Excel Malspam: Password Protected … Not!
Early March of this year, we blogged about multiple malspam campaigns utilizing Excel 4.0 Macros in ...
Read More
COVID-19 Themed BEC Scams
Business email compromise (BEC) also known as CEO fraud has undoubtedly become the biggest Internet ...
Read MorePatch Tuesday, April 2020
April's Patch Tuesday is here and Microsoft is patching 113 CVEs this month. Eighteen of these are ...
Read MoreAn In-depth Look at MailTo Ransomware, Part Three of Three
Overview In Part One of this series, we discussed how MailTo ransomware installs and configures ...
Read MoreAn In-depth Look at MailTo Ransomware, Part Two of Three
Overview In Part One of this series, we discussed how MailTo ransomware installs itself on the ...
Read MoreWindows Debugging and Exploiting Part 5 SMBGhost CVE-2020-0796 Technical Review
Introduction Hi everyone, how are you? I know the times are strange but we should fight together, ...
Read MoreAn In-depth Look at MailTo Ransomware, Part One of Three
In February, an Australian transportation company called Toll Group was hit by a ransomware attack ...
Read MoreCOVID-19 Malspam Activity Ramps Up
Back in February, we reported on two Coronavirus-themed phishing emails. But just as the real virus ...
Read MoreSMBGhost CVE-2020-0796 a Critical SMBv3 RCE Vulnerability
Overview Last week Microsoft announced that there was a buffer overflow vulnerability in SMBv3 ...
Read MoreModSecurity Award Nominations and the Challenges of Open Source
In the hustle and bustle of everyday work life we tend to look at the current issues we’re working ...
Read MorePersistent Cross-Site Scripting, the MSSQL Way
Overview If you save wide Unicode brackets (i.e. <>) into a char or varchar field, MSSQL Server ...
Read MoreMore Excel 4.0 Macro MalSpam Campaigns
In light of the recent blog by my colleague Rodel Mendrez, we looked back at previous spam ...
Read MorePatch Tuesday March 2020
Today marks Microsoft's March Patch Tuesday. While it may not be on the top of everyone's March ...
Read MoreMonster Lurking in Hidden Excel Worksheet
A recent blog by Didier Steven’s showed how malicious Excel 4 macros can be stored in OOXML (Office ...
Read MoreWindows Debugging and Exploiting Part 4: NTQuerySystemInformation
Introduction Hello again! We are back with more Windows internals and it's time to get real. We ...
Read MoreRATs Wrapped and Hidden in PNG
The Remote Access Tool (RAT) is one of the malware types we often encounter with our Security Email ...
Read MorePhishing in the Cloud
Credential phishing is one of the leading threats faced by organizations today. Threat actors use ...
Read MoreMultiple Phishing Attacks Discovered Using the Coronavirus Theme
It’s out there in the newspaper, social media, and television headlines. The Coronavirus (aka ...
Read MorePatch Tuesday February 2020
February's Patch Tuesday is here and brings with it patches for 98 CVEs. These are split between 13 ...
Read MoreReversing (and Recreating) Cryptographic Secrets Found in .NET Assemblies Using Python
Picture the scene - you’re on a penetration test, somehow you’ve got hold of a bunch of .NET ...
Read MoreMicrosoft Internet Explorer Remote Code Execution 0-Day (CVE-2020-0674)
2020 is not starting out quietly for Microsoft, it seems. After the first Patch Tuesday of 2020 ...
Read MoreModSecurity Denial of Service Details - CVE-2019-19886
ModSecurity is an open-source WAF engine maintained by Trustwave. As a lively open-source project, ...
Read MoreWindows CryptoAPI Spoofing Vulnerability - CVE-2020-0601
One of the most notable vulnerabilities patched during Microsoft's first Patch Tuesday of 2020 was ...
Read MoreCitrix ADC/Netscaler - CVE-2019-19781
The Citrix vulnerability (CVE-2019-19781) was first identified in December of 2019. This ...
Read MorePatch Tuesday, January 2020
Happy 2020! Microsoft is helping you celebrate the new decade with patches for 49 CVEs. Of those ...
Read MoreModSecurity v3.0.4 Released!
It is a pleasure to announce the release of ModSecurity version 3.0.4 (libModSecurity). This ...
Read MoreWindows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging
Introduction Hi, my fellow friends! How are you? Hopefully, you had a terrific holiday and much ...
Read More