Too XXE For My Shirt
Until tonight, I'd never gotten a chance to try an xml external entity (XXE) attack. Earlier, I was ...
Read More“Catch Me If You Can” Trojan Banker Zeus Strikes Again (Part 4 of 5)
This is the fourth part in a series of blogs. The prior blogs describe the technical details of the ...
Read More“Catch Me If You Can” Trojan Banker Zeus Strikes Again (Part 1 of 5)
In the next series of blogs we will describe in detail an attack from one of the most sophisticated ...
Read MoreIt Takes Two to Tango (myself, and your unprotected file share)
BananaStand learned from last time (to see last time, go here ). Systems were patched, ACL's were ...
Read MoreBypass Vulnerabilities in Squid and McAfee Web Access Gateway
About two weeks ago, a Brazilian security researcher by the name of Gabriel Menezes Nunes released ...
Read MoreMicrosoft Patch Tuesday: Help Is On The Way!
This may sound a bit odd but "nosteve" who usually gives his take on the patch Tuesday release is ...
Read MoreTHOTCON 0x3 - Hacker Brew Contest
This year's instantiation of the THOTCON hacking conference issued a unique challenge:
Read MoreTWSL2012-004: Multiple Vulnerabilities in Zen Cart
The SpiderLabs team at Trustwave published a new advisory yesterday, which details multiple ...
Read MorePHP-CGI Exploitation by Example
Late last week, a vulnerability in PHP-CGI was disclosed, which allows all sorts of bad for folks ...
Read More[Honeypot Alert] (UPDATE) Active Exploit Attempts for PHP-CGI Vuln
UPDATE - we have received more exploit attempt details from web hosting provider DreamHost. Thanks ...
Read MoreA Wild Exploit Kit Appears... Meet RedKit
During our research we have recently encountered a new private exploit kit. The developers behind ...
Read MoreRedKit Payload - Binary Fun
Before I jump into this blog post, I'd like to point out some interesting developments with the ...
Read MoreRecent Mass SQL Injection Payload Analysis
There have been a number of mass SQL Injection campaigns targeting ASP/ASP.Net/MS-SQL sites over ...
Read MoreUpdate from Trustwave SpiderLabs EMEA, London
It was a hectic week in London. In case you hadn't heard its was InfoSec Europe week, but we were ...
Read MoreBrazilian Banking Malware: Pay Your Bill Slacker!
I recently got wind of an interesting little sample that I believe originated as part of a ...
Read MoreWinning! PenTest Manager pwns SC Europe Innovation Award
We Won! :-) Thanks to all the hard work of the Trustwave's Engineering teams, IT, SpiderLabs, and ...
Read MoreWordPress 3.3.2 Addresses Setup XSS Vulnerabilities
Back in January we released a security advisory for WordPress, which included four vulnerabilities ...
Read MorePwning a Spammer's Keylogger
Recently, while scrounging around our spam traps, I spotted this ordinary piece of malicious spam. ...
Read MoreOnce Again Cutwail Spam Campaign Ends Up In Phoenix Exploit Kit
In the past few months, a certain cybercrime group operates a large stable malware infrastructure, ...
Read MoreCome and Join Us at InfoSecurity
This week we will be presenting and speaking at InfoSecurity, Europe's No.1 Information Security ...
Read MoreTWSL2012-012: Cross-Site Scripting Vulnerability in Support Incident Tracker
Trustwave SpiderLabs has published a new advisory today for a reflective Cross-Site Scripting ...
Read MoreSC Magazine Innovation Award Finalist - Trustwave SpiderLabs PenTest Manager
PenTest Manager, the cutting edge penetration test management and reporting platform used by ...
Read More[Honeypot Alert] Joomla com_s5clanroster Local File Inclusion Attacks
Our web honeypots picked up some increased scanning for the following Exploit-DB vulnerability:
Read MoreAustralian Apple Store Customers Targeted by Phishers
Recently, we came across a phishing attack targeting Australian Apple Store customers. The phishing ...
Read MoreSmart Meter Attacks: Old Vectors Die Hard
Much has been made of the recent attacks against a Puerto Rican utility's smart metering system, ...
Read MoreTWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow sFlow Analyzer
Trustwave SpiderLabs has published a new advisory yesterday for multiple vulnerabilities found in ...
Read More[Honeypot Alert] Zeroboard now_connect() Remote Code Execution Attacks
Our web honeypots recently identified attacks for CVE-2009-4834 which is a vulnerability within ...
Read MoreRCE root in all current Samba versions
While perusing the change log for the release of SAMBA that was pushed out today a member of the ...
Read More