[Honeypot Alert] Awstats Command Injection Scanning Detected
Issue Detected Our daily web honeypot analysis has detected an increase in scanning looking for ...
Read MoreIssue Detected Our daily web honeypot analysis has detected an increase in scanning looking for ...
Read MoreThis Patch Tuesday, there are 3 new Critical and 10 new Important Bulletins. With this many ...
Read MoreOur web honeypot analysis today detected scanning looking for SQL Injection flaws in a number of ...
Read MoreOur web honeypot analysis today detected scanning looking for SQL Injection flaws in a number of ...
Read MoreJoomla Component LFI Vulnerabilities Joomla has hundreds of Controller components. Check out the ...
Read MoreLast week, it was Microsoft's Patch Tuesday! For November, Microsoft released one "critical" ...
Read MoreRecent reports of the zero-day exploit found in the Win32k True Type Font Parsing engine and ...
Read MoreRecently I got the chance to dig into a nice little piece of Android spyware, commonly known as ...
Read MoreAs you may have heard, Trustwave recently announced the availability of commercial rules and ...
Read MoreRecently I've been writing a talk called "Authentication Bypass Zoo: Pwnage and Poetry 2" which ...
Read MoreWay back in August 2011, myself and Sean Schulte gave a presentation at DEF CON 19 called "This is ...
Read MoreThe Spiderlabs team at Trustwave published a new advisory today which detail issues discovered in ...
Read MoreModSecurity is the most popular open source web application firewall (WAF) deployed today. We ...
Read MoreAt DEF CON 19, I showed a project that uses an LED matrix to display network sessions. The goal of ...
Read MoreJust this week, we were asked to help out with some "TCP weirdness" that was identified out on a ...
Read MoreRemote file inclusion (RFI) is a popular technique used to attack web applications (especially php ...
Read MoreThere's been a lot of talk the past week or so about Morto. For those unfamiliar or unaware, Morto ...
Read MoreThis is a follow-up to a previous blog post entitled "Real-time Application Profiling" that ...
Read MoreUPDATE - since this original post, we added new data manipulation capabilities to v2.6.0 with the ...
Read MoreUpdate After deeper research into the underlying vulnerability and analyzing customer traffic, ...
Read MoreUPDATE - since this original post, we added new exception handling capabilities to v2.6.0 which are ...
Read MoreOver the past few days in the UK we have been bombarded with arguments and debates over the use of ...
Read MoreAutomated Virtual Patching Example Script
Read MoreThis is an updated section from my previous book Preventing Web Attacks with Apache and discusses a ...
Read MoreThomas Wilhelm, Sr. Security Consultant at Trustwave SpiderLabs, revealed a proof of concept this ...
Read MoreThe SpiderLabs team at Trustwave published a new advisory today, which details an issue identified ...
Read MoreTrustwave SpiderLabs recently released an advisory (TWSL2011-007) regarding improper x509 ...
Read More