Trojanized OneNote Document Leads to Formbook Malware
Cybercriminals have long used Microsoft documents to pass along malware and they are always ...
Read MoreGoing Mobile: BEC Attacks Are Moving Beyond Email
Recently, we’ve noticed an increase in user reports of SMS-based Business Email Compromise (BEC) ...
Read MoreBypassing 2FA Authentication with Evilginx2
Due to the increasing number of cyberattacks, particularly zero days, organizations are scrambling ...
Read More‘Tis the Season for Online Shopping and Phishing Scams
The 2022 holiday shopping season is here. Retailers’ discounts are kicking off early, and shoppers ...
Read MoreKillnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites
Pro-Russian threat actor group Killnet claims to have launched DDoS attacks against Starlink and ...
Read MoreEvolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program
Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed ...
Read MoreAutomating RDS Security Via Boto3 (AWS API)
When it comes to security in AWS, there is the shared responsibility model for AWS services, which ...
Read MoreDevelopment of the Ukrainian Cyber Counter-Offensive
Overview Russia’s military incursion against Ukraine began on February 24, 2022, with a massive ...
Read MoreDenial of Service and RCE in OpenSSL 3.0 (CVE-2022-3786 and CVE-2022-3602)
Overview On November 1 the OpenSSL Project released patches addressing the previously rated ...
Read MoreInsta-Phish-A-Gram
Following Trustwave SpiderLabs’ blog on social media-themed phishing on Facebook, comes another ...
Read MoreArchive Sidestepping Self-Unlocking Password-Protected RAR
Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in ...
Read MoreModSecurity Request Body Parsing: Recent Bypass Issues
Overview ModSecurity is an open-source web application firewall (WAF) engine maintained by ...
Read MoreHTML File Attachments: Still A Threat
Introduction This past month, Trustwave SpiderLabs observed that HTML (Hypertext Markup Language) ...
Read MorePost-Exploitation Persistent Email Forwarder in Outlook Desktop
There is an exploitation method that can automatically forward emails CC’d to external addresses ...
Read MoreTrustwave Action Response: Zero Day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019
Update Oct. 4: Microsoft released Security Update Guides for these two vulnerabilities.
Read MoreCVE-2022-37461: Two Reflected XSS Vulnerabilities in Canon Medical’s Vitrea View
Overview During a penetration test, Trustwave Spiderlabs’ researchers, Jordan Hedges and Avery ...
Read MoreRetaliation by the Pro-Russian Group KillNet
At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang - began actively ...
Read More2022 Trustwave SpiderLabs Telemetry Report
As organizations go about their regular routine of finding and adding new technologies to help ...
Read MoreOracle SBC: Multiple Security Vulnerabilities Leading to Unauthorized Access and Denial of Service
Oracle Communications Session Border Controller (SBC) is one of the most popular products worldwide ...
Read MoreOverview of the Cyber Weapons Used in the Ukraine - Russia War
Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks ...
Read MoreThe Price Cybercriminals Charge for Stolen Data
For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a ...
Read MoreIPFS: The New Hotbed of Phishing
A few months ago, we reported on an interesting site called the Chameleon Phishing Page. These ...
Read MoreWant To Become A Red Teamer? This Is What You Need To Know
Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the ...
Read MoreDecade Retrospective: The State of Vulnerabilities
Decade Retrospective: The State of Vulnerabilities The Spanish philosopher George Santayana is ...
Read MoreCVE-2022-29593- Authentication Bypass by Capture Replay (Dingtian-DT-R002)
In the OT space it is increasingly common to see devices that are used to bridge the gap between ...
Read MoreInteractive Phishing Mark II: Messenger Chatbot Leveraged in a New Facebook-Themed Spam
Facebook Messenger is one of the most popular messaging platforms in the world, amassing 988 ...
Read MoreThe Importance of White-Box Testing: A Dive into CVE-2022-21662
I want to take some time to explain the importance of using a white-box approach when testing ...
Read MoreModBus 101: One Protocol to Rule the OT World
Ever wondered how large-scale power plants monitor or control the myriad of systems that fill their ...
Read More