Trustwave's Action Response: More MSDT Fallout with “Dogwalk”
A zero-day vulnerability has been re-disclosed that is very similar to the Follina zero-day ...
Read MoreNot all "Internet Connections" are Equal
People commonly think that any “Internet Connection” is exactly the same, or they may be vaguely ...
Read MoreTrustwave's Action Response: Microsoft zero-day CVE-2022-30190 (aka Follina)
Update June 7 - In the event of a compromise related to the Follina vulnerability, IT teams can ...
Read MoreTrustwave's Action Response: Atlassian Confluence CVE-2022-26134
Updated June 5 - Atlassian issued a fix for CVE-2022-30190 for versions 7.4.17, 7.13.7, 7.14.3, ...
Read MoreGrandoreiro Banking Malware Resurfaces for Tax Season
Trustwave SpiderLabs in early April observed a Grandoreiro malware campaign targeting bank users ...
Read MoreInteractive Phishing: Using Chatbot-like Web Applications to Harvest Information
Phishing website links are commonly delivered via email to their respective targets. Once clicked, ...
Read MorePwnFox - An IDOR Hunter's Best Friend
Maybe I’m a bit late to the game on this one, but I recently discovered PwnFox and it has quickly ...
Read MoreTrustwave’s Action Response: F5 BIG-IP Vulnerability (CVE-2022-1388)
Trustwave SpiderLabs is tracking a new critical-rated vulnerability (CVE-2022-1388) affecting F5 ...
Read MoreStormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine
May 2 Stormous update: The Trustwave SpiderLabs team has noted Stormous’ underground website became ...
Read MoreTough Times for Ukrainian Honeypot?
Intro We've recently been inundated with news of increased cyberattacks and a general increase in ...
Read MoreTrustwave’s Action Response: CVE-2022-22965 and CVE-2022-22963
Update 4/1: This blog was updated to reflect the release of IDS and ModSecurity rules.
Read MoreCyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns
The Trustwave SpiderLabs email security team has been monitoring the ongoing Russia-Ukraine crisis ...
Read MoreVidar Malware Launcher Concealed in Help File
Appending a malicious file to an unsuspecting file format is one of the tricks our adversaries use ...
Read MoreTrustwave’s Action Response: The Lapsus$ Hacker Group Shows Us the Importance of Securing the Digital Supply Chain
Update March 24: This blog has been updated to reflect the new information provided by vendors ...
Read MoreDissecting a Phishing Campaign with a Captcha-based URL
In today’s environment, much of the population are doing their banking or financial transactions ...
Read MoreThe Attack of the Chameleon Phishing Page
Recently, we encountered an interesting phishing webpage that caught our interest because it acts ...
Read MoreA Simple Guide to Getting CVEs Published
We were once newcomers to the security research field and one of the most annoying problems we ran ...
Read MoreBypassing MFA: A Pentest Case Study
When a company implements multifactor authentication, the organization is usually confident that ...
Read MoreDark Web Insights: Evolving Cyber Tactics Aim to Impact the Russia-Ukraine Conflict
Update: March 9: Additional phishing emails have been sighted by Trustwave SpiderLabs researchers ...
Read MoreTrustwave’s Action Response: Russia-Ukraine Crisis – Defending Your Organization From Geopolitical Cybersecurity Threats
Feb. 28 Update: The latest economic sanctions imposed upon Russia could inspire that nation or ...
Read MoreFrom Stored XSS to Code Execution using SocEng, BeEF and elFinder CVE-2021-45919
Summary A stored cross-site scripting vulnerability, tracked as CVE-2021-45919, was identified in ...
Read MoreServiceNow - Username Enumeration Vulnerability (CVE-2021-45901)
During a recent engagement Trustwave SpiderLabs discovered a vulnerability (CVE-2021-45901) within ...
Read MoreCVE-2020-0696 - Microsoft Outlook Security Feature Bypass Vulnerability
Summary: During an investigation of a malware campaign, I discovered that multiple emails were ...
Read MoreTrustwave Action Response: Polkit Privilege Escalation Vulnerability - PwnKit (CVE-2021-4034)
Summary of Trustwave Actions (updated 1/26/2022): Trustwave security and engineering teams became ...
Read MoreTrustwave Threat Hunting Guide: Identifying PwnKit (CVE-2021-4034) Exploitation
The Trustwave Threat Hunting team has authored a practical guide to help the cybersecurity ...
Read MoreDark Web Recon: Cybercriminals Fear More Law Enforcement Action in the Wake of the REvil Takedown
In the wake of the takedown of the REvil/Sodinokibi ransomware gang by the Russian Federal Security ...
Read MoreDecrypting Qakbot’s Encrypted Registry Keys
Since the return of the Qakbot Trojan in early September 2021, especially through SquirrelWaffle ...
Read MoreCOVID-19 Phishing Lure to Steal and Mine Cryptocurrency
Recently, we observed a malware spam campaign leveraging the current COVID-19 situation. The emails ...
Read More