An Easy Introduction to Steganography
Some time ago, a person reached out to Trustwave to get answers regarding some news that he saw ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update(4)
We have recently released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 ...
Read MoreLocky Part 2: As the Seasons Change so is Locky
It's that time of year when the seasons are changing. The Northern Hemisphere moves into Autumn, ...
Read MoreMicrosoft Patch Tuesday, October 2017
October is here and brings with it patches for 62 CVEs and a handful of additional advisories. 28 ...
Read MorePost-Soviet Bank Heists: A Hybrid Cybercrime Study
Today we are publishing a SpiderLabs Advanced Threat Report that details a major cyberattack ...
Read MoreIntroducing Burplay, A Burp Extension for Detecting Privilege Escalations
The seventh entry on the most recent OWASP Top 10 release (from 2013, due to the 2017 release ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update (3)
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MoreModSecurity version 3.0.0 first release candidate
Recently we announced the first release candidate for libModSecurity (also as known as ModSecurity ...
Read MoreCuckoo Linux Subsystem: Some Love for Windows 10
I normally use Linux for my malware analysis lab machine. But, recently, I got interested in the ...
Read MoreNecurs Unleashed “Locky diablo” from Hell
Over two days in early August (the 8th and 9th), amidst of the active distribution of Trickbot ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update (2)
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MoreAnnouncing ModSecurity version 2.9.2
We recently released ModSecurity version 2.9.2. The release contains a number of bug fixes, ...
Read MoreMicrosoft Patch Tuesday, August 2017
August's Patch Tuesday brings with it a relatively light month closing holes in 48 CVEs. Over all ...
Read MoreChip Off the Old EMV
Recently, Jason Knowles of ABC 7's I-Team asked us, "What is the security risk if your EMV chip ...
Read MoreTale of the Two Payloads – TrickBot and Nitol
A couple of weeks ago, we observed the Necurs botnet distributing a new malware spam campaign with ...
Read MoreSpammed JScript Phones Home To Download NemucodAES And Kovter
Contributed by: Gerald Carsula, Rodel Mendez and Nicholas Ramos
Read MoreModSecurity Web Application Firewall - Commercial Rules Update (1)
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MorePetya From The Wire: Detection using IDPS
Most malware that traverses a network do so with specific indicators, some of which look like ...
Read MoreMicrosoft Patch Tuesday, July 2017
July's Patch Tuesday brings patches for 54 CVEs, nearly half the number patched in June and back to ...
Read MoreA Computational Complexity Attack against Racoon and ISAKMP Fragmentation
Trustwave recently reported a remotely exploitable computational complexity vulnerability in the ...
Read MorePetya Ransomware: A glimpse of the past, the present, and the future
Ransomware seem to be the trend now and this type of malware will no doubt continue to grow. But do ...
Read MoreElephone P9000 Lock Screen Lockout Bypass
Brute force attacks against smartphones are not usually a viable attack vector. Manufacturers ...
Read More0-Day Alert: Your Humax WiFi Router Might Be In Danger
Over the years WiFi Routers have been notoriously susceptible to simple attacks. In early 2017, ...
Read MoreThe Petya/NotPetya Ransomware Campaign
This is an ongoing, emerging story and may be updated after posting.
Read MoreModSecurity version 3: Fuzzing as part of the QA
The stability of any given project is often tracked by its maturity, which is generally measured by ...
Read MoreMinimalist Alina PoS Variant Starts Using SSL
More than four years ago, we published a series of blogs discussing in-depth analysis of Alina ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update
We have just released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read More