Missing Critical Vulnerabilities Through Narrow Scoping
September 16, 2021 | John Anderson
The typical process when scoping a penetration test is to get a list of targets ...
How Lack of Awareness and Clinging to the Past Threaten Your Networks
September 09, 2021 | John Anderson
The security landscape is always changing. New features are coming out all the ...
TeamTNT with new campaign aka "Chimaera"
September 08, 2021 | Ofer Caspi
Executive summary LevelBlue Labs™ has discovered a new campaign by threat group ...
Cobalt Strike Configuration Extractor and Parser
August 27, 2021 | Noah Rubin
Cobalt Strike Beacons continue to be the norm for persistence, lateral ...
PRISM attacks fly under the radar
August 23, 2021 | Fernando Dominguez
LevelBlue SpiderLabs has recently discovered a cluster of Linux ELF executables ...
Patch Tuesday, August 2021
August 10, 2021 | Karl Sigler
Here we are in August and it's Patch Tuesday once more. It's another light ...
SQL Injection in WordPress Plugins: ORDER and ORDER BY as Overlooked Injection Points
August 06, 2021 | Martin Vierula
Trustwave SpiderLabs recently undertook a survey of some 100 popular WordPress ...
Telegram Self-Destruct? Not Always
August 05, 2021 | Reegun Jayapaul
Summary Secret-Chats in Telegram use end-to-end encryption, which is meant for ...
New sophisticated RAT in town: FatalRat analysis
August 02, 2021 | Ofer Caspi
This blog was written by Ofer Caspi and Javi Ruiz.
Vulnerability in ON24 Plugin for macOS Shares More Than Just Your Screen
July 21, 2021 | Martin Rakhmanov
ON24 presenter mode requires you to install a plugin that is used to share your ...
Compromising a Network Using an "Info" Level Finding
July 21, 2021 | John Anderson
Anyone who has ever read a vulnerability scan report will know that scanners ...
Patch Tuesday, July 2021
July 13, 2021 | Karl Sigler
We're a little over halfway through the year now as July's Patch Tuesday is ...
ModSecurity v3 and URI Fragments
July 08, 2021 | Martin Vierula
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...
Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails
July 07, 2021 | Rodel Mendrez, Nikita Kazymirskyi
On, July 2nd, a massive ransomware attack was launched against roughly 60 ...
Unauthenticated XXE in Multiple Mitsubishi Electric Air Conditioner Control Systems
July 06, 2021 | Howard McGreehan
CVE-2021-20595: Unauthenticated XXE affecting multiple Mitsubishi Electric Air ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
REvil’s new Linux version
July 01, 2021 | Fernando Martinez
This blog was jointly authored with Ofer Caspi.
Cyber Secure Select: Protecting High-Net-Worth Individuals
June 28, 2021 | Faisal Tameesh
A behind the scenes look at an Executive Vulnerability Assessment.
Yet Another Archive Format Smuggling Malware
June 24, 2021 | Diana Lopera
The use of novel disk image files to encapsulate malware distributed via spam ...
Darkside RaaS in Linux version
June 22, 2021 | Ofer Caspi
Executive summary LevelBlue Labs recently analyzed the Linux version of the ...
Thousands of Vulnerable VMWare vCenter Servers Still Publicly Exposed (CVE-2021-21985, CVE-2021-21986)
June 14, 2021 | Jason Villaluna
Background On May 25th, 2021, VMWare released patches to address ...
Malware hosting domain Cyberium fanning out Mirai variants
June 14, 2021 | Fernando Martinez
Executive summary LevelBlue Labs has observed the Mirai variant botnet, known ...
Patch Tuesday, June 2021
June 08, 2021 | Karl Sigler
Summer is officially here and with it June's Patch Tuesday. This is a ...
Huawei LTE USB Stick E3372: From File Overwrite to Code Execution
June 02, 2021 | Martin Rakhmanov
In today's world, more and more devices are connected to the Internet for ...
Web Applications and Internal Penetration Tests
May 25, 2021 | Bruno Oliveira
Until recently, I really didn't care about web applications on an internal ...
AWS IAM security explained
May 24, 2021 | Fernando Martinez
Executive summary AWS Policies are a key foundation in good cloud security, but ...
CVE-2021-31166: RCE in Microsoft HTTP.sys
May 21, 2021 | Bryant Smith
In the May 2021 Microsoft update, Microsoft patched an HTTP.sys vulnerability ...