Law Enforcement Collaboration Has Eastern-European Cybercriminals Questioning Whether There Is A Safe Haven Anymore
December 08, 2021 | Trustwave SpiderLabs
Through the active Dark Web research that Trustwave SpiderLabs conducts for its ...
ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)
November 24, 2021 | Trustwave SpiderLabs
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...
LevelBlue Labs finds new Golang malware (BotenaGo) targeting millions of routers and IoT devices with more than 30 exploits
November 11, 2021 | Ofer Caspi
Executive summary LevelBlue Labs™ has found new malware written in the open ...
CrypKey License Service Allows Privilege Escalation
November 04, 2021 | Martin Rakhmanov
Overview CrypKey (https://www.crypkey.com/) is a third-party licensing service ...
Code similarity analysis with r2diaphora
October 27, 2021 | Fernando Dominguez
Executive summary Binary diffing, a technique for comparing binaries, can be a ...
A Handshake with MySQL Bots
October 14, 2021 | Radoslaw Zdonczyk
Edge Services It’s well known that we just don’t put services or devices on the ...
How Lack of Awareness and Clinging to the Past Threaten Your Networks
September 09, 2021 | John Anderson
The security landscape is always changing. New features are coming out all the ...
TeamTNT with new campaign aka "Chimaera"
September 08, 2021 | Ofer Caspi
Executive summary LevelBlue Labs™ has discovered a new campaign by threat group ...
SQL Injection in WordPress Plugins: ORDER and ORDER BY as Overlooked Injection Points
August 06, 2021 | Martin Vierula
Trustwave SpiderLabs recently undertook a survey of some 100 popular WordPress ...
Telegram Self-Destruct? Not Always
August 05, 2021 | Reegun Jayapaul
Summary Secret-Chats in Telegram use end-to-end encryption, which is meant for ...
New sophisticated RAT in town: FatalRat analysis
August 02, 2021 | Ofer Caspi
This blog was written by Ofer Caspi and Javi Ruiz.
Vulnerability in ON24 Plugin for macOS Shares More Than Just Your Screen
July 21, 2021 | Martin Rakhmanov
ON24 presenter mode requires you to install a plugin that is used to share your ...
Compromising a Network Using an "Info" Level Finding
July 21, 2021 | John Anderson
Anyone who has ever read a vulnerability scan report will know that scanners ...
Patch Tuesday, July 2021
July 13, 2021 | Karl Sigler
We're a little over halfway through the year now as July's Patch Tuesday is ...
ModSecurity v3 and URI Fragments
July 08, 2021 | Martin Vierula
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...
Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails
July 07, 2021 | Rodel Mendrez, Nikita Kazymirskyi
On, July 2nd, a massive ransomware attack was launched against roughly 60 ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
REvil’s new Linux version
July 01, 2021 | Fernando Martinez
This blog was jointly authored with Ofer Caspi.
Yet Another Archive Format Smuggling Malware
June 24, 2021 | Diana Lopera
The use of novel disk image files to encapsulate malware distributed via spam ...
Darkside RaaS in Linux version
June 22, 2021 | Ofer Caspi
Executive summary LevelBlue Labs recently analyzed the Linux version of the ...
Thousands of Vulnerable VMWare vCenter Servers Still Publicly Exposed (CVE-2021-21985, CVE-2021-21986)
June 14, 2021 | Jason Villaluna
Background On May 25th, 2021, VMWare released patches to address ...
Malware hosting domain Cyberium fanning out Mirai variants
June 14, 2021 | Fernando Martinez
Executive summary LevelBlue Labs has observed the Mirai variant botnet, known ...
Patch Tuesday, June 2021
June 08, 2021 | Karl Sigler
Summer is officially here and with it June's Patch Tuesday. This is a ...
Huawei LTE USB Stick E3372: From File Overwrite to Code Execution
June 02, 2021 | Martin Rakhmanov
In today's world, more and more devices are connected to the Internet for ...
Web Applications and Internal Penetration Tests
May 25, 2021 | Bruno Oliveira
Until recently, I really didn't care about web applications on an internal ...
AWS IAM security explained
May 24, 2021 | Fernando Martinez
Executive summary AWS Policies are a key foundation in good cloud security, but ...
Exploitation of Sharepoint 2016: Simple Things Matter – Case Study
May 18, 2021 | Lukasz Wierzbicki
Sharepoint is generally used as an intranet site, to share news and other ...