Locky Part 1: Lukitus Spam Campaigns and Their Love for Game of Thrones

Back in August 2017, Trustwave Spiderlabs reported a spam campaign that distributed a new Locky ...

Read More

Authenticated Arbitrary Command Execution on PostgreSQL 9.3 > Latest

EDIT (9.April.2019): We have applied for a retraction of CVE-2019-9193 previously associated with ...

Read More

Patch Tuesday, April 2019

Along with "Spring Showers" up here in the Northern Hemisphere, April also brings with it ...

Read More

Emotet lives another day using Fake O2 invoice notifications

We witnessed a widespread phishing campaign targeting O2 customers, that surfaced on 18th August, ...

Read More

Spammed PNG file hides LokiBot

Contributing authors: Phil Hay, Rodel Mendrez

Read More

Fake CIA Sextortion Scam Uses SatoshiBox

Another round of sextortion scam emails with a pdf attachment were pushed out recently claiming to ...

Read More

CVE-2018-19386: Reflected XSS in SolarWinds Database Performance Analyzer

Just a short post from me today, bringing you a pretty simple Cross-Site Scripting (XSS) issue. In ...

Read More

BEC Payroll Scam: Your Salary is Mine!

Con men have been exploiting human psychology since the dawn of time. Equipped with the ...

Read More

Patch Tuesday, March 2019

This month's Patch Tuesday brings with it four advisories and patches for 64 CVEs including a patch ...

Read More

QRCode Used in Extortion Spam Campaign

Sextortion is a form of sex-themed exploitation via email where victims are coerced to give money ...

Read More

Attacker Tracking Users Seeking Pakistani Passport

A few days ago we encountered a breach on a Pakistani government site which was compromised to ...

Read More

Detecting Malicious Behavior by Unmasking WebSockets

WebSockets allow a single TCP connection to have full duplexing communications. This type of ...

Read More

Sheepl 2.0: Automating People for Red and Blue Tradecraft

When I first released Sheepl 0.1 in September 2018 as part of a talk, I wanted to showcase a ...

Read More

Bangladesh Embassy Website in Cairo Compromised

In the world of Phishing emails, we often see schemes which involve enticing users to open a ...

Read More

Digging Deep Into Magecart Malware

Last week, one of my SpiderLabs colleagues was working on a PCI forensic triage for a website. ...

Read More

Malware Xeroing in on Cloud Accounting Customers

We witnessed a sophisticated phishing campaign on 16th August 2017, targeting victims by sending ...

Read More

Stealing Money by Asking for It: Business Email Compromise via Altered Invoices

We are seeing more reports from organizations being targeted by what could be called an 'altered ...

Read More

Password Protected Word Document Delivers HERMES Ransomware

Evading AV detection is part of a malware author's routine in crafting spam campaigns and an old ...

Read More

Patch Tuesday, February 2019

With today's Patch Tuesday for February, things are back to normal with patches for 76 CVEs and ...

Read More

Money Laundering: Washing Your Greens in the Underground - Part 3 of 3

“Not having to worry about money is almost like not having to worry about dying.” - Mario Puzo

Read More

Lifesize Team, Room, Passport & Networker Remote OS Command Injection

While working on various vulnerability research projects, I encountered multiple Authenticated ...

Read More

Sextortion Scam Now With Malicious Downloader

Sextortion scams were a hit campaign last year and are continuing in 2019 with a new trick – the ...

Read More

Sextortion Scam Now With Malicious Downloader

Sextortion scams were a hit campaign last year and are continuing in 2019 with a new trick – the ...

Read More

Latest Flash 0-Day (CVE-2018-15982) Leaves its Office Doc Friend Behind

CVE-2018-15982 is the Flash 0day that was patched by Adobe at the beginning of December. At the ...

Read More

Using IPv6 to Bypass Security

Introduction

Read More

Living off the LAN

When an attacker uses tools native to the operating system it is referred to as Living off the ...

Read More

Overview of Meltdown and Spectre

You have probably heard the news of new vulnerabilities that affect most major chipsets, including ...

Read More

Spam Masters of Extortion, Illusion and Evasion

In 2018 we saw a rise in sextortion scams in which cyber-criminals notified their victims via email ...

Read More