Announcing ModSecurity v2.7.6 Release (CI Platform Usage)
The ModSecurity Project team is pleased to announce public release version 2.7.6. Full Release ...
Read MoreThe Curious Case of the Malicious IIS Module: Prologue (Method of Entry Analysis)
Earlier this week, SpiderLabs Research team released a blog post outlining analysis of a malicious ...
Read MoreThe Kernel is calling a zero(day) pointer – CVE-2013-5065 – Ring Ring
SpiderLabs investigates a number of suspicious binary files on a daily basis. A week ago we came ...
Read MoreMicrosoft Patch Tuesday, December 2013
'Tis the season for an increase in cyber-criminal activities. In the past couple months, ...
Read MoreThe Curious Case of the Malicious IIS Module
Recently, we've seen a few instances of a malicious DLL that is installed as an IIS module making ...
Read MoreMicrosoft Advance Notification for December 2013
On December 10th, Microsoft will begin deploying their security updates to consumers with affected ...
Read MorePhysical Address Strangeness in Spam
Ten years ago, Congress passed the "CAN-SPAM Act" (also known as theYou-CAN-SPAM Act, since it ...
Read MoreHacking a Reporter: Sleepless Nights Outside a Brooklyn Brownstone (Part 3 of 3)
This post is the conclusion of a three-part series (read the first here and the second here) that ...
Read MoreLook What I Found: Moar Pony!
In our last episode of "Look What I Found" we talked about a fairly large instance of the Pony ...
Read More[Honeypot Alert] More PHP-CGI Scanning (apache-magika.c)
In the past 24 hours, one of the WASC Distributed Web Honeypot participant's sensors picked up ...
Read MoreSpiderLabs Responder Updates
Responder is a penetration-testing tool in active development. To continue making it the best tool ...
Read MoreSpam Triple Threat: Voice Message, Important System Update, and DHL Delivery spam campaign.
This week we discovered a large malware spam campaign that used the Zbot Trojan executable. It ...
Read MoreVulnerability in RiskNet Acquirer (TWSL2013-031)
Last week we released an advisory for a vulnerability discovered in the RiskNet Acquirer ...
Read MoreMalicious shells; Established != Active
During a recent investigation, SpiderLabs was presented with evidence that appeared to be ...
Read MoreTutorial for NTDS goodness (VSSADMIN, WMIS, NTDS.dit, SYSTEM)
I recently performed an internal penetration test where the NTDS.dit file got me thousands of ...
Read MoreSpiderLabs Radio November 15, 2013 w/ Space Rogue
This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave ...
Read MoreTrustwave SpiderLabs at OWASP’s AppSec USA 2013
Will you be at the OWASP Foundation's AppSec USA event next week in New York City? If so, be sure ...
Read MoreMicrosoft Patch Tuesday, November 2013
Most of us thought this would be an easymonth with only eight bulletins to deal with and only three ...
Read MoreSpiderLabs Radio November 8, 2013 w/ Space Rogue
This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave ...
Read MoreHacking a Reporter: Writing Malware For Fun and Profit (Part 2 of 3)
Matthew Jakubowski (@jaku) contributed to the writing of this blog post.
Read MoreMicrosoft Advance Notification for November 2013
Microsoft will release eight bulletins for Patch Tuesday inNovember. Four of them will result in ...
Read MoreSpiderLabs Radio November 1, 2013 w/ Space Rogue
This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave ...
Read MoreHacking a Reporter: Writing Malware For Fun and Profit (Part 1 of 3)
Matthew Jakubowski (@jaku) contributed to the writing of this blog post.
Read MoreSpiderLabs Radio October 25, 2013 w/ Space Rogue
This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave ...
Read MorePHP.Net Site Infected with Malware
Earlier today, users attempting to access the www.php.net site were met with malware warnings from ...
Read MoreCard Data Siphon with Google Analytics
The introduction of EMV (Chip &Pin) payment devices in 2003 resulted in a rapid decline in ...
Read MoreSpiderLabs Radio October 18, 2013 w/ Space Rogue
This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave ...
Read MoreFingerprinting Ubuntu OS Versions using OpenSSH
Over the past couples weeks, I've been working on enhancingthe operating system detection logic in ...
Read More