A Trump Sex Video? No, It's a RAT!
While reviewing our spam traps, a particular campaign piqued our interest primarily because the ...
Read More
Phishing the Holiday Season
Yes! It’s that time of the year again! The time for celebrating our traditions, a time of giving, ...
Read MoreTrustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise
UPDATES This blog post was updated March 17 to include information on new Trustwave IDS updates.
Read MoreD-Link: Multiple Security Vulnerabilities Leading to RCE
On the 30th of October, D-Link published a support announcement and released a new firmware to ...
Read MoreScamming from the Cloud
Cybercriminals are leveraging reputable cloud services to relay scam email messages to their ...
Read MoreMagic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199)
Overview With the prevalence of IoT devices flooding the mainstream marketplace, we tend to see a ...
Read MoreTrustwave’s Action Response To the FireEye Data Breach
Update With the new information and developments released by FireEye, we have published a new blog ...
Read MoreInsecure Communication in WinZip 24 Could Lead to Malware
Overview During observation of WinZip 24 network communications, I've noticed that it sends update ...
Read MoreAttacking SCADA Part III: Hardcoded Salt in Schneider Electric EcoStruxure Machine Expert (CVE-2020-28214)
This is part three of our Schneider Electric series. You can read part one here and part two here.
Read MorePatch Tuesday, December 2020
December's Patch Tuesday is here and, typical for the end of the year, it's a light month with only ...
Read MoreGO SMS Pro Vulnerable to File Theft: Part 2
Last week we released an advisory about an SMS app called GO SMS Pro. Media files sent via text in ...
Read MoreGO SMS Pro Vulnerable to Media File Theft
The GO SMS Pro application is a popular messenger app with over 100 million downloads and was ...
Read MoreAttacking SCADA Part II: Vulnerabilities in Schneider Electric EcoStruxure Machine Expert and M221 PLC
This is part 2 of a two-part series. You can read part 1 here.
Read MoreGoldenSpy Chapter 5 : Multiple GoldenSpy Uninstaller Variants Discovered
Summary: Trustwave identified a significant malicious campaign on mandatory tax invoice software, ...
Read MoreMassive US Voters and Consumers Databases Circulate Among Hackers
Voting in the U.S. elections started recently and there is a real concern over interference and ...
Read MoreBad Neighbors Can Break Windows (CVE-2020-16898)
On October 13th, 2020, Microsoft released a patch for a critical vulnerability (CVE-2020-16898) in ...
Read MoreGoldenSpy Chapter 4: GoldenHelper Malware Embedded in Official Golden Tax Software
Directly preceding GoldenSpy, another malware family was used to covertly access the networks of ...
Read MorePatch Tuesday, October 2020
October's Patch Tuesday is upon us and with it comes patches for 102 CVEs. This release includes 13 ...
Read MoreEvasive URLs in Spam: Part 2
A URL can be completely valid, yet still misleading. In this blog, we will present another ...
Read MoreNetwork Detection for ZeroLogon CVE-2020-1472
ZeroLogon has quickly become popular and well known because of multiple proofs of concept and ...
Read MoreSAP ASE Information Leaks: CVE-2020-6295 and CVE-2020-6317
Introduction Today I'd like to discuss two information disclosure vulnerabilities that occur in SAP ...
Read MoreHijacking a Domain Controller with Netlogon RPC aka Zerologon: CVE-2020-1472
On September 14th, researchers at security firm Secura published a white paper detailing a complete ...
Read MoreEvasive URLs in Spam
This post is part one of a two part series. You can read part two here.
Read MoreBlackhole Exploit Kit v2
A few days ago a new version of THE most common exploit kit was released. Unlike most exploit kit ...
Read MoreModSecurity Regular Expressions and Disputed CVE-2020-15598
ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. The ...
Read MoreRATs and Spam: The Node.JS QRAT
The Qua or Quaverse Remote Access Trojan (QRAT) is a Java-based RAT that can be used to gain ...
Read MoreIBM Db2 Shared Memory Vulnerability (CVE-2020-4414)
I’ve recently blogged about a shared memory vulnerability in Cisco WebEx Meetings Client on Windows ...
Read More