Trustwave's Action Response to the Microsoft Exchange Server Zero-Day Vulnerabilities and Attacks

UPDATES

Read More

The Many Roads Leading To Agent Tesla

Agent Tesla is a common Remote Access Trojan (RAT) discovered in 2014. This threat is capable of ...

Read More

Patch Tuesday, February 2021

February is here and with it comes a relatively light Patch Tuesday. Only 56 CVEs are being patched ...

Read More

Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities

Updates: This blog post was updated Feb. 9 to include Proof-of-Concept (PoC) code.

Read More

Patch Tuesday, January 2021

The first Patch Tuesday of 2021 is here and the year is starting out lighter than most. Perhaps a ...

Read More

Microsoft Teams and Skype Logging Privacy Issue

Description: This blog post focuses on the privacy issues that Microsoft Teams & Skype desktop ...

Read More

A Trump Sex Video? No, It's a RAT!

While reviewing our spam traps, a particular campaign piqued our interest primarily because the ...

Read More

Phishing the Holiday Season

Yes! It’s that time of the year again! The time for celebrating our traditions, a time of giving, ...

Read More

Trustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise

UPDATES This blog post was updated March 17 to include information on new Trustwave IDS updates.

Read More

D-Link: Multiple Security Vulnerabilities Leading to RCE

On the 30th of October, D-Link published a support announcement and released a new firmware to ...

Read More

Scamming from the Cloud

Cybercriminals are leveraging reputable cloud services to relay scam email messages to their ...

Read More

Magic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199)

Overview With the prevalence of IoT devices flooding the mainstream marketplace, we tend to see a ...

Read More

Trustwave’s Action Response To the FireEye Data Breach

Update With the new information and developments released by FireEye, we have published a new blog ...

Read More

Insecure Communication in WinZip 24 Could Lead to Malware

Overview During observation of WinZip 24 network communications, I've noticed that it sends update ...

Read More

Attacking SCADA Part III: Hardcoded Salt in Schneider Electric EcoStruxure Machine Expert (CVE-2020-28214)

This is part three of our Schneider Electric series. You can read part one here and part two here.

Read More

Patch Tuesday, December 2020

December's Patch Tuesday is here and, typical for the end of the year, it's a light month with only ...

Read More

GO SMS Pro Vulnerable to File Theft: Part 2

Last week we released an advisory about an SMS app called GO SMS Pro. Media files sent via text in ...

Read More

GO SMS Pro Vulnerable to Media File Theft

The GO SMS Pro application is a popular messenger app with over 100 million downloads and was ...

Read More

Attacking SCADA Part II: Vulnerabilities in Schneider Electric EcoStruxure Machine Expert and M221 PLC

This is part 2 of a two-part series. You can read part 1 here.

Read More

GoldenSpy Chapter 5 : Multiple GoldenSpy Uninstaller Variants Discovered

Summary: Trustwave identified a significant malicious campaign on mandatory tax invoice software, ...

Read More

Massive US Voters and Consumers Databases Circulate Among Hackers

Voting in the U.S. elections started recently and there is a real concern over interference and ...

Read More

Bad Neighbors Can Break Windows (CVE-2020-16898)

On October 13th, 2020, Microsoft released a patch for a critical vulnerability (CVE-2020-16898) in ...

Read More

GoldenSpy Chapter 4: GoldenHelper Malware Embedded in Official Golden Tax Software

Directly preceding GoldenSpy, another malware family was used to covertly access the networks of ...

Read More

Patch Tuesday, October 2020

October's Patch Tuesday is upon us and with it comes patches for 102 CVEs. This release includes 13 ...

Read More

Evasive URLs in Spam: Part 2

A URL can be completely valid, yet still misleading. In this blog, we will present another ...

Read More

Network Detection for ZeroLogon CVE-2020-1472

ZeroLogon has quickly become popular and well known because of multiple proofs of concept and ...

Read More

SAP ASE Information Leaks: CVE-2020-6295 and CVE-2020-6317

Introduction Today I'd like to discuss two information disclosure vulnerabilities that occur in SAP ...

Read More

Hijacking a Domain Controller with Netlogon RPC aka Zerologon: CVE-2020-1472

On September 14th, researchers at security firm Secura published a white paper detailing a complete ...

Read More