From SSRF to Compromise: Case Study
Overview I think every penetration tester has a story about the one that got away. The bug that ...
Read More
vBulletin Remote Code Execution (CVE-2020-7373)
Last week, security researcher Amir Etemadieh (aka Zenoflex) disclosed that vBulletin’s patch for ...
Read MorePatch Tuesday, August 2020
August's Patch Tuesday is here with 120 CVEs patched. That includes 100 rated as "Important" and 20 ...
Read MorePlaydate with Bots: Microsoft SQL Honeypots
A good way to keep an eye on attackers and get insight on their techniques and tactics is to use a ...
Read MoreMicrosoft Teams Updater Living off the Land
Introduction During this global pandemic COVID-19 situation, there has been an increasing trend of ...
Read MoreAre You Really Scanning What You Think
In a previous post we explored the importance of scanning hostnames instead of IP addresses in ...
Read MoreASUS Router Vulnerable to Fake Updates and XSS (CVE-2020-15498 & CVE-2020-15499)
Recently ASUS patched two issues I discovered in the RT-AC1900P router firmware update ...
Read MoreLockscreen Ransomware Phishing Leads To Google Play Card Scam
Email scammers always seem to invent new ways of trickery to gain cash from their victims. We ...
Read MorePatch Tuesday, July 2020
July's Patch Tuesday is here with another large list of CVEs. It includes 20 CVEs rated "Critical" ...
Read MoreInjecting Magecart into Magento Global Config
At the beginning of June 2020, we were contacted about a breach of a website using the Magento ...
Read MoreHackers Leverage Cloud Platforms to Spread Phishing Under the Radar
During April, amid the Covid-19 pandemic, Perception-Point wrote about a phishing campaign that ...
Read MoreStill Scanning IP Addresses You’re Doing it Wrong
The traditional approach to a vulnerability scan or penetration test is to find the IP addresses ...
Read MoreGoldenSpy Chapter 3: New and Improved Uninstaller
Background: On June 25th, Trustwave SpiderLabs published our research on a backdoor, dubbed ...
Read MorePhishINvite with Malicious ICS Files
In an earlier blog entitled “Phishing in the Cloud”, we outlined that threat actors are actively ...
Read MoreAdventures in ATM Hacking
Intro Before this pandemic, Neil Burrows and myself (Bruno Oliveira) from Trustwave's SpiderLabs ...
Read MoreGoldenSpy: Chapter Two – The Uninstaller
On June 25, 2020 Trustwave SpiderLabs published research showing that the Intelligent Tax software, ...
Read MoreThe Golden Tax Department and the Emergence of GoldenSpy Malware
Trustwave SpiderLabs has discovered a new malware family, dubbed GoldenSpy, embedded in tax payment ...
Read MorePillowmint: FIN7’s Monkey Thief
In this blog, we take an in-depth technical look at Pillowmint malware samples received from our ...
Read MoreCopy-Paste Threat Actor in the Asia Pacific Region
Summary Australian Prime Minister Australian Prime Minister Scott Morrison announced today that ...
Read MoreCisco WebEx Memory for the Taking: CVE-2020-3347
Overview Due to the global pandemic of COVID-19, there’s been an explosion of video conferencing ...
Read MoreTrickBot Disguised as COVID-19 Map
Cybercriminals are continuously exploiting the Coronavirus (COVID-19) pandemic. In our quest to ...
Read MorePatch Tuesday, June 2020
June's Patch Tuesday has crept upon us and while our minds may be elsewhere, the need to keep our ...
Read MoreCompromising Android Applications with Intent Manipulation
As a mobile app tester, I have encountered numerous varied vulnerabilities. During one of my mobile ...
Read MoreSystem Takeover Through New SAP ASE Vulnerabilities
For the last several years there have been relatively few security patches for SAP Adaptive Server ...
Read MoreSecuring SSH: What To Do and What Not To Do
An Uptick in Activity Over the last week we've seen the compromise of a number of supercomputers ...
Read MorePhishing in a Bucket: Utilizing Google Firebase Storage
Credential phishing is a real threat that's targeting organizations globally. Threat actors are ...
Read MoreVaccine for COVID-19 and Other Scams on the Dark Web
Our attempts to investigate the underground and document some of what’s going on in the Dark Web ...
Read MoreAzure Web App Service For Offensive Operations
In this blog, I will be covering how to use Azure App Services for offensive purposes. What is ...
Read More