Announcing Release of OWASP ModSecurity Core Rule Set v2.2.0
The ModSecurity Development Team is pleased to announce the release of the OWASP ModSecurity Core ...
Read MoreAnalysis and Evolution of MacDefender OS X Fake AV Scareware
Over the last month, a new fake AV scareware variant has been circulating for OS X which has been ...
Read MoreAnnouncing Release of ModSecurity v2.6.0
The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.6.0 ...
Read MoreNational Cyber Safety Awareness Day is May 17th
We're taking a short break from our normal technical posts to write about "National Cyber Safety ...
Read MoreAnalyzing Malware Hollow Processes
The Malware Analyst's Cookbook is a great book. In it the authors talked about an interesting ...
Read MoreLatest Web Hacking Incident Database (WHID) Entries
These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) ...
Read MoreUnicode Visual Spoofing for Good: Confusable CAPTCHAs
In this blog post, I will show a proof of concept method of leveraging Unicode Visual ...
Read MoreLatest Web Hacking Incident Database (WHID) Entries (1)
These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) ...
Read MoreModSecurity Advanced Topic of the Week: Passive Vulnerability Scanning Part 2 - Watcher Checks
In a previous blog post entitled "ModSecurity Advanced Topic of the Week: Passive Vulnerability ...
Read MoreLatest Web Hacking Incident Database (WHID) Entries(2)
These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) ...
Read MoreReaching Trustwave's WebDefend Minus World
So my inbox lit up today with a Full Disclosure note about a vulnerability in Trustwave's ...
Read MoreDetecting Malice with ModSecurity: Request Method Anomalies
This week's installment of Detecting Malice with ModSecurity will discuss how to detect HTTP ...
Read MoreWho's in the Driver's Seat?
Events over the last seven days have dramatically underlined the pitfalls and difficulties of ...
Read MoreLatest Web Hacking Incident Database (WHID) Entries (3)
These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) ...
Read MoreModSecurity Advanced Topic of the Week: Integrating IDS Signatures
Snort Web Attack Rules You may be familiar with the Emerging Threats project. They have a few Snort ...
Read MoreModSecurity 2.6.0-rc1 is now available
The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.6.0-rc1 ...
Read MoreLatest Web Hacking Incident Database (WHID) Entries (4)
These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) ...
Read MoreSecuring the Fifth Domain
In May 2010, the final disappearance of the line between physical and virtual security became ...
Read MoreModSecurity Advanced Topic of the Week: Integrating Content Security Policy (CSP)
Mozilla's Content Security Policy (CSP) Mozilla has developed a fantastic security capability into ...
Read MoreLatest Web Hacking Incident Database (WHID) Entries (5)
These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) ...
Read MoreCSS and XSS in Melodious Harmony
Web application penetration testers, have you ever run into a situation where you can inject into ...
Read MoreModSecurity Advanced Topic of the Week: Malware Link Removal
This is a follow-up post to ModSecurity Advanced Topic of the Week: Malware Link Detection in which ...
Read MoreDefective By Design? - Certificate Revocation Behavior In Modern Browsers
With the recent fraudulent certificate incident involving one of Comodo's RAs there is a renewed ...
Read MoreLatest Web Hacking Incident Database (WHID) Entries(6)
These are the lastest entries added by SpiderLabs to the Web Application Security Consortium (WASC) ...
Read MoreModSecurity Update: Increasing Community Involvement
New Licensing Trustwave is commited to the development of the ModSecurity project and in supporting ...
Read MoreModSecurity Advanced Topic of the Week: New Community Contribution - cmdLine Transformation Function
Community Contribution - cmdLine This week's topic highlights a community contribution by long time ...
Read MoreSpiderLabs Radio Updated - Hack It! Edition for February 2011
A new SpiderLabs Radio - Hack It! Edition podcast has been uploaded.
Read More