Exploitation of Sharepoint 2016: Simple Things Matter – Case Study
May 18, 2021 | Lukasz Wierzbicki
Sharepoint is generally used as an intranet site, to share news and other ...
Patch Tuesday, May 2021
May 11, 2021 | Karl Sigler
May's Patch Tuesday is upon us and probably the most surprising thing about the ...
Pingback: Backdoor At The End Of The ICMP Tunnel
May 04, 2021 | Lloyd Macrohon, Rodel Mendrez
Introduction In this post, we analyze a piece of malware that we encountered ...
All Your Databases Belong To Me! A Blind SQLi Case Study
April 22, 2021 | Andreas Georgiou
“All your base are belong to us”, Zero game 1992
Patch Tuesday, April 2021
April 13, 2021 | Karl Sigler
April's Patch Tuesday is upon us and it is showering us with patches for a ...
HTML Lego: Hidden Phishing at Free JavaScript Site
April 08, 2021 | Homer Pacag
This blog investigates an interesting phishing campaign we encountered ...
Elevate Yourself to Admin in Umbraco CMS 8.9.0 (CVE-2020-29454)
April 01, 2021 | Jonathan Yarema
Umbraco version 8.9.0 (also seen in 8.6.3) has a privilege escalation issue in ...
You Just Received 25k USD in Your BTC Account! A Practical Phishing Defense Tutorial
March 29, 2021 | Jakub Adamczyk
From time to time, we all receive some unexpected messages. Either through ...
From Creative Password Hashes to Administrator: Gone in 60 Seconds (Or Thereabouts)
March 25, 2021 | Tom Neaves
Picture the scene, you’re on an application penetration test (as a normal user) ...
HAFNIUM, China Chopper and ASP.NET Runtime
March 15, 2021 | Joshua Deacon
The recent Microsoft Exchange Server zero-day exploits (CVE-2021-26855, ...
Image File Trickery Part II: Fake Icon Delivers NanoCore
March 11, 2021 | Diana Lopera
The .zipx file extension is used to denote that the ZIP archive format is ...
Patch Tuesday, March 2021
March 09, 2021 | Karl Sigler
The March Patch Tuesday is here and it's been an unfortunately busy month for ...
Trustwave's Action Response to the Microsoft Exchange Server Zero-Day Vulnerabilities and Attacks
March 08, 2021 | Trustwave SpiderLabs
UPDATES
Office 365 Best Practices: 7 Steps to Mitigating Business Email Compromise
February 24, 2021 | Carly Battaile
Microsoft’s Office 365 is an increasingly popular email solution for ...
Finding More IDORs – Tips and Tricks
February 12, 2021 | Max Corbridge
A collection of useful tips, tricks, and techniques for discovering IDORs.
The Many Roads Leading To Agent Tesla
February 12, 2021 | Rodel Mendrez, Diana Lopera
Agent Tesla is a common Remote Access Trojan (RAT) discovered in 2014. This ...
Patch Tuesday, February 2021
February 09, 2021 | Karl Sigler
February is here and with it comes a relatively light Patch Tuesday. Only 56 ...
Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities
February 03, 2021 | Martin Rakhmanov
Updates: This blog post was updated Feb. 9 to include Proof-of-Concept (PoC) ...
Cloudy with a Chance of Persistent Email Access
January 29, 2021 | Partha Alwar and Carly Battaile
How an advanced threat group leveraged Microsoft Azure to gain persistent ...
APT X – Process Hollowing
January 27, 2021 | Faisal Tameesh
A detailed walkthrough of the process hollowing injection technique.
TeamTNT delivers malware with new detection evasion tool
January 27, 2021 | Ofer Caspi
Executive Summary LevelBlue Labs™ has identified a new tool from the TeamTNT ...
A Global Perspective of the SideWinder APT
January 13, 2021 | Tom Hegel
LevelBlue Labs has conducted an investigation on the adversary group publicly ...
Patch Tuesday, January 2021
January 12, 2021 | Karl Sigler
The first Patch Tuesday of 2021 is here and the year is starting out lighter ...
Microsoft Teams and Skype Logging Privacy Issue
January 11, 2021 | Reegun Jayapaul
Description: This blog post focuses on the privacy issues that Microsoft Teams ...
Malware using new Ezuri memory loader
January 07, 2021 | Ofer Caspi
This blog was written by Ofer Caspi and Fernando Martinez of LevelBlue Labs
A Trump Sex Video? No, It's a RAT!
January 06, 2021 | Diana Lopera
While reviewing our spam traps, a particular campaign piqued our interest ...
Phishing the Holiday Season
January 04, 2021 | Homer Pacag
Yes! It’s that time of the year again! The time for celebrating our traditions, ...
Trustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise
December 31, 2020 | Trustwave SpiderLabs
UPDATES This blog post was updated March 17 to include information on new ...