CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption

Trustwave recently discovered a locally exploitable issue in the macOS version of the Webroot ...

Read More

Patch Tuesday, September 2018

September's Patch Tuesday is here with patches for 61 CVEs and two roll up patches, one for ...

Read More

Drupal Cache Poisoning SA-CORE-2018-005

(Analysis by Lena Frid, Bar Menachem and Victor Hora)

Read More

Firework: Leveraging Microsoft Workspaces in a Penetration Test

Overview WCX files can be used to configure a Microsoft Workplace on a system with a couple of ...

Read More

Oracle Critical Patch Update July 2018 and Security Alert for CVE-2018-3110

On July 17th 2018 Oracle released Critical Patch Update (CPU) in accordance with their predefined ...

Read More

CVE-2018-8006: XSS in Apache ActiveMQ

A cross site scripting (XSS) vulnerability exists in Apache ActiveMQprior to version 5.15.5. Apache ...

Read More

Bank Malspam Revisited

Last week we wrote about some malicious spam containing Microsoft Publisher files, leading to the ...

Read More

Alina: Following The Shadow Part 1

Last I spoke with you, I went into the details of a family of Point of Sale (POS) malware, named ...

Read More

Malspam Campaign Targets Banks Using Microsoft Publisher

It's very unusual for malware authors to utilize publishing software like Microsoft Publisher which ...

Read More

Patch Tuesday, August 2018

Patch Tuesday, August 2018

Read More

Mapping Social Media with Facial Recognition: A New Tool for Penetration Testers and Red Teamers

Performing intelligence gathering is a time-consuming process, it typically starts by attempting to ...

Read More

CVE-2018-2892 - Kernel Level Privilege Escalation in Oracle Solaris

Trustwave recently discovered a locally exploitable issue in all current versions of Oracle Solaris ...

Read More

Malicious SettingContent now Delivered Through PDF

Recently, a proof-of-conceptemerged on how the filetype SettingContent can be abused when getting ...

Read More

DanaBot Riding Fake MYOB Invoice Emails

Authors: Dr. Fahim Abbasi and Diana Lopera

Read More

Patch Tuesday, July 2018

July's Patch Tuesday is here with patches for 53 CVEs and the standard roll up of patches for ...

Read More

Web Application Security-ModSecurity Commercial Rules, Update for June 2018

Overview for rules released by Trustwave SpiderLabs in November for ModSecurity Commercial Rules ...

Read More

Adobe Flash Player 0-Day (CVE-2018-5002)

An Adobe advisory regarding a zero-day vulnerability in Adobe Flash Player was published late last ...

Read More

Patch Tuesday, June 2018

For June's Patch Tuesday Microsoft is patching 50 CVEs and releasing 2 advisories. Adobe Flash is ...

Read More

Breakdown of the EFAIL Email Vulnerabilities

hullabaloo [huhl-uh-buh-loo], noun, plural hullabaloos.

Read More

CVE-2018-8174 and Forcing Internet Explorer Exploits

A zero day exploit was discovered targeting trade agencies and other related organizations in China ...

Read More

CVE-2018-1000136 - Electron nodeIntegration Bypass

A few weeks ago, I came across a vulnerability that affected all current versions of Electron at ...

Read More

Patch Tuesday, May 2018

May's Patch Tuesday is here and it looks like these monthly releases have plateaued at around 70 ...

Read More

'Drupalgeddon2' Recent Developments

Drupal, the popular Content Management System, (might) have seen better days. There's been a lot of ...

Read More

All Your Base64 Are Belong To Us – Dynamic vs. Static Analysis of Web Content

I recently encountered an interesting phishing scheme when reviewing telemetry of incidents blocked ...

Read More

Patch Tuesday, April 2018

April's Patch Tuesday didn't let up much compared to March. Overall April brings with it patches ...

Read More

Crypter-as-a-Service Helps jRAT Fly Under The Radar

(Contributor: Dr. Fahim Abbasi and Phil Hay)

Read More

Patch Tuesday, March 2018

March is coming in like a lion with this Patch Tuesday. The release patches 73 CVEs and includes ...

Read More

Fake ASIC Renewal Spam Delivers Malware to Australian Companies

The Australian Securities and Investment Commission (ASIC) is an independent government agency that ...

Read More