ModSecurity version 3.0.0 first release candidate
Recently we announced the first release candidate for libModSecurity (also as known as ModSecurity ...
Read MoreCuckoo Linux Subsystem: Some Love for Windows 10
I normally use Linux for my malware analysis lab machine. But, recently, I got interested in the ...
Read MoreNecurs Unleashed “Locky diablo” from Hell
Over two days in early August (the 8th and 9th), amidst of the active distribution of Trickbot ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update (2)
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MoreAnnouncing ModSecurity version 2.9.2
We recently released ModSecurity version 2.9.2. The release contains a number of bug fixes, ...
Read MoreMicrosoft Patch Tuesday, August 2017
August's Patch Tuesday brings with it a relatively light month closing holes in 48 CVEs. Over all ...
Read MoreChip Off the Old EMV
Recently, Jason Knowles of ABC 7's I-Team asked us, "What is the security risk if your EMV chip ...
Read MoreTale of the Two Payloads – TrickBot and Nitol
A couple of weeks ago, we observed the Necurs botnet distributing a new malware spam campaign with ...
Read MoreSpammed JScript Phones Home To Download NemucodAES And Kovter
Contributed by: Gerald Carsula, Rodel Mendez and Nicholas Ramos
Read MoreModSecurity Web Application Firewall - Commercial Rules Update (1)
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MorePetya From The Wire: Detection using IDPS
Most malware that traverses a network do so with specific indicators, some of which look like ...
Read MoreMicrosoft Patch Tuesday, July 2017
July's Patch Tuesday brings patches for 54 CVEs, nearly half the number patched in June and back to ...
Read MoreA Computational Complexity Attack against Racoon and ISAKMP Fragmentation
Trustwave recently reported a remotely exploitable computational complexity vulnerability in the ...
Read MorePetya Ransomware: A glimpse of the past, the present, and the future
Ransomware seem to be the trend now and this type of malware will no doubt continue to grow. But do ...
Read MoreElephone P9000 Lock Screen Lockout Bypass
Brute force attacks against smartphones are not usually a viable attack vector. Manufacturers ...
Read More0-Day Alert: Your Humax WiFi Router Might Be In Danger
Over the years WiFi Routers have been notoriously susceptible to simple attacks. In early 2017, ...
Read MoreThe Petya/NotPetya Ransomware Campaign
This is an ongoing, emerging story and may be updated after posting.
Read MoreModSecurity version 3: Fuzzing as part of the QA
The stability of any given project is often tracked by its maturity, which is generally measured by ...
Read MoreMinimalist Alina PoS Variant Starts Using SSL
More than four years ago, we published a series of blogs discussing in-depth analysis of Alina ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update
We have just released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MoreKOVTER and CERBER on a One-Two Punch using Fake Delivery Notification
We previously outlined a spam campaign that delivered FAKEGLOBE and CERBER ransomwares. This week ...
Read MoreMicrosoft Patch Tuesday, June 2017
For the June 2017 Patch Tuesday Microsoft is releasing 97 CVEs, nearly double the number of ...
Read MoreThe WannaCry Impact on Databases Trustwave Database Security Knowledgebase Special Update 5.15
WannaCry is a network worm that exploits a vulnerability in Microsoft's implementation of the SMB ...
Read MoreFakeGlobe and Cerber Ransomware: Sneaking under the radar while WeCry
Recently, we observed a constant influx of spam that distributes two ransomware families, perhaps ...
Read MoreNecurs Recurs
The Necurs botnet, which was responsible for millions of malicious spam messages last year, has ...
Read MoreURSNIF is Back Riding a New Wave of Spam
The infamous data-stealing URSNIF malware has done it again and it's here to collect more ...
Read MoreAdvanced Malware Detection with Suricata Lua Scripting
Normal IDPS signatures using either Snort or Suricata have quite a few options and, if regex is ...
Read More