Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails
Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that ...
Read MoreStay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
How Threat Actors Conduct Election Interference Operations: An Overview
The major headlines that arose from the three most recent US presidential election cycles ...
Read MoreFeline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)
Introduction In the perpetually evolving field of cybersecurity, new threats materialize daily. ...
Read MorePronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader
Trustwave's Threat Intelligence team has discovered a new malware dubbed Pronsis Loader, with its ...
Read MoreWhat We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177
On September 26, 2024, security researcher Simone Margaritellidisclosed the details of four ...
Read MoreHTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content
HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ ...
Read MoreSpam With A Political Twist: Fraudsters Are Exploiting The Election Season
The US election is less than 70 days away and threat actors are busy crafting malicious spam that ...
Read MoreDistributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media
With the US election on the horizon, it’s a good time to explore the concept of social media ...
Read MoreExploring an Experimental Windows Kernel Rootkit in Rust
Around two years ago, memN0ps took the initiative to create one of the first publicly available ...
Read MoreHypervisor Development in Rust for Security Researchers (Part 1)
In the ever-evolving field of information security, curiosity and continuous learning drive ...
Read MoreDeep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928
In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It ...
Read MoreTrustwave Rapid Response: Mitigate Windows TCP/IP RCE Vulnerability (CVE-2024-38063)
Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that ...
Read MoreFake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor
During a recent client investigation, Trustwave SpiderLabs found a malicious version of the ...
Read MoreCyber Exterminators: Monitoring the Shop Floor with OT Security
Pressure is increasing on manufacturers to monitor their shop floors for malicious activity to ...
Read MoreFake Dialog Boxes to Make Malware More Convincing
Let’s explore how SpiderLabs created and incorporated user prompts, specifically Windows dialog ...
Read MoreCVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway
UPDATE: Palo Alto Networks confirmed on Tuesday (4/16) that disabling device telemetry is no longer ...
Read More