Adobe Flash Player 0-Day (CVE-2018-5002)
June 12, 2018 | SpiderLabs Researcher
An Adobe advisory regarding a zero-day vulnerability in Adobe Flash Player was ...
Patch Tuesday, June 2018
June 12, 2018 | Karl Sigler
For June's Patch Tuesday Microsoft is patching 50 CVEs and releasing 2 ...
Breakdown of the EFAIL Email Vulnerabilities
May 24, 2018 | Phil Hay
hullabaloo [huhl-uh-buh-loo], noun, plural hullabaloos.
CVE-2018-8174 and Forcing Internet Explorer Exploits
May 15, 2018 | Karl Sigler
A zero day exploit was discovered targeting trade agencies and other related ...
CVE-2018-1000136 - Electron nodeIntegration Bypass
May 10, 2018 | Brendan Scarvell
A few weeks ago, I came across a vulnerability that affected all current ...
Patch Tuesday, May 2018
May 08, 2018 | Karl Sigler
May's Patch Tuesday is here and it looks like these monthly releases have ...
All Your Base64 Are Belong To Us – Dynamic vs. Static Analysis of Web Content
April 11, 2018 | Simon Kenin
I recently encountered an interesting phishing scheme when reviewing telemetry ...
Crypter-as-a-Service Helps jRAT Fly Under The Radar
March 26, 2018 | Rodel Mendrez
(Contributor: Dr. Fahim Abbasi and Phil Hay)
Patch Tuesday, March 2018
March 13, 2018 | Karl Sigler
March is coming in like a lion with this Patch Tuesday. The release patches 73 ...
Fake ASIC Renewal Spam Delivers Malware to Australian Companies
February 21, 2018 | Dr. Fahim Abbasi
The Australian Securities and Investment Commission (ASIC) is an independent ...
Multi-Stage Email Word Attack Without Macros
February 14, 2018 | Homer Pacag
Malware authors often distribute malware through code macros in Microsoft ...
Advanced Deception with BEC Fraud Attacks
February 14, 2018 | Dr. Fahim Abbasi
Background Business Email Compromise (BEC) email fraud, also known as "CEO ...
Flash Zero Day (CVE-2018-4878)
February 13, 2018 | Karl Sigler
A zero day Flash exploit caught targeting South Korean users was announced by ...
Microsoft Patch Tuesday, February 2018
February 13, 2018 | Admin
February's Patch Tuesday is here and after the light January, it's back with ...
Mass MikroTik Router Infection – First we cryptojack Brazil, then we take the World?
February 12, 2018 | Simon Kenin
On July 31st , just after getting back to the office from my talk at RSA Asia ...
Multiple Vulnerabilities in NETGEAR Routers
February 07, 2018 | Martin Rakhmanov
Last year I discovered multiple vulnerabilities in NETGEAR products. Now that ...
Multiple Vulnerabilities in WD MyCloud
February 01, 2018 | Martin Rakhmanov
While performing security research on personal storage I found some ...
Inspecting Encrypted Network Traffic with JA3
February 01, 2018 | Bryant Smith
Part of our job as security researchers is keeping up with new tools and ...
ModSecurity - News and Commercial Rules Update
January 23, 2018 | Victor Hora
Over the past few months there has been a lot going on with ModSecurity. There ...
ModSecurity Version 3.0 Announcement
January 10, 2018 | Felipe "Zimmerle" Costa
libModSecurity aka ModSecurity version 3.0 is out there. libModSecurity starts ...
Microsoft Patch Tuesday, January 2018
January 09, 2018 | Admin
Happy 2018 everyone! January's Patch Tuesday will ease you into the new year ...
BrickerBot mod_plaintext Analysis
December 19, 2017 | Simon Kenin
A week ago, the author of BrickerBot claimed that they retired and published ...
CHM Badness Delivers a Banking Trojan
December 18, 2017 | Rodel Mendrez
Like good old Microsoft Office Macros, Compiled HTML (CHM) Help files have been ...
Sneaky .BAT File Leads to Spoofed Banking Page
December 13, 2017 | Nicholas Ramos
If you thought using BAT files was an old hat, think again. While monitoring ...
Microsoft Patch Tuesday, December 2017
December 12, 2017 | Admin
Today marks the last Microsoft Patch Tuesday of 2017 and, with only 34 CVEs ...
Simplifying Password Spraying
December 01, 2017 | Jacob Wilkin
As a penetration tester, attaining Windows domain credentials are akin to ...
Using Buildroot for Security Research of IoT and Other Embedded Systems
November 22, 2017 | Martin Rakhmanov
These days many vendors, like IoT vendors, use Linux running on top of ARM CPU ...
Helping to Secure your PostgreSQL Database
November 17, 2017 | Christopher Bielinski
When big high-tech companies like Apple, Red Hat and Cisco use PostgreSQL in ...