of Service Details - CVE-2019-19886
ModSecurity is an open-source WAF engine maintained by Trustwave. As a lively open-source project, ...
Read MoreA Call for Cooler Heads
One of the unfortunate parts of a business like ours is when disputes arise from penetration ...
Read More10 Years On – A Look Back at MS08-067
It has been ten years since the release of MS08-067. Unlike many of the other incidents over the ...
Read MoreCreating the ModSecurity v3 IDS connector as part of Google Summer of Code
A note from the Trustwave Spiderlabs ModSecurity team:
Read MoreAppDetectivePRO and DbProtect Knowledgebase Update 4.46
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available.
Read MoreRIG Exploit Kit Source Code Leak - The End or Just the Beginning of RIG?
Recently, source code for the RIG exploit kit was leaked. An independent security researcher posted ...
Read MoreThe SpiderLabs blog will move to the Trustwave domain this week
In the coming days, the SpiderLabs blog will move-in to its new home within the Trustwave domain.
Read MoreIndicators of Compromise: A Discussion with Karl Sigler
Head over to the Trustwave blog for a video discussion about indicators of compromise with Karl ...
Read MoreMagnitude Exploit Kit Backend Infrastructure Insight - Part I
In our recently released Trustwave Global Security Report Online and previous Magnitude blog post, ...
Read MoreA Peek Into the Lion's Den – The Magnitude [aka PopAds] Exploit Kit
Recently we managed to get an unusual peek into the content that is used on the servers of the ...
Read MoreMicrosoft Internet Explorer 0-Day (CVE-2014-1776)
A zero-day vulnerability in Microsoft Internet Explorer, CVE-2014-1776, was recently discovered ...
Read MoreMicrosoft Word RTF 0-Day (CVE-2014-1761)
A zero-day vulnerability in Microsoft Word involving the handling of the RTF file format was ...
Read MoreTrustwave SpiderLabs at OWASP’s AppSec USA 2013
Will you be at the OWASP Foundation's AppSec USA event next week in New York City? If so, be sure ...
Read MoreThe Technical Aspects of Exploiting IE Zero-Day CVE-2013-3897
Just two days ago we announced thediscovery of in-the-wild attacks that used the zero-day which is ...
Read MoreUpcoming Webinars: 2013 Trustwave Global Security Report Threat Trends
A few weeks ago we released the 2013 Trustwave Global Security Report. This year, Trustwave ...
Read MoreTrustwave TrustKeeper PCI Scan Notification - Phishing ALERT
Over the last few hours, Trustwave has received multiple reports of individuals receiving fake ...
Read More