From SSRF to Compromise: Case Study

Overview I think every penetration tester has a story about the one that got away. The bug that ...

Read More

vBulletin Remote Code Execution (CVE-2020-7373)

Last week, security researcher Amir Etemadieh (aka Zenoflex) disclosed that vBulletin’s patch for ...

Read More

Patch Tuesday, August 2020

August's Patch Tuesday is here with 120 CVEs patched. That includes 100 rated as "Important" and 20 ...

Read More

Playdate with Bots: Microsoft SQL Honeypots

A good way to keep an eye on attackers and get insight on their techniques and tactics is to use a ...

Read More

Microsoft Teams Updater Living off the Land

Introduction During this global pandemic COVID-19 situation, there has been an increasing trend of ...

Read More

Are You Really Scanning What You Think

In a previous post we explored the importance of scanning hostnames instead of IP addresses in ...

Read More

ASUS Router Vulnerable to Fake Updates and XSS (CVE-2020-15498 & CVE-2020-15499)

Recently ASUS patched two issues I discovered in the RT-AC1900P router firmware update ...

Read More

Lockscreen Ransomware Phishing Leads To Google Play Card Scam

Email scammers always seem to invent new ways of trickery to gain cash from their victims. We ...

Read More

Patch Tuesday, July 2020

July's Patch Tuesday is here with another large list of CVEs. It includes 20 CVEs rated "Critical" ...

Read More

Injecting Magecart into Magento Global Config

At the beginning of June 2020, we were contacted about a breach of a website using the Magento ...

Read More

Hackers Leverage Cloud Platforms to Spread Phishing Under the Radar

During April, amid the Covid-19 pandemic, Perception-Point wrote about a phishing campaign that ...

Read More

Still Scanning IP Addresses You’re Doing it Wrong

The traditional approach to a vulnerability scan or penetration test is to find the IP addresses ...

Read More

GoldenSpy Chapter 3: New and Improved Uninstaller

Background: On June 25th, Trustwave SpiderLabs published our research on a backdoor, dubbed ...

Read More

PhishINvite with Malicious ICS Files

In an earlier blog entitled “Phishing in the Cloud”, we outlined that threat actors are actively ...

Read More

Adventures in ATM Hacking

Intro Before this pandemic, Neil Burrows and myself (Bruno Oliveira) from Trustwave's SpiderLabs ...

Read More

GoldenSpy: Chapter Two – The Uninstaller 

On June 25, 2020 Trustwave SpiderLabs published research showing that the Intelligent Tax software, ...

Read More

The Golden Tax Department and the Emergence of GoldenSpy Malware

Trustwave SpiderLabs has discovered a new malware family, dubbed GoldenSpy, embedded in tax payment ...

Read More

Pillowmint: FIN7’s Monkey Thief

In this blog, we take an in-depth technical look at Pillowmint malware samples received from our ...

Read More

Copy-Paste Threat Actor in the Asia Pacific Region

Summary Australian Prime Minister Australian Prime Minister Scott Morrison announced today that ...

Read More

Cisco WebEx Memory for the Taking: CVE-2020-3347

Overview Due to the global pandemic of COVID-19, there’s been an explosion of video conferencing ...

Read More

TrickBot Disguised as COVID-19 Map

Cybercriminals are continuously exploiting the Coronavirus (COVID-19) pandemic. In our quest to ...

Read More

Patch Tuesday, June 2020

June's Patch Tuesday has crept upon us and while our minds may be elsewhere, the need to keep our ...

Read More

Compromising Android Applications with Intent Manipulation

As a mobile app tester, I have encountered numerous varied vulnerabilities. During one of my mobile ...

Read More

System Takeover Through New SAP ASE Vulnerabilities

For the last several years there have been relatively few security patches for SAP Adaptive Server ...

Read More

Securing SSH: What To Do and What Not To Do

An Uptick in Activity Over the last week we've seen the compromise of a number of supercomputers ...

Read More

Phishing in a Bucket: Utilizing Google Firebase Storage

Credential phishing is a real threat that's targeting organizations globally. Threat actors are ...

Read More

Vaccine for COVID-19 and Other Scams on the Dark Web

Our attempts to investigate the underground and document some of what’s going on in the Dark Web ...

Read More

Azure Web App Service For Offensive Operations

In this blog, I will be covering how to use Azure App Services for offensive purposes. What is ...

Read More