Trustwave Analysis of the April 2014 Oracle CPU for Databases
The 17th of April fell this week, which means it is Oracle Critical Patch Update (CPU) time. The ...
Read MoreThe 17th of April fell this week, which means it is Oracle Critical Patch Update (CPU) time. The ...
Read MoreIn this episode I bid a fond farewell to Windows XP; Microsoft patches that RTF 0-day ...
Read MoreAs Karl noted in his Patch Tuesday post, yesterday was the last day of support for Windows XP.
Read MoreIn this third installment of Detecting A Surveillance State blog series I will move away from ...
Read MoreApart from our typical application penetration testing engagements, clients sometimes come to us ...
Read MoreApril's Microsoft Patch Tuesday is on par with the prior releases this year. There are only four ...
Read MoreIn this episode I talk about GMail making HTTPS mandatory, a move some people don't like; Microsoft ...
Read MoreA zero-day vulnerability in Microsoft Word involving the handling of the RTF file format was ...
Read MoreThe Microsoft April security release is almost upon us with security updates scheduled to deploy on ...
Read MoreDuring our last ATM review engagement, we found some interesting executable files that were run by ...
Read MoreOn a recent gig I was hit with hundreds of hosts running a service on port TCP 5405, the NetSupport ...
Read MoreLooking to refinance your house? Install solar panels? Hey, this email about refinancing (or solar ...
Read MoreSince 2003 a large part of my workday has been devoted solely to hacking systems. Over this time ...
Read MoreOur web honeypots picked up some increased exploit attempts for an old Joomla Content Editor (JCE) ...
Read MoreIn this episode we talk about the Windigo malware campaign, how a well-intentioned hacker brought ...
Read MoreOWASP is again participating in the Google Summer of Code (GSoC) Program for 2014 by acting as a ...
Read MoreIn a previous blog post, I provided "Method of Entry" analysis for a ColdFusion compromise baed on ...
Read MoreIn the last post we reviewed a few hardware implants that may have been used by surveillance states ...
Read MoreIn this episode we talk about Microsoft Patch Tuesday providing patches for an Internet Explorer ...
Read MoreA lot has already been said about CVE-2014-0502, the Adobe Flash Player zero-day that was part of a ...
Read MoreThere were news stories this week outlining how attackers are abusing the XML-PRC "pingback" ...
Read MoreThis is the first in a series of four blog posts that will cover defenses and detection methods for ...
Read MoreMarch's Patch Tuesday includes five bulletins, two rated "Critical" and three rated "Important". ...
Read MoreThis is the third and final part on the subject of Touchlogging. I do recommend reading part one ...
Read MoreIn this episode we talk about a new Russian rootkit called Uroburos, another bitcoin exchange ...
Read MoreThis is part two in my Touchlogging series, you can find part one here.
Read MoreThe Microsoft Security release for March will include patches for Windows, Internet Explorer and ...
Read More