Patch Tuesday, May 2021
May 11, 2021 | Karl Sigler
May's Patch Tuesday is upon us and probably the most surprising thing about the ...
Pingback: Backdoor At The End Of The ICMP Tunnel
May 04, 2021 | Lloyd Macrohon, Rodel Mendrez
Introduction In this post, we analyze a piece of malware that we encountered ...
All Your Databases Belong To Me! A Blind SQLi Case Study
April 22, 2021 | Andreas Georgiou
“All your base are belong to us”, Zero game 1992
Patch Tuesday, April 2021
April 13, 2021 | Karl Sigler
April's Patch Tuesday is upon us and it is showering us with patches for a ...
HTML Lego: Hidden Phishing at Free JavaScript Site
April 08, 2021 | Homer Pacag
This blog investigates an interesting phishing campaign we encountered ...
Elevate Yourself to Admin in Umbraco CMS 8.9.0 (CVE-2020-29454)
April 01, 2021 | Jonathan Yarema
Umbraco version 8.9.0 (also seen in 8.6.3) has a privilege escalation issue in ...
You Just Received 25k USD in Your BTC Account! A Practical Phishing Defense Tutorial
March 29, 2021 | Jakub Adamczyk
From time to time, we all receive some unexpected messages. Either through ...
From Creative Password Hashes to Administrator: Gone in 60 Seconds (Or Thereabouts)
March 25, 2021 | Tom Neaves
Picture the scene, you’re on an application penetration test (as a normal user) ...
HAFNIUM, China Chopper and ASP.NET Runtime
March 15, 2021 | Joshua Deacon
The recent Microsoft Exchange Server zero-day exploits (CVE-2021-26855, ...
Image File Trickery Part II: Fake Icon Delivers NanoCore
March 11, 2021 | Diana Lopera
The .zipx file extension is used to denote that the ZIP archive format is ...
Patch Tuesday, March 2021
March 09, 2021 | Karl Sigler
The March Patch Tuesday is here and it's been an unfortunately busy month for ...
Trustwave's Action Response to the Microsoft Exchange Server Zero-Day Vulnerabilities and Attacks
March 08, 2021 | Trustwave SpiderLabs
UPDATES
The Many Roads Leading To Agent Tesla
February 12, 2021 | Rodel Mendrez, Diana Lopera
Agent Tesla is a common Remote Access Trojan (RAT) discovered in 2014. This ...
Patch Tuesday, February 2021
February 09, 2021 | Karl Sigler
February is here and with it comes a relatively light Patch Tuesday. Only 56 ...
Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities
February 03, 2021 | Martin Rakhmanov
Updates: This blog post was updated Feb. 9 to include Proof-of-Concept (PoC) ...
TeamTNT delivers malware with new detection evasion tool
January 27, 2021 | Ofer Caspi
Executive Summary LevelBlue Labs™ has identified a new tool from the TeamTNT ...
A Global Perspective of the SideWinder APT
January 13, 2021 | Tom Hegel
LevelBlue Labs has conducted an investigation on the adversary group publicly ...
Patch Tuesday, January 2021
January 12, 2021 | Karl Sigler
The first Patch Tuesday of 2021 is here and the year is starting out lighter ...
Microsoft Teams and Skype Logging Privacy Issue
January 11, 2021 | Reegun Jayapaul
Description: This blog post focuses on the privacy issues that Microsoft Teams ...
Malware using new Ezuri memory loader
January 07, 2021 | Ofer Caspi
This blog was written by Ofer Caspi and Fernando Martinez of LevelBlue Labs
A Trump Sex Video? No, It's a RAT!
January 06, 2021 | Diana Lopera
While reviewing our spam traps, a particular campaign piqued our interest ...
Phishing the Holiday Season
January 04, 2021 | Homer Pacag
Yes! It’s that time of the year again! The time for celebrating our traditions, ...
Trustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise
December 31, 2020 | Trustwave SpiderLabs
UPDATES This blog post was updated March 17 to include information on new ...
Scamming from the Cloud
December 16, 2020 | Dr. Fahim Abbasi
Cybercriminals are leveraging reputable cloud services to relay scam email ...
Magic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199)
December 15, 2020 | Victor Hanna
Overview With the prevalence of IoT devices flooding the mainstream ...
Trustwave’s Action Response To the FireEye Data Breach
December 11, 2020 | Trustwave SpiderLabs
Update With the new information and developments released by FireEye, we have ...
Insecure Communication in WinZip 24 Could Lead to Malware
December 10, 2020 | Martin Rakhmanov
Overview During observation of WinZip 24 network communications, I've noticed ...
Patch Tuesday, December 2020
December 08, 2020 | Karl Sigler
December's Patch Tuesday is here and, typical for the end of the year, it's a ...