[Honeypot Alert] Awstats Command Injection Scanning Detected

Issue Detected Our daily web honeypot analysis has detected an increase in scanning looking for ...

Read More

Microsoft Patch Tuesday, December 2011

This Patch Tuesday, there are 3 new Critical and 10 new Important Bulletins. With this many ...

Read More

[Honeypot Alert] WordPress/Joomla/Mambo SQL Injection Scanning Detected

Our web honeypot analysis today detected scanning looking for SQL Injection flaws in a number of ...

Read More

[Honeypot Alert] WordPress/Joomla/Mambo SQL Injection Scanning Detected

Our web honeypot analysis today detected scanning looking for SQL Injection flaws in a number of ...

Read More

[Honeypot Alert] Mass Joomla Component LFI Attacks Identified

Joomla Component LFI Vulnerabilities Joomla has hundreds of Controller components. Check out the ...

Read More

Trustwave Protections Deployed: MS11-083

Last week, it was Microsoft's Patch Tuesday! For November, Microsoft released one "critical" ...

Read More

Trustwave Protections Deployed: Duqu

Recent reports of the zero-day exploit found in the Win32k True Type Font Parsing engine and ...

Read More

NickiSpy.C - Android Malware Analysis Demo

Recently I got the chance to dig into a nice little piece of Android spyware, commonly known as ...

Read More

ModSecurity Advanced Topic of the Week: Commercial Rules Overview

As you may have heard, Trustwave recently announced the availability of commercial rules and ...

Read More

Interesting Authentication Bypass Vulnerabilities

Recently I've been writing a talk called "Authentication Bypass Zoo: Pwnage and Poetry 2" which ...

Read More

Google Android Focus Stealing Vulnerability Demo

Way back in August 2011, myself and Sean Schulte gave a presentation at DEF CON 19 called "This is ...

Read More

TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server

The Spiderlabs team at Trustwave published a new advisory today which detail issues discovered in ...

Read More

Analyzing PDF Malware - Part 1

Background

Read More

Trustwave Releases New ModSecurity Rules and Support

ModSecurity is the most popular open source web application firewall (WAF) deployed today. We ...

Read More

Blinkie Lights howto by nosteve

At DEF CON 19, I showed a project that uses an LED matrix to display network sessions. The goal of ...

Read More

Advanced BNAT in the Wild

Just this week, we were asked to help out with some "TCP weirdness" that was identified out on a ...

Read More

ModSecurity Advanced Topic of the Week: Remote File Inclusion Attack Detection

Remote file inclusion (RFI) is a popular technique used to attack web applications (especially php ...

Read More

Morto: More than Meets the Eye

There's been a lot of talk the past week or so about Morto. For those unfamiliar or unaware, Morto ...

Read More

Implementing AppSensor Detection Points in ModSecurity

This is a follow-up to a previous blog post entitled "Real-time Application Profiling" that ...

Read More

Detecting Malice with ModSecurity: (Updated) CSRF Attacks

UPDATE - since this original post, we added new data manipulation capabilities to v2.6.0 with the ...

Read More

(Updated) Mitigation of Apache Range Header DoS Attack

Update After deeper research into the underlying vulnerability and analyzing customer traffic, ...

Read More

ModSecurity Advanced Topic of the Week: (Updated) Exception Handling

UPDATE - since this original post, we added new exception handling capabilities to v2.6.0 which are ...

Read More

What Do Bug Bounties Cover?

Over the past few days in the UK we have been bombarded with arguments and debates over the use of ...

Read More

ModSecurity Advanced Topic of the Week: Automated Virtual Patching Script

Automated Virtual Patching Example Script

Read More

ModSecurity Advanced Topic of the Week: Audit Log Searching with ModGrep

This is an updated section from my previous book Preventing Web Attacks with Apache and discusses a ...

Read More

Auto-BAHN: Using Smart phones to create emergency, ad hoc networks

Thomas Wilhelm, Sr. Security Consultant at Trustwave SpiderLabs, revealed a proof of concept this ...

Read More

TWSL2011-008: Focus Stealing Vulnerability in Android

The SpiderLabs team at Trustwave published a new advisory today, which details an issue identified ...

Read More

Regression Workaround for TWSL2011-007: The iOS SSL Validation Vulnerability (UPDATED)

Trustwave SpiderLabs recently released an advisory (TWSL2011-007) regarding improper x509 ...

Read More