SpiderLabs Blog

February 19, 2020 | Dr. Fahim Abbasi, Phil Hay

Credential phishing is one of the leading threats faced by organizations today. ...

February 13, 2020 | Noah Rubin and Erik Iker

On December 17, 2019, Citrix announced a vulnerability affecting NetScaler ...

February 13, 2020 | Homer Pacag

It’s out there in the newspaper, social media, and television headlines. The ...

February 11, 2020 | Karl Sigler

February's Patch Tuesday is here and brings with it patches for 98 CVEs. These ...

February 04, 2020

Unauthenticated Remote Code Execution in IIOP protocol via Malicious JNDI ...

February 04, 2020 | Tom Neaves

Picture the scene - you’re on a penetration test, somehow you’ve got hold of a ...

February 04, 2020 | Javier Ruiz

The LevelBlue Labs team is in charge of writing correlation rules and releasing ...

January 21, 2020 | SpiderLabs Researcher

2020 is not starting out quietly for Microsoft, it seems. After the first Patch ...

January 20, 2020 | Trustwave SpiderLabs

ModSecurity is an open-source WAF engine maintained by Trustwave. As a lively ...

January 17, 2020 | Karl Sigler

One of the most notable vulnerabilities patched during Microsoft's first Patch ...

January 16, 2020 | Bryant Smith

The Citrix vulnerability (CVE-2019-19781) was first identified in December of ...

January 14, 2020 | Karl Sigler

Happy 2020! Microsoft is helping you celebrate the new decade with patches for ...

January 14, 2020 | SpiderLabs Researcher

It is a pleasure to announce the release of ModSecurity version 3.0.4 ...

January 09, 2020 | Bruno Oliveira

Introduction Hi, my fellow friends! How are you? Hopefully, you had a terrific ...

January 09, 2020 | Fernando Dominguez

This blog post provides an overview of the LevelBlue Labs™ technical analysis ...

January 02, 2020 | Stephan Borosh

Introduction In this blog post, I intend to provide some insight into using the ...

December 23, 2019 | Joshua Deacon, Diana Lopera, Fahim Abbasi

This year we observed a notable uptick in disc imaging software (like .ISO) ...

December 20, 2019 | Rodel Mendrez

Contributors: Lloyd Macrohon and Rodel Mendrez

December 18, 2019 | Michael Yuen

In the past, there have been plenty of articles and blog posts recommending the ...

December 13, 2019 | Radoslaw Zdonczyk

Python's popularity is amazing and constantly growing. For the first time, ...

December 10, 2019 | Karl Sigler

December's Patch Tuesday is upon us, and, as in years gone by, it's a rather ...

December 09, 2019 | Charles Hamilton

During red team engagements, lateral movement in a network is crucial. In ...

December 05, 2019 | SpiderLabs Researcher

November’s Patch Tuesday from Microsoft included a patch for yet another ...

December 04, 2019 | Daniel Turner

Today we are releasing CrackQ, a queuing system to manage password cracking ...

November 22, 2019 | Albert Campa

Often when penetration tests are scheduled, it will be requested that testing ...

November 21, 2019 | Robert Foggia

Back in May of this year, I discovered a few vulnerabilities in the SatLink ...

November 19, 2019 | Diana Lopera

Recently, fake Microsoft Windows Update emails were spammed with the following ...

November 18, 2019 | Bruno Oliveira

Introduction Hello again! After our previous post about the environment setup, ...