SpiderLabs Blog

May 13, 2020 | Eric Rafaloff

This blog post aims to be an exploration of how Solidity’s model checker works, ...

May 13, 2020 | Karl Sigler

May's Patch Tuesday includes patches for 111 unique CVEs. Of those CVEs 17 are ...

May 11, 2020 | Ed Williams

Here at SpiderLabs, we take the security of all our clients extremely ...

May 11, 2020 | Tawnya Lancaster

Five steps to ensuring the protection of patient data and ongoing risk ...

May 07, 2020 | Seok Min Lim

Introduction SCADA/OT security has been a growing concern for quite some time. ...

May 01, 2020 | Carl Sue

Having a well designed and tested social engineering training program for an ...

April 17, 2020 | Faisal Tameesh

Bypassing CloudFlare's WAF to exploit an OGNL injection vulnerability in a red ...

April 17, 2020 | Diana Lopera

Early March of this year, we blogged about multiple malspam campaigns utilizing ...

April 15, 2020 | Dr. Fahim Abbasi

Business email compromise (BEC) also known as CEO fraud has undoubtedly become ...

April 14, 2020 | Karl Sigler

April's Patch Tuesday is here and Microsoft is patching 113 CVEs this month. ...

April 14, 2020 | Ashley Graves

Background Slack is a cloud-based messaging platform that is commonly used in ...

April 10, 2020 | Joshua Deacon, Lloyd Macrohon

Overview In Part One of this series, we discussed how MailTo ransomware ...

April 08, 2020 | Joshua Deacon, Lloyd Macrohon

Overview In Part One of this series, we discussed how MailTo ransomware ...

April 03, 2020 | Bruno Oliveira

Introduction Hi everyone, how are you? I know the times are strange but we ...

April 03, 2020 | Amy Pace

Cybercriminals are taking advantage of the fear and uncertainty surrounding the ...

March 31, 2020 | Joshua Deacon, Lloyd Macrohon

In February, an Australian transportation company called Toll Group was hit by ...

March 31, 2020 | Joshua Deacon, Homer Pacag, Rodel Mendrez, Phil Hay

Back in February, we reported on two Coronavirus-themed phishing emails. But ...

March 27, 2020 | Ashley Graves

Photo by chuttersnap on Unsplash

March 26, 2020 | Alejandro Baca, Rodel Mendrez

UPDATED March 27, 2020

March 26, 2020 | Chris Doman

The CVE-2019-0604 (Sharepoint) exploit and what you need to know LevelBlue Labs ...

March 16, 2020 | Karl Sigler

Overview Last week Microsoft announced that there was a buffer overflow ...

March 12, 2020 | Jonathan Yarema

Overview If you save wide Unicode brackets (i.e. ＜＞) into a char or varchar ...

March 12, 2020 | SpiderLabs Researcher

In the hustle and bustle of everyday work life we tend to look at the current ...

March 11, 2020 | Diana Lopera

In light of the recent blog by my colleague Rodel Mendrez, we looked back at ...

March 10, 2020 | Karl Sigler

Today marks Microsoft's March Patch Tuesday. While it may not be on the top of ...

March 05, 2020 | Rodel Mendrez

A recent blog by Didier Steven’s showed how malicious Excel 4 macros can be ...

March 02, 2020 | Bruno Oliveira

Introduction Hello again! We are back with more Windows internals and it's time ...

February 27, 2020 | Diana Lopera

The Remote Access Tool (RAT) is one of the malware types we often encounter ...