Microsoft Advance Notification for June 2014
Microsoft will be releasing the next security patch release on Tuesday, June 10th. This release ...
Read More
CVE-2014-0515 Goes to Brazil for World Cup 2014
The FIFA World Cup 2014 begings June 12 and enthusiasm about the event has shown itself in ...
Read MoreCVE-2014-2120 – A Tale of Cisco ASA “Zero-Day”
A few months ago I was trying to PoC a known cross-site scripting vulnerability in the Cisco ASA ...
Read MoreThird-Party Auth Token Theft: The Big Picture
Nothing sets the technical journalists abuzz like the prospect of a catastrophic, Internet-wide ...
Read MoreWireless Cameras and Webcams: Are You Being Watched?
Trustwave SpiderLabs recently disclosed vulnerabilities in several models of Y-Cam brand wireless ...
Read MoreJava-based Malware Distributed Through Spam
For the past few months, we've observed more spam with Java-based malware attachments. The recent ...
Read MoreMass Malicious PDF Email Campaigns from Cutwail
Over the last two weeks we have noticed a high number of emails with PDF attachments in our spam ...
Read MoreTrustkeeper Scan Engine Update - May 21, 2014
We're back to bring you a large Scan Engine update. We've packed this release with tons of new ...
Read MoreBaby's first NX+ASLR bypass
Recently, I've been trying to improve my skills with regards to exploiting memory corruption flaws. ...
Read MoreMicrosoft Patch Tuesday, May 2014
May's Microsoft Patch Tuesday contains eight bulletins, the most of any release so far this year. ...
Read MoreMicrosoft Advance Notification for May 2014
Tuesday, May 13 marks the next Microsoft security patch release. This release will contain eight ...
Read MoreExploit Kit Roundup: Best of Obfuscation Techniques
The world of exploit kits is an ever-changing one, if you happen to look away even just for one ...
Read More[Honeypot Alert] Open Flash Charts File Upload Attacks
Our web honeypots picked up some increased scanning/exploit activity for the following file upload ...
Read MoreDetecting A Surveillance State - Part 4 Cellular Attacks
This is the fourth and final post in my series of posts about state actor surveillance ...
Read MoreMicrosoft Internet Explorer 0-Day (CVE-2014-1776)
A zero-day vulnerability in Microsoft Internet Explorer, CVE-2014-1776, was recently discovered ...
Read MoreLnk files in Email Malware Distribution
Recently I have noticed more use of .lnk files used in malware distribution via email. These files ...
Read MoreModSecurity Advanced Topic of the Week: JSON Support
Submitted by Felipe Costa and Ryan Barnett (SpiderLabs Research - ModSecurity Team)
Read MorePrivilege Escalation Vulnerability in Cisco ASA's SSL VPN
Trustwave SpiderLabs security researcher Jonathan Claudius has discovered a privilege escalation ...
Read MoreNetSupport Information Leakage Using Nmap Script
NetSupport allows corporations to remotely manage and connect to PC's and servers from a central ...
Read More