The Petya/NotPetya Ransomware Campaign
This is an ongoing, emerging story and may be updated after posting.
Read MoreModSecurity version 3: Fuzzing as part of the QA
The stability of any given project is often tracked by its maturity, which is generally measured by ...
Read MoreMinimalist Alina PoS Variant Starts Using SSL
More than four years ago, we published a series of blogs discussing in-depth analysis of Alina ...
Read MoreModSecurity Web Application Firewall - Commercial Rules Update
We have just released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and ...
Read MoreKOVTER and CERBER on a One-Two Punch using Fake Delivery Notification
We previously outlined a spam campaign that delivered FAKEGLOBE and CERBER ransomwares. This week ...
Read MoreMicrosoft Patch Tuesday, June 2017
For the June 2017 Patch Tuesday Microsoft is releasing 97 CVEs, nearly double the number of ...
Read MoreThe WannaCry Impact on Databases Trustwave Database Security Knowledgebase Special Update 5.15
WannaCry is a network worm that exploits a vulnerability in Microsoft's implementation of the SMB ...
Read MoreFakeGlobe and Cerber Ransomware: Sneaking under the radar while WeCry
Recently, we observed a constant influx of spam that distributes two ransomware families, perhaps ...
Read MoreNecurs Recurs
The Necurs botnet, which was responsible for millions of malicious spam messages last year, has ...
Read MoreURSNIF is Back Riding a New Wave of Spam
The infamous data-stealing URSNIF malware has done it again and it's here to collect more ...
Read MoreAdvanced Malware Detection with Suricata Lua Scripting
Normal IDPS signatures using either Snort or Suricata have quite a few options and, if regex is ...
Read MoreTheShadowBrokers Babytalk Translation
TheShadowBrokers have just released a blog post (written in a child-like style to mock the lack of ...
Read MoreWannaCry: We Want to Cry
Contributors: Phil Hay, Rodel Mendrez, Gerald Carsula, Nicholas Ramos, Homer Pacag For the last few ...
Read MoreWannaCry: We Want to Cry
For the last few days the WannaCry ransomware event created mayhem, where organizations worldwide ...
Read MoreThe WannaCry Ransomware Campaign
By now you have likely heard about the WannaCry (aka WannaCrypt) ransomware campaign that has taken ...
Read MoreMicrosoft Patch Tuesday, May 2017
Microsoft is releasing 56 CVEs for the May 2017 Patch Tuesday today. This includes 15 CVEs rated ...
Read MoreMultiple Vulnerabilities in Avast Antivirus
Last year I decided to do some security research on an antivirus product. Avast seemed a good ...
Read MoreMicrosoft Patch Tuesday, April 2017
April Patch Tuesday is here and, like the change of the seasons, this release comes with changes in ...
Read MoreUnderstanding and Discovering Open Redirect Vulnerabilities
One of the most common and largely overlooked vulnerabilities by web developers is Open Redirect ...
Read MoreAnd Then? Where is the Risk with Steganography?
In the previous posts, Steganography... what is that? and Steganalysis, the Counterpart of ...
Read MoreProtecting Yourself from MongoDB Ransomware
In the realm of malware, ransomware has been king for the last few years, compromising unsecured ...
Read MoreExploiting Privilege Escalation in Serv-U by SolarWinds
I was recently working on an external network penetration test where I identified a new ...
Read MoreAuthentication and Encryption in PAS Web Shell Variant
Introduction During a recent incident response case, we were tasked with discovering the point of ...
Read MoreDatabase Security Knowledgebase Update 5.12
This month's update for Database Security Knowledgebase is now available. Knowledgebase version ...
Read MoreMicrosoft Patch Tuesday, March 2017
We knew that the Microsoft's Valentine's gift to cancel Patch Tuesday on February 14th was only ...
Read More