TheShadowBrokers Babytalk Translation

TheShadowBrokers have just released a blog post (written in a child-like style to mock the lack of ...

Read More

WannaCry: We Want to Cry

Contributors: Phil Hay, Rodel Mendrez, Gerald Carsula, Nicholas Ramos, Homer Pacag For the last few ...

Read More

WannaCry: We Want to Cry

For the last few days the WannaCry ransomware event created mayhem, where organizations worldwide ...

Read More

The WannaCry Ransomware Campaign

By now you have likely heard about the WannaCry (aka WannaCrypt) ransomware campaign that has taken ...

Read More

Airachnid: Web Cache Deception Burp Extender

Introduction

Read More

Microsoft Patch Tuesday, May 2017

Microsoft is releasing 56 CVEs for the May 2017 Patch Tuesday today. This includes 15 CVEs rated ...

Read More

Carbanak Continues To Evolve: Quietly Creeping into Remote Hosts

Introduction

Read More

Multiple Vulnerabilities in Avast Antivirus

Last year I decided to do some security research on an antivirus product. Avast seemed a good ...

Read More

Microsoft Patch Tuesday, April 2017

April Patch Tuesday is here and, like the change of the seasons, this release comes with changes in ...

Read More

Understanding and Discovering Open Redirect Vulnerabilities

One of the most common and largely overlooked vulnerabilities by web developers is Open Redirect ...

Read More

And Then? Where is the Risk with Steganography?

In the previous posts, Steganography... what is that? and Steganalysis, the Counterpart of ...

Read More

Protecting Yourself from MongoDB Ransomware

In the realm of malware, ransomware has been king for the last few years, compromising unsecured ...

Read More

Exploiting Privilege Escalation in Serv-U by SolarWinds

I was recently working on an external network penetration test where I identified a new ...

Read More

Authentication and Encryption in PAS Web Shell Variant

Introduction During a recent incident response case, we were tasked with discovering the point of ...

Read More

Database Security Knowledgebase Update 5.12

This month's update for Database Security Knowledgebase is now available. Knowledgebase version ...

Read More

Hey Buddy, Can You Spare a Log? Adventures in Log-Based Threat Hunting

Introduction

Read More

Microsoft Patch Tuesday, March 2017

We knew that the Microsoft's Valentine's gift to cancel Patch Tuesday on February 14th was only ...

Read More

Undocumented Backdoor Account in DBLTek GoIP

Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of ...

Read More

Hanz Ostmaster’s revenge: An SSL Validation issue

Why would I title a blog post with the name 'Hanz Ostmaster'? Don't worry, it's not some new named ...

Read More

Unauthenticated Backdoor Access in Unanet

The default configuration of the Unanet web application has a backdoor that can allow ...

Read More

Database Security Knowledgebase Update 5.11

This month's update for Database Security Knowledgebase is now available.

Read More

Underground Scams: Cutting the Head Off a Snake

Shortly after publishing our post about Terror EK, "King Cobra" (a Twitter account that we ...

Read More

CVE-2017-5521: Bypassing Authentication on NETGEAR Routers

Home routers are the first and sometimes last line of defense for a network. Despite this fact, ...

Read More

SVG Files Are Not As Benign As It May Seem

Bad guys are getting quite creative trying to evade spam filters and antivirus scanners. Last week, ...

Read More

Creating the ModSecurity v3 IDS connector as part of Google Summer of Code

A note from the Trustwave Spiderlabs ModSecurity team:

Read More

Two Privilege Escalation Vulnerabilities in McAfee Security Scan Plus

This post will discuss two separate Local Privilege Escalation vulnerabilities in the McAfee ...

Read More

Is ModSecurity’s SecRules Turing Complete?

Have you ever seen a rule for ModSecurity? They may look similar to the following:

Read More

Operation Grand Mars: a comprehensive profile of Carbanak activity in 2016/17

The Trustwave SpiderLabs team has been actively tracking a malicious campaign conducted by the ...

Read More