Mass MikroTik Router Infection – First we cryptojack Brazil, then we take the World?

On July 31st , just after getting back to the office from my talk at RSA Asia 2018 about how cyber ...

Read More

Multiple Vulnerabilities in NETGEAR Routers

Last year I discovered multiple vulnerabilities in NETGEAR products. Now that these vulnerabilities ...

Read More

Multiple Vulnerabilities in WD MyCloud

While performing security research on personal storage I found some vulnerabilities in the WD ...

Read More

Inspecting Encrypted Network Traffic with JA3

Part of our job as security researchers is keeping up with new tools and techniques used to monitor ...

Read More

ModSecurity - News and Commercial Rules Update

Over the past few months there has been a lot going on with ModSecurity. There was libModSecurity ...

Read More

ModSecurity Version 3.0 Announcement

libModSecurity aka ModSecurity version 3.0 is out there. libModSecurity starts a new era in terms ...

Read More

Microsoft Patch Tuesday, January 2018

Happy 2018 everyone! January's Patch Tuesday will ease you into the new year with just 23 CVEs ...

Read More

BrickerBot mod_plaintext Analysis

A week ago, the author of BrickerBot claimed that they retired and published their manifesto along ...

Read More

CHM Badness Delivers a Banking Trojan

Like good old Microsoft Office Macros, Compiled HTML (CHM) Help files have been utilized by malware ...

Read More

Sneaky .BAT File Leads to Spoofed Banking Page

If you thought using BAT files was an old hat, think again. While monitoring our Secure Email ...

Read More

Microsoft Patch Tuesday, December 2017

Today marks the last Microsoft Patch Tuesday of 2017 and, with only 34 CVEs patched, it's one of ...

Read More

Simplifying Password Spraying

As a penetration tester, attaining Windows domain credentials are akin to gaining the keys to the ...

Read More

Using Buildroot for Security Research of IoT and Other Embedded Systems

These days many vendors, like IoT vendors, use Linux running on top of ARM CPU for their embedded ...

Read More

Helping to Secure your PostgreSQL Database

When big high-tech companies like Apple, Red Hat and Cisco use PostgreSQL in their data ...

Read More

Microsoft Patch Tuesday, November 2017

It's that time of the month again for Microsoft updates. November's Patch Tuesday brings with it ...

Read More

Denial of Service Vulnerability in Brother Printers

A vulnerability in the web front-end of Brother printers (called Debut) allows an attacker to ...

Read More

The Complexity amidst Simplicity: Exploiting the MS Office DDE Feature

Albert Einstein once said, "Out of Complexity, Find Simplicity" but it also seems that simplicity ...

Read More

An Easy Introduction to Steganography

Some time ago, a person reached out to Trustwave to get answers regarding some news that he saw ...

Read More

ModSecurity Web Application Firewall - Commercial Rules Update(4)

We have recently released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 ...

Read More

Locky Part 2: As the Seasons Change so is Locky

It's that time of year when the seasons are changing. The Northern Hemisphere moves into Autumn, ...

Read More

Microsoft Patch Tuesday, October 2017

October is here and brings with it patches for 62 CVEs and a handful of additional advisories. 28 ...

Read More

Post-Soviet Bank Heists: A Hybrid Cybercrime Study

Today we are publishing a SpiderLabs Advanced Threat Report that details a major cyberattack ...

Read More

Introducing Burplay, A Burp Extension for Detecting Privilege Escalations

The seventh entry on the most recent OWASP Top 10 release (from 2013, due to the 2017 release ...

Read More

ModSecurity Web Application Firewall - Commercial Rules Update (3)

We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...

Read More

ModSecurity version 3.0.0 first release candidate

Recently we announced the first release candidate for libModSecurity (also as known as ModSecurity ...

Read More

The Spam, JavaScript and Ransomware Triangle

Authors: Dr. Fahim Abbasi and Nicholas Ramos

Read More

Cuckoo Linux Subsystem: Some Love for Windows 10

I normally use Linux for my malware analysis lab machine. But, recently, I got interested in the ...

Read More

Necurs Unleashed “Locky diablo” from Hell

Over two days in early August (the 8th and 9th), amidst of the active distribution of Trickbot ...

Read More