A Trump Sex Video? No, It's a RAT!

While reviewing our spam traps, a particular campaign piqued our interest primarily because the ...

Read More

Phishing the Holiday Season

Yes! It’s that time of the year again! The time for celebrating our traditions, a time of giving, ...

Read More

Trustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise

UPDATES This blog post was updated March 17 to include information on new Trustwave IDS updates.

Read More

D-Link: Multiple Security Vulnerabilities Leading to RCE

On the 30th of October, D-Link published a support announcement and released a new firmware to ...

Read More

Scamming from the Cloud

Cybercriminals are leveraging reputable cloud services to relay scam email messages to their ...

Read More

Magic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199)

Overview With the prevalence of IoT devices flooding the mainstream marketplace, we tend to see a ...

Read More

Trustwave’s Action Response To the FireEye Data Breach

Update With the new information and developments released by FireEye, we have published a new blog ...

Read More

Insecure Communication in WinZip 24 Could Lead to Malware

Overview During observation of WinZip 24 network communications, I've noticed that it sends update ...

Read More

Attacking SCADA Part III: Hardcoded Salt in Schneider Electric EcoStruxure Machine Expert (CVE-2020-28214)

This is part three of our Schneider Electric series. You can read part one here and part two here.

Read More

Patch Tuesday, December 2020

December's Patch Tuesday is here and, typical for the end of the year, it's a light month with only ...

Read More

GO SMS Pro Vulnerable to File Theft: Part 2

Last week we released an advisory about an SMS app called GO SMS Pro. Media files sent via text in ...

Read More

GO SMS Pro Vulnerable to Media File Theft

The GO SMS Pro application is a popular messenger app with over 100 million downloads and was ...

Read More

Attacking SCADA Part II: Vulnerabilities in Schneider Electric EcoStruxure Machine Expert and M221 PLC

This is part 2 of a two-part series. You can read part 1 here.

Read More

GoldenSpy Chapter 5 : Multiple GoldenSpy Uninstaller Variants Discovered

Summary: Trustwave identified a significant malicious campaign on mandatory tax invoice software, ...

Read More

Massive US Voters and Consumers Databases Circulate Among Hackers

Voting in the U.S. elections started recently and there is a real concern over interference and ...

Read More

Bad Neighbors Can Break Windows (CVE-2020-16898)

On October 13th, 2020, Microsoft released a patch for a critical vulnerability (CVE-2020-16898) in ...

Read More

GoldenSpy Chapter 4: GoldenHelper Malware Embedded in Official Golden Tax Software

Directly preceding GoldenSpy, another malware family was used to covertly access the networks of ...

Read More

Patch Tuesday, October 2020

October's Patch Tuesday is upon us and with it comes patches for 102 CVEs. This release includes 13 ...

Read More

Evasive URLs in Spam: Part 2

A URL can be completely valid, yet still misleading. In this blog, we will present another ...

Read More

Network Detection for ZeroLogon CVE-2020-1472

ZeroLogon has quickly become popular and well known because of multiple proofs of concept and ...

Read More

SAP ASE Information Leaks: CVE-2020-6295 and CVE-2020-6317

Introduction Today I'd like to discuss two information disclosure vulnerabilities that occur in SAP ...

Read More

Hijacking a Domain Controller with Netlogon RPC aka Zerologon: CVE-2020-1472

On September 14th, researchers at security firm Secura published a white paper detailing a complete ...

Read More

Evasive URLs in Spam

This post is part one of a two part series. You can read part two here.

Read More

Blackhole Exploit Kit v2

A few days ago a new version of THE most common exploit kit was released. Unlike most exploit kit ...

Read More

ModSecurity Regular Expressions and Disputed CVE-2020-15598

ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. The ...

Read More

RATs and Spam: The Node.JS QRAT

The Qua or Quaverse Remote Access Trojan (QRAT) is a Java-based RAT that can be used to gain ...

Read More

SpiderLabs Capture the Flag 2020 Results

Read More

IBM Db2 Shared Memory Vulnerability (CVE-2020-4414)

I’ve recently blogged about a shared memory vulnerability in Cisco WebEx Meetings Client on Windows ...

Read More