Mass MikroTik Router Infection – First we cryptojack Brazil, then we take the World?
On July 31st , just after getting back to the office from my talk at RSA Asia 2018 about how cyber ...
Read More
Multiple Vulnerabilities in NETGEAR Routers
Last year I discovered multiple vulnerabilities in NETGEAR products. Now that these vulnerabilities ...
Read MoreMultiple Vulnerabilities in WD MyCloud
While performing security research on personal storage I found some vulnerabilities in the WD ...
Read MoreInspecting Encrypted Network Traffic with JA3
Part of our job as security researchers is keeping up with new tools and techniques used to monitor ...
Read MoreModSecurity - News and Commercial Rules Update
Over the past few months there has been a lot going on with ModSecurity. There was libModSecurity ...
Read MoreModSecurity Version 3.0 Announcement
libModSecurity aka ModSecurity version 3.0 is out there. libModSecurity starts a new era in terms ...
Read MoreMicrosoft Patch Tuesday, January 2018
Happy 2018 everyone! January's Patch Tuesday will ease you into the new year with just 23 CVEs ...
Read MoreBrickerBot mod_plaintext Analysis
A week ago, the author of BrickerBot claimed that they retired and published their manifesto along ...
Read MoreCHM Badness Delivers a Banking Trojan
Like good old Microsoft Office Macros, Compiled HTML (CHM) Help files have been utilized by malware ...
Read MoreSneaky .BAT File Leads to Spoofed Banking Page
If you thought using BAT files was an old hat, think again. While monitoring our Secure Email ...
Read MoreMicrosoft Patch Tuesday, December 2017
Today marks the last Microsoft Patch Tuesday of 2017 and, with only 34 CVEs patched, it's one of ...
Read MoreSimplifying Password Spraying
As a penetration tester, attaining Windows domain credentials are akin to gaining the keys to the ...
Read MoreUsing Buildroot for Security Research of IoT and Other Embedded Systems
These days many vendors, like IoT vendors, use Linux running on top of ARM CPU for their embedded ...
Read MoreHelping to Secure your PostgreSQL Database
When big high-tech companies like Apple, Red Hat and Cisco use PostgreSQL in their data ...
Read MoreMicrosoft Patch Tuesday, November 2017
It's that time of the month again for Microsoft updates. November's Patch Tuesday brings with it ...
Read MoreDenial of Service Vulnerability in Brother Printers
A vulnerability in the web front-end of Brother printers (called Debut) allows an attacker to ...
Read MoreThe Complexity amidst Simplicity: Exploiting the MS Office DDE Feature
Albert Einstein once said, "Out of Complexity, Find Simplicity" but it also seems that simplicity ...
Read MoreAn Easy Introduction to Steganography
Some time ago, a person reached out to Trustwave to get answers regarding some news that he saw ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update(4)
We have recently released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 ...
Read MoreLocky Part 2: As the Seasons Change so is Locky
It's that time of year when the seasons are changing. The Northern Hemisphere moves into Autumn, ...
Read MoreMicrosoft Patch Tuesday, October 2017
October is here and brings with it patches for 62 CVEs and a handful of additional advisories. 28 ...
Read MorePost-Soviet Bank Heists: A Hybrid Cybercrime Study
Today we are publishing a SpiderLabs Advanced Threat Report that details a major cyberattack ...
Read MoreIntroducing Burplay, A Burp Extension for Detecting Privilege Escalations
The seventh entry on the most recent OWASP Top 10 release (from 2013, due to the 2017 release ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update (3)
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MoreModSecurity version 3.0.0 first release candidate
Recently we announced the first release candidate for libModSecurity (also as known as ModSecurity ...
Read MoreCuckoo Linux Subsystem: Some Love for Windows 10
I normally use Linux for my malware analysis lab machine. But, recently, I got interested in the ...
Read MoreNecurs Unleashed “Locky diablo” from Hell
Over two days in early August (the 8th and 9th), amidst of the active distribution of Trickbot ...
Read More