From SSRF to Compromise: Case Study
Overview I think every penetration tester has a story about the one that got away. The bug that ...
Read MoreOverview I think every penetration tester has a story about the one that got away. The bug that ...
Read MoreLast week, security researcher Amir Etemadieh (aka Zenoflex) disclosed that vBulletin’s patch for ...
Read MoreAugust's Patch Tuesday is here with 120 CVEs patched. That includes 100 rated as "Important" and 20 ...
Read MoreA good way to keep an eye on attackers and get insight on their techniques and tactics is to use a ...
Read MoreIntroduction During this global pandemic COVID-19 situation, there has been an increasing trend of ...
Read MoreIn a previous post we explored the importance of scanning hostnames instead of IP addresses in ...
Read MoreRecently ASUS patched two issues I discovered in the RT-AC1900P router firmware update ...
Read MoreEmail scammers always seem to invent new ways of trickery to gain cash from their victims. We ...
Read MoreJuly's Patch Tuesday is here with another large list of CVEs. It includes 20 CVEs rated "Critical" ...
Read MoreAt the beginning of June 2020, we were contacted about a breach of a website using the Magento ...
Read MoreDuring April, amid the Covid-19 pandemic, Perception-Point wrote about a phishing campaign that ...
Read MoreThe traditional approach to a vulnerability scan or penetration test is to find the IP addresses ...
Read MoreBackground: On June 25th, Trustwave SpiderLabs published our research on a backdoor, dubbed ...
Read MoreIn an earlier blog entitled “Phishing in the Cloud”, we outlined that threat actors are actively ...
Read MoreIntro Before this pandemic, Neil Burrows and myself (Bruno Oliveira) from Trustwave's SpiderLabs ...
Read MoreOn June 25, 2020 Trustwave SpiderLabs published research showing that the Intelligent Tax software, ...
Read MoreTrustwave SpiderLabs has discovered a new malware family, dubbed GoldenSpy, embedded in tax payment ...
Read MoreIn this blog, we take an in-depth technical look at Pillowmint malware samples received from our ...
Read MoreSummary Australian Prime Minister Australian Prime Minister Scott Morrison announced today that ...
Read MoreOverview Due to the global pandemic of COVID-19, there’s been an explosion of video conferencing ...
Read MoreCybercriminals are continuously exploiting the Coronavirus (COVID-19) pandemic. In our quest to ...
Read MoreJune's Patch Tuesday has crept upon us and while our minds may be elsewhere, the need to keep our ...
Read MoreAs a mobile app tester, I have encountered numerous varied vulnerabilities. During one of my mobile ...
Read MoreFor the last several years there have been relatively few security patches for SAP Adaptive Server ...
Read MoreAn Uptick in Activity Over the last week we've seen the compromise of a number of supercomputers ...
Read MoreCredential phishing is a real threat that's targeting organizations globally. Threat actors are ...
Read MoreOur attempts to investigate the underground and document some of what’s going on in the Dark Web ...
Read MoreIn this blog, I will be covering how to use Azure App Services for offensive purposes. What is ...
Read More