WASC Distributed Web Honeypots Project Update
As the WASC Distributed Web Honeypots Project Sponsor, we are excited to announce that we have ...
Read More[Honeypot Alert] Status Report for January 2012
Monthly Web Honeypot Status Report We have received a tremendous amount of positive feedback on our ...
Read MoreClarifying The Trustwave CA Policy Update
We've seen a number of comments and questions on Twitter regarding a recent Trustwave CA Policy ...
Read MoreIsland Hopping the SpiderLabs Way
More and more, I find myself having to fight with highly segmented networks and ACL's. As a ...
Read MoreHOIC DDoS Analysis and Detection
In a previous blog post, we provided details of a DDoS attack tool called LOIC (Low Orbit Ion ...
Read MoreCuckoo for Cuckoo Box
Cuckoo Sandbox is an automated, open source, malware analysis system that started as a Google ...
Read MoreTWSL2012-002: Multiple Vulnerabilities in WordPress
Trustwave SpiderLabs has published a new advisory today for multiple vulnerabilities discovered in ...
Read MoreOn Null Byte Poisoning and XPath Injection
Recently I released a tool called XMLmao, a configurable testbed for learning to exploit XPath ...
Read More[Honeypot Alert] Simple Page Options Module for Joomla! Local File Inclusion Attack Detected
Our web honeypots generated the following ModSecurity alert today:
Read MoreAndroid IRC Bot - This Ain't Your Granny's Android Malware (Or Maybe It Is)
As I'm sure many of you know, the rise of mobile-based malware has been on the rise for some time ...
Read More[Honeypot Alert] phpMyAdmin Superglobal Session Manipulation Attack Detected
Our web honeypots have identified attempts to exploit CVE-2011-2505. OSVDB lists the vulnerabilty ...
Read More[Honeypot Alert] Is-human Wordpress Plugin Remote Command Execution Attack Detected
Our web honeypot logs picked up an attack aimed at exploiting the Is-human Wordpress Plugin Remote ...
Read MoreScripting Metasploit using MSGRPC
While there are many aspects of network pen testers that sets the good testers apart from the bad, ...
Read More[Honeypot Alert] Extensive 'setup.php' Scanning Detected
The SpiderLabs Research Team has identified an extensive scanning campaign which aims to enumerate ...
Read MoreMicrosoft Patch Tuesday (January 2012): Media Player and The BEAST
The statisticians over at the Patch Tuesday Farmer's Almanac are saying that 7 bulletins in January ...
Read More[Honeypot Alert] Multiple Local File Inclusion Attacks
Our web server honeypot log analysis has picked up some targeted local file inclusion (LFI) attacks ...
Read MoreModSecurity Mitigations for ASP.NET HashTable DoS Vulnerability (CVE-2011-3414)
ThreatPost had a news story today about PoC code that was released to the full disclosures ...
Read MoreIntroducing SQLol
At the most recent Austin Hackers Association meeting I unveiled a project I've been working on for ...
Read MoreModSecurity Advanced Topic of the Week: Mitigation of 'Slow Read' Denial of Service Attack
Slow-Read DoS Attack Background Another tweak in the ongoing "Slow" DoS attacks has emerged this ...
Read MoreVirtual Patch for ASP.Net Forms Authentication Bypass Vulnerability (CVE-2011-3416)
Last Thursday, Microsoft released an out-of-band security patch (MS11-100) which includes a fix for ...
Read More[Honeypot Alert] phpThumb() 'fltr[]' Parameter Command Injection Detected
The SpiderLabs Research Team has identified active scanning for the phpThumb() 'fltr[]' Parameter ...
Read More[Honeypot Alert] Plone and Zope Remote Command Execution Detected
We have identified active scanning for the recent Plone and Zope Remote Command Execution ...
Read MoreTWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin
The Spiderlabs team at Trustwave published a new advisory for a Cross-Side-Scripting (XSS) found in ...
Read MoreTWSL2011-018: Authentication Bypass Vulnerability in IBM TS3100/TS3200 Web User Interface
The Spiderlabs team at Trustwave published a new advisory for a authentication bypass finding found ...
Read More[Honeypot Alert] User Agent Field Arbitrary PHP Code Execution
While reviewing today's web honeypot logs, SpiderLabs Research identified two new attack variations.
Read MoreAnnouncing Release of OWASP ModSecurity Core Rule Set v2.2.3
The SpiderLabs Research Team is pleased to announce the ModSecurity OWASP Core Rule Set v2.2.3 ...
Read More