From Creative Password Hashes to Administrator: Gone in 60 Seconds (Or Thereabouts)
Picture the scene, you’re on an application penetration test (as a normal user) and you’ve managed ...
Read MoreHAFNIUM, China Chopper and ASP.NET Runtime
The recent Microsoft Exchange Server zero-day exploits (CVE-2021-26855, CVE-2021-26857, ...
Read MoreImage File Trickery Part II: Fake Icon Delivers NanoCore
The .zipx file extension is used to denote that the ZIP archive format is compressed using advanced ...
Read MorePatch Tuesday, March 2021
The March Patch Tuesday is here and it's been an unfortunately busy month for Microsoft. Earlier ...
Read MoreThe Many Roads Leading To Agent Tesla
Agent Tesla is a common Remote Access Trojan (RAT) discovered in 2014. This threat is capable of ...
Read MorePatch Tuesday, February 2021
February is here and with it comes a relatively light Patch Tuesday. Only 56 CVEs are being patched ...
Read MoreFull System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities
Updates: This blog post was updated Feb. 9 to include Proof-of-Concept (PoC) code.
Read MorePatch Tuesday, January 2021
The first Patch Tuesday of 2021 is here and the year is starting out lighter than most. Perhaps a ...
Read MoreMicrosoft Teams and Skype Logging Privacy Issue
Description: This blog post focuses on the privacy issues that Microsoft Teams & Skype desktop ...
Read MoreA Trump Sex Video? No, It's a RAT!
While reviewing our spam traps, a particular campaign piqued our interest primarily because the ...
Read MorePhishing the Holiday Season
Yes! It’s that time of the year again! The time for celebrating our traditions, a time of giving, ...
Read MoreTrustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise
UPDATES This blog post was updated March 17 to include information on new Trustwave IDS updates.
Read MoreD-Link: Multiple Security Vulnerabilities Leading to RCE
On the 30th of October, D-Link published a support announcement and released a new firmware to ...
Read MoreScamming from the Cloud
Cybercriminals are leveraging reputable cloud services to relay scam email messages to their ...
Read MoreMagic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199)
Overview With the prevalence of IoT devices flooding the mainstream marketplace, we tend to see a ...
Read MoreTrustwave’s Action Response To the FireEye Data Breach
Update With the new information and developments released by FireEye, we have published a new blog ...
Read MoreInsecure Communication in WinZip 24 Could Lead to Malware
Overview During observation of WinZip 24 network communications, I've noticed that it sends update ...
Read MoreAttacking SCADA Part III: Hardcoded Salt in Schneider Electric EcoStruxure Machine Expert (CVE-2020-28214)
This is part three of our Schneider Electric series. You can read part one here and part two here.
Read MorePatch Tuesday, December 2020
December's Patch Tuesday is here and, typical for the end of the year, it's a light month with only ...
Read MoreGO SMS Pro Vulnerable to File Theft: Part 2
Last week we released an advisory about an SMS app called GO SMS Pro. Media files sent via text in ...
Read MoreGO SMS Pro Vulnerable to Media File Theft
The GO SMS Pro application is a popular messenger app with over 100 million downloads and was ...
Read MoreAttacking SCADA Part II: Vulnerabilities in Schneider Electric EcoStruxure Machine Expert and M221 PLC
This is part 2 of a two-part series. You can read part 1 here.
Read MoreGoldenSpy Chapter 5 : Multiple GoldenSpy Uninstaller Variants Discovered
Summary: Trustwave identified a significant malicious campaign on mandatory tax invoice software, ...
Read MoreMassive US Voters and Consumers Databases Circulate Among Hackers
Voting in the U.S. elections started recently and there is a real concern over interference and ...
Read MoreBad Neighbors Can Break Windows (CVE-2020-16898)
On October 13th, 2020, Microsoft released a patch for a critical vulnerability (CVE-2020-16898) in ...
Read MoreGoldenSpy Chapter 4: GoldenHelper Malware Embedded in Official Golden Tax Software
Directly preceding GoldenSpy, another malware family was used to covertly access the networks of ...
Read MorePatch Tuesday, October 2020
October's Patch Tuesday is upon us and with it comes patches for 102 CVEs. This release includes 13 ...
Read More