Microsoft Encrypted Restricted Permission Messages Deliver Phishing
May 24, 2023 | Phil Hay, Rodel Mendrez
Over the past few days, we have seen phishing attacks that use a combination of ...
From Response To Request, Adding Your Own Variables Inside Of GraphQL Queries For Account Take Over
May 23, 2023 | Tom Neaves
For those wondering what GraphQL is…
When User Impersonation Features In Applications Go Bad
May 18, 2023 | Tom Neaves
A user impersonation feature typically allows a privileged user, such as an ...
Abusing Time-Of-Check Time-Of-Use (TOCTOU) Race Condition Vulnerabilities in Games, Harry Potter Style
May 16, 2023 | Tom Neaves
I feel I need to clarify, for legal reasons, that this is nothing to do with ...
Rendezvous with a Chatbot: Chaining Contextual Risk Vulnerabilities
May 11, 2023 | Abeer Banerjee
Ignoring the little stuff is never a good idea. Anyone who has pretended that ...
Why It’s Important to Change Default Credentials
May 03, 2023 | Dhervesh Singh
Security best practice guidelines always call for changing default passwords as ...
Dissecting Buffer Overflow Attacks in MongoDB
April 19, 2023 | Bilal Siddiqui
Towards the end of 2020, a new vulnerability in MongoDB was found and ...
CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd
April 13, 2023 | Tom Neaves
A little bit of background for those not familiar with chfn…
Deobfuscating the Recent Emotet Epoch 4 Macro
April 04, 2023 | Rodel Mendrez, Joshua Deacon
In early March, one of the notorious botnets, Emotet, resumed its spamming ...
Rilide: A New Malicious Browser Extension for Stealing Cryptocurrencies
April 04, 2023 | Pawel Knapczyk, Wojciech Cieslak
Trustwave SpiderLabs uncovered a new strain of malware that it dubbed Rilide, ...
Trustwave Action Response: Supply Chain Attack Using 3CX PABX Software
March 31, 2023 | Karl Sigler
Overview On March 29, a massive supply chain compromise in 3CX software ...
Anonymous Sudan: Religious Hacktivists or Russian Front Group?
March 30, 2023 | SpiderLabs Researcher
The Trustwave SpiderLabs research team has been tracking a new threat group ...
2023 Tax Scam Emails Exposed: Unmasking Deceptive Trends
March 29, 2023
Tax season is a busy time of year for taxpayers and threat actors. Consumers ...
ChatGPT: The Right Tool for the Job?
March 23, 2023 | Dustin Dugal Jose Tozo
Since it was first released to the public late last year, ChatGPT has ...
BlackGuard stealer extends its capabilities in new variant
March 23, 2023 | Ofer Caspi
LevelBlue Labs researchers have discovered a new variant of BlackGuard stealer ...
OneNote Spear-Phishing Campaign
March 09, 2023 | Reegun Jayapaul
Trustwave SpiderLabs “noted” in Part 1 and Part 2 of our OneNote research that ...
A Noteworthy Threat: How Cybercriminals are Abusing OneNote – Part 1
March 08, 2023 | Bernard Bautista
Introduction Threat actors are taking advantage of Microsoft OneNote's ability ...
A Noteworthy Threat: How Cybercriminals are Abusing OneNote – Part 2
March 08, 2023 | Bernard Bautista
In part one, we examined how threat actors abuse a OneNote document to install ...
Network Map NMAP Meets ChatGPT
February 16, 2023 | Dhervesh Singh
We’ve now seen a number of different use cases for ChatGPT from marketing, ...
Bypassing MFA: A Forensic Look at Evilginx2 Phishing Kit
February 10, 2023 | Carly Battaile
Recently, Stroz Friedberg Incident Response Services encountered an increase in ...
HTML Smuggling: The Hidden Threat in Your Inbox
February 09, 2023 | Bernard Bautista, Diana Lopera
Last October, LevelBlue SpiderLabs blogged about the use and prevalence of HTML ...
Money Lover App Vulnerability Exposes Personal Info
February 07, 2023 | Troy Driver
An information disclosure vulnerability has been identified in Money Lover, a ...
AgentVX and Taurus
February 03, 2023 | Zachary Reichert
In 2021, Stroz Friedberg Incident Response Services team (Stroz Friedberg) ...
Vulnerability Causing Deletion of All Users in CrushFTP Admin Area
February 02, 2023 | Jean Calvin Mugabo
During a recent penetration test, Trustwave SpiderLabs researchers discovered a ...
CVE-2022-43704 - Capture-Replay Vulnerability in Sinilink XY-WFT1 Thermostat
January 12, 2023 | Victor Hanna
Trustwave SpiderLabs has found a vulnerability in the Sinilink XY-WFT1 Remote ...
2022 Year in Review: Ransomware
January 05, 2023 | Greg Monson
With 2022 having just ended, let's take a look back at the year in ransomware. ...
Malicious Macros Adapt to Use Microsoft Publisher to Push Ekipa RAT
December 21, 2022 | Wojciech Cieslak
After Microsoft announced this year that macros from the Internet will be ...
ChatGPT: Emerging AI Threat Landscape
December 20, 2022 | Damian Archer
ChatGPT has been available to the public since November 30, 2022. Since then, ...