Microsoft Patch Tuesday, February 2016

February Patch Tuesday is here with double the number of vulnerabilities that were patched in ...

Read More

Angler Exploit Kit – Gunning For the Top Spot

They say that with great power comes great responsibility. In the world of websites the more ...

Read More

Base64 versus Plaintext Observations

Recently we have been working on the libmodsecurity project. As part of the project we no longer ...

Read More

Neutrino Exploit Kit Not Responding – Bug or Feature?

A couple of weeks ago we were looking at some exploit kits in one of our lab environments and ...

Read More

Sending ModSecurity Logs to MySQL

Previous Work

Read More

Microsoft Patch Tuesday, January 2016

It's a new year and with it comes a fresh batch of CVEs. As expected this January's Patch Tuesday ...

Read More

About CVE-2015-8518: SAP Adaptive Server Enterprise Extended Stored Procedure Unauthorized Invocation

SAP released an update for SAP ASE 16.0 and 15.7 that addresses a serious security flaw discovered ...

Read More

ModSecurity Python Bindings: Parsing ModSecurity rules from Python

One of the good things about the next generation of ModSecurity, libModSecurity (AKA ModSecurity ...

Read More

An Overview of the Upcoming libModSecurity

libModSecurity is a major rewrite of ModSecurity. It preserves the rich syntax and feature set of ...

Read More

Neutrino Exploit Kit – One Flash File to Rule Them All

There's been a bit of talk about the Neutrino exploit kit lately, most of it revolving around sites ...

Read More

Endless Evasion Racing Game

In the past year we have been exploring the Magnitude Exploit Kit - one of the major actors in the ...

Read More

3-in-1 Malware Infection through Spammed JavaScript Attachments

Recently we've observed a massive uptick of malicious spam with JavaScript attachments with an ...

Read More

Protecting Your Sites from Apache.Commons Vulnerabilities

Overview A few weeks ago, FoxGlove Security released this important blog post that includes several ...

Read More

Defender for IoT’s Firmware Analysis Tool is Exceptional

One of my "pastimes," if you will, is to check out the features of various security tools. I had ...

Read More

Joomla 0-Day Exploited In the Wild (CVE-2015-8562)

A recent new 0-day in Joomla discovered by Sucuri (Sucuri Blog) has drawn a lot of attention from ...

Read More

Mom Spies a Hack

Have you ever wondered if all that informal training you do with your friends & family is ...

Read More

Microsoft Patch Tuesday, December 2015

The December Microsoft Path Tuesday is upon us and it does not bring any happy tidings. It brings ...

Read More

Another Brick in the FrameworkPoS

Introduction FrameworkPoS is a well-documented family of malware that targets Point of Sale (PoS) ...

Read More

New Memory Scraping Technique in Cherry Picker PoS Malware

Introduction Working primarily with point of sale malware, we regularly see the telltale signs of ...

Read More

Shining the Spotlight on Cherry Picker PoS Malware

Introduction For the last five years Trustwave has been monitoring a threat across a number of ...

Read More

BOM Obfuscation in Spam

Spammers try all sorts of tricks to obfuscate, including trying to obfuscate URLs so they cannot be ...

Read More

Microsoft Patch Tuesday, November 2015

November's Patch Tuesday marks a return to business as usual. Where October was a rather light ...

Read More

SpiderLabs Radio for the Week of November 2, 2015 - Final Episode

In this week's episode:

Read More

Oracle Database 11.2 SQLi in XML index statistics processing (CVE-2015-4900)

In the October 2015 'Critical Patch Update' Oracle fixed a flaw in XML index support code: namely ...

Read More

About Lenovo System Update Vulnerabilities and CVE-2015-6971

Over the past seven months, a number of vulnerabilities in Lenovo System Update software have come ...

Read More

SpiderLabs Radio for the Week of October 19, 2015

Two separate SpiderLabs vulnerabilities released:

Read More

Joomla SQL Injection Vulnerability Exploit Results in Full Administrative Access

Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in ...

Read More

How To Decrypt Ruby SSL Communications with Wireshark

Debugging a program that communicates with a remote endpoint usually involves analyzing the network ...

Read More