Patch Tuesday, May 2020

May's Patch Tuesday includes patches for 111 unique CVEs. Of those CVEs 17 are rated "Critical" and ...

Read More

Work From Home: The New New and What To Do

Here at SpiderLabs, we take the security of all our clients extremely seriously. While the attacks ...

Read More

Attacking SCADA: Vulnerabilities in Schneider Electric SoMachine and M221 PLC (CVE-2017-6034 and CVE-2020-7489)

Introduction SCADA/OT security has been a growing concern for quite some time. This technology ...

Read More

Combatting Social Engineering Is Not Just A Compliance Requirement

Having a well designed and tested social engineering training program for an organization is an ...

Read More

Excel Malspam: Password Protected … Not!

Early March of this year, we blogged about multiple malspam campaigns utilizing Excel 4.0 Macros in ...

Read More

COVID-19 Themed BEC Scams

Business email compromise (BEC) also known as CEO fraud has undoubtedly become the biggest Internet ...

Read More

Patch Tuesday, April 2020

April's Patch Tuesday is here and Microsoft is patching 113 CVEs this month. Eighteen of these are ...

Read More

An In-depth Look at MailTo Ransomware, Part Three of Three

Overview In Part One of this series, we discussed how MailTo ransomware installs and configures ...

Read More

An In-depth Look at MailTo Ransomware, Part Two of Three

Overview In Part One of this series, we discussed how MailTo ransomware installs itself on the ...

Read More

Windows Debugging and Exploiting Part 5 SMBGhost CVE-2020-0796 Technical Review

Introduction Hi everyone, how are you? I know the times are strange but we should fight together, ...

Read More

An In-depth Look at MailTo Ransomware, Part One of Three

In February, an Australian transportation company called Toll Group was hit by a ransomware attack ...

Read More

COVID-19 Malspam Activity Ramps Up

Back in February, we reported on two Coronavirus-themed phishing emails. But just as the real virus ...

Read More

Would You Exchange Your Security for a Gift Card?

UPDATED March 27, 2020

Read More

SMBGhost CVE-2020-0796 a Critical SMBv3 RCE Vulnerability

Overview Last week Microsoft announced that there was a buffer overflow vulnerability in SMBv3 ...

Read More

ModSecurity Award Nominations and the Challenges of Open Source

In the hustle and bustle of everyday work life we tend to look at the current issues we’re working ...

Read More

Persistent Cross-Site Scripting, the MSSQL Way

Overview If you save wide Unicode brackets (i.e. <>) into a char or varchar field, MSSQL Server ...

Read More

More Excel 4.0 Macro MalSpam Campaigns

In light of the recent blog by my colleague Rodel Mendrez, we looked back at previous spam ...

Read More

Patch Tuesday March 2020

Today marks Microsoft's March Patch Tuesday. While it may not be on the top of everyone's March ...

Read More

Monster Lurking in Hidden Excel Worksheet

A recent blog by Didier Steven’s showed how malicious Excel 4 macros can be stored in OOXML (Office ...

Read More

Windows Debugging and Exploiting Part 4: NTQuerySystemInformation

Introduction Hello again! We are back with more Windows internals and it's time to get real. We ...

Read More

RATs Wrapped and Hidden in PNG

The Remote Access Tool (RAT) is one of the malware types we often encounter with our Security Email ...

Read More

Phishing in the Cloud

Credential phishing is one of the leading threats faced by organizations today. Threat actors use ...

Read More

Multiple Phishing Attacks Discovered Using the Coronavirus Theme

It’s out there in the newspaper, social media, and television headlines. The Coronavirus (aka ...

Read More

Patch Tuesday February 2020

February's Patch Tuesday is here and brings with it patches for 98 CVEs. These are split between 13 ...

Read More

Reversing (and Recreating) Cryptographic Secrets Found in .NET Assemblies Using Python

Picture the scene - you’re on a penetration test, somehow you’ve got hold of a bunch of .NET ...

Read More

Microsoft Internet Explorer Remote Code Execution 0-Day (CVE-2020-0674)

2020 is not starting out quietly for Microsoft, it seems. After the first Patch Tuesday of 2020 ...

Read More

ModSecurity Denial of Service Details - CVE-2019-19886

ModSecurity is an open-source WAF engine maintained by Trustwave. As a lively open-source project, ...

Read More

Windows CryptoAPI Spoofing Vulnerability - CVE-2020-0601

One of the most notable vulnerabilities patched during Microsoft's first Patch Tuesday of 2020 was ...

Read More