TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow sFlow Analyzer
The SpiderLabs team at Trustwave published a new advisory today, which details four vulnerabilities ...
Read MoreAnnouncing the availability of ModSecurity extension for IIS
This blog post has also been posted on the Microsoft Security Research and Defense site: By: Greg ...
Read MorePenTest Manager 2.0 - Attack Sequences
Trustwave recently launched PenTest Manager 2.0, a major enhancement of the innovative Trustwave ...
Read MoreReducing web application attack surface
For as long as companies rely on web sites to do business with their customers and partners, ...
Read MoreSpiders are FUN! Party at DEF CON
Hey folks! This week a fair amount of us (15k) are heading to Vegas for Black Hat / BSides / DEF ...
Read MoreBeyond Apache: ModSecurity for IIS/Nginx is Coming
The Trustwave SpiderLabs Research Team is proud to announce that, through a collaboration with the ...
Read MoreSpam Down II: Grum Down
So the media is abuzz with news of the takedown of the Grum botnet, which has caused a big ...
Read MorePentesting like an Eastern European
Through SpiderLabs' Incident Response and Penetration Testing services we get a chance to both ...
Read MoreSpam Down: Where is Lethic?
At Trustwave SpiderLabs we keep a close eye on spam trends. We keep and publish a bunch of ...
Read MoreHashcat Per Position Markov Chains
I just wanted to let you guys know about some interesting work Atom has been doing recently with ...
Read MoreWhat did the Java applet say to the SWF? Don't leave me alone in this Blackholeee!
Last week as we were analyzing the new version of Blackhole with the new Java exploit ...
Read MoreConference tips from your friends at Trustwave SpiderLabs
We are quickly approaching the largest security conference week on the planet. July 25th will start ...
Read MoreMicrosoft Patch Tuesday July 2012 – TLS and Office for Mac?
We have nine bulletins to deal with this month three of which are rated critical. One of those ...
Read MoreAnalyzing PDF Malware - Part 3C
Let me explain, no there is too much, let me sum up… This is part 3C in the ongoing saga of the ...
Read MoreHow much data? Apache, Ubuntu and the Lies of the Logs.
Forensic investigators rely heavily on log file data in order to analyse attacks and draw ...
Read MoreApex Secure Coding Considerations
Apex is an on-demand language that extends the Force.com platform by providing the ability to write ...
Read MoreStolen Laptop Recovery via OSX Trap Partition
My Macbook Air has 2 partitions, one that is my normal everyday partition that is encrypted with ...
Read MoreWham Bam, the Cutwail/Blackhole Combo
Over the past few weeks we have seen a resurgence of malicious spam with links leading off to the ...
Read MoreOops, I pwned your router- Part One
Embedded computing is very much about making a computer as small as possible, yet still being able ...
Read MoreAnalyzing PDF Malware - Part 3B
Down that dusty trail… As the big blue letters above state, this is part 3B of the Analyzing PDF ...
Read MoreeHarmony Password Dump Analysis
Unless you've been hauled up in a bunker, eating MREs and watching Doomsday Preppers marathons, ...
Read MoreI Forgot Your Password
I'm now going into my second year in application security, and as I learn more and more, my ...
Read MoreSecurity Capture the Flag Competitions
Many people look at capture the flag competitions with varying reactions. Some look at them as ways ...
Read MoreFive E-Commerce Security Myths (Part 2)
In part 1 of this series I gave an introduction into how most merchants accept payments and how ...
Read MoreFive E-Commerce Security Myths (Part 1)
Compromises of e-commerce websites are increasingly common. In our 2012 Global Security Report we ...
Read MoreCVSS for Penetration Test Results (Part I)
Trustwave has been adding support for the Common Vulnerability Scoring System (CVSS) in PenTest ...
Read MoreMetasploit = tips, tricks, hashes and tokens
Metasploit is one of the many tools that can be used during a penetration test, and it actually ...
Read More