ModSecurity version 3.0.0 first release candidate

Recently we announced the first release candidate for libModSecurity (also as known as ModSecurity ...

Read More

The Spam, JavaScript and Ransomware Triangle

Authors: Dr. Fahim Abbasi and Nicholas Ramos

Read More

Cuckoo Linux Subsystem: Some Love for Windows 10

I normally use Linux for my malware analysis lab machine. But, recently, I got interested in the ...

Read More

Necurs Unleashed “Locky diablo” from Hell

Over two days in early August (the 8th and 9th), amidst of the active distribution of Trickbot ...

Read More

ModSecurity Web Application Firewall - Commercial Rules Update (2)

We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...

Read More

Announcing ModSecurity version 2.9.2

We recently released ModSecurity version 2.9.2. The release contains a number of bug fixes, ...

Read More

Microsoft Patch Tuesday, August 2017

August's Patch Tuesday brings with it a relatively light month closing holes in 48 CVEs. Over all ...

Read More

Chip Off the Old EMV

Recently, Jason Knowles of ABC 7's I-Team asked us, "What is the security risk if your EMV chip ...

Read More

Tale of the Two Payloads – TrickBot and Nitol

A couple of weeks ago, we observed the Necurs botnet distributing a new malware spam campaign with ...

Read More

Spammed JScript Phones Home To Download NemucodAES And Kovter

Contributed by: Gerald Carsula, Rodel Mendez and Nicholas Ramos

Read More

ModSecurity Web Application Firewall - Commercial Rules Update (1)

We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...

Read More

Petya From The Wire: Detection using IDPS

Most malware that traverses a network do so with specific indicators, some of which look like ...

Read More

Microsoft Patch Tuesday, July 2017

July's Patch Tuesday brings patches for 54 CVEs, nearly half the number patched in June and back to ...

Read More

A Computational Complexity Attack against Racoon and ISAKMP Fragmentation

Trustwave recently reported a remotely exploitable computational complexity vulnerability in the ...

Read More

Petya Ransomware: A glimpse of the past, the present, and the future

Ransomware seem to be the trend now and this type of malware will no doubt continue to grow. But do ...

Read More

Elephone P9000 Lock Screen Lockout Bypass

Brute force attacks against smartphones are not usually a viable attack vector. Manufacturers ...

Read More

0-Day Alert: Your Humax WiFi Router Might Be In Danger

Over the years WiFi Routers have been notoriously susceptible to simple attacks. In early 2017, ...

Read More

The Petya/NotPetya Ransomware Campaign

This is an ongoing, emerging story and may be updated after posting.

Read More

ModSecurity version 3: Fuzzing as part of the QA

The stability of any given project is often tracked by its maturity, which is generally measured by ...

Read More

Minimalist Alina PoS Variant Starts Using SSL

More than four years ago, we published a series of blogs discussing in-depth analysis of Alina ...

Read More

ModSecurity Web Application Firewall - Commercial Rules Update

We have just released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...

Read More

KOVTER and CERBER on a One-Two Punch using Fake Delivery Notification

We previously outlined a spam campaign that delivered FAKEGLOBE and CERBER ransomwares. This week ...

Read More

Microsoft Patch Tuesday, June 2017

For the June 2017 Patch Tuesday Microsoft is releasing 97 CVEs, nearly double the number of ...

Read More

The WannaCry Impact on Databases Trustwave Database Security Knowledgebase Special Update 5.15

WannaCry is a network worm that exploits a vulnerability in Microsoft's implementation of the SMB ...

Read More

FakeGlobe and Cerber Ransomware: Sneaking under the radar while WeCry

Recently, we observed a constant influx of spam that distributes two ransomware families, perhaps ...

Read More

Necurs Recurs

The Necurs botnet, which was responsible for millions of malicious spam messages last year, has ...

Read More

URSNIF is Back Riding a New Wave of Spam

The infamous data-stealing URSNIF malware has done it again and it's here to collect more ...

Read More

Advanced Malware Detection with Suricata Lua Scripting

Normal IDPS signatures using either Snort or Suricata have quite a few options and, if regex is ...

Read More