Getting a Start in the Security Industry
September 06, 2012 | Nate Sanders
This has been a fairly common topic over the last year and I've seen plenty of ...
Microsoft Advanced Notification for September 2012 - Bad News, Good News
September 06, 2012 | Space Rogue
Microsoft has released its Advanced Notification for September 2012. The bad ...
Hackers and Media Hype: Big Hacks that Never Really Happened
September 05, 2012 | Space Rogue
If you combine the dictionary definitions for 'media' and 'hype' you come up ...
CryptOMG Walkthrough - Challenge 1
September 05, 2012 | Admin
It has been about 3 months since CryptOMG was released and I will start going ...
Phishing Evolves: Rogue IVRs
August 30, 2012 | Admin
As someone who's worked in the financial industry for years, I'm fascinated by ...
The Patsy Proxy: Getting others to do your dirty work
August 30, 2012 | Dan Crowley
Patsy (slang) - A person easily taken advantage of, cheated, blamed, or ...
TWSL2012-019: Cross-Site Scripting Vulnerability in Support Incident Tracker
August 29, 2012 | Robert Foggia
Trustwave SpiderLabs has published a new advisory today for a Cross-Site ...
Client-side Payload - The Brazilian Way.
August 29, 2012 | Wendel Guglielmetti Henrique
My name is Wendel Guglielmetti Henrique, and I'm a senior security consultant ...
Backward Compatibility Plays to Malware’s Hands
August 29, 2012 | Moshe Basanchig
Maintaining backward compatibility in software products is hard. Technology ...
Stripe-CTF Walkthrough
August 29, 2012 | Ryan Linn
I had the opportunity to do the Stripe-CTF (Capture The Flag) contest this past ...
WAF Normalization and I18N
August 29, 2012 | Ryan Barnett
Submitted By Breno Silva Pinto and Ryan Barnett
How to Get the Most Out of a PenTest
August 29, 2012 | Nathan Drier
Being a PenTester for Trustwave Spiderlabs, I work with a huge amount of ...
How Antivirus Saved the Day…Sort of.
August 28, 2012 | Josh Grunzweig
Recently, I found myself in a common situation—helping a comrade in our ...
It's a sunny (zero) day for Java
August 27, 2012 | SpiderLabs Researcher
Java exploits have been used for distributing malware for a while. See for ...
PTJ Undermines Your Blinky Light Box
August 27, 2012 | Admin
So, you just bought that fancy new box with the blinky lights that's supposed ...
All Your Password Hints Are Belong to Us
August 22, 2012 | Jonathan Claudius
This past weekend I ended up coming into the SpiderLabs office and "nerded out" ...
DEF CON 20: French Fry, Pizza, or Rotten Apples?
August 21, 2012 | Admin
If you currently do a search online for a female's perspective about DEF CON, ...
Microsoft Patch Tuesday August 2012 – Staying Alive In Gale Crater
August 14, 2012 | Space Rogue
As you install the nine updates that came out of Microsoft this month, five of ...
Poems from The Palms
August 13, 2012 | Martin Murfitt
SpiderLabs gathered for its annual meeting in Las Vegas recently. Though no ...
One Factor, Two Factor, Three Factor, More
August 07, 2012 | Admin
There has been a lot of talk online today about how Matt Honan, a reporter for ...
TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow sFlow Analyzer
July 27, 2012 | Robert Foggia
The SpiderLabs team at Trustwave published a new advisory today, which details ...
PenTest Manager 2.0 - Attack Sequences
July 26, 2012 | Admin
Trustwave recently launched PenTest Manager 2.0, a major enhancement of the ...
Announcing the availability of ModSecurity extension for IIS
July 26, 2012 | Ryan Barnett
This blog post has also been posted on the Microsoft Security Research and ...
Reducing web application attack surface
July 24, 2012 | Breno Silva
For as long as companies rely on web sites to do business with their customers ...
Beyond Apache: ModSecurity for IIS/Nginx is Coming
July 20, 2012 | Ryan Barnett
The Trustwave SpiderLabs Research Team is proud to announce that, through a ...
Spam Down II: Grum Down
July 20, 2012 | Phil Hay
So the media is abuzz with news of the takedown of the Grum botnet, which has ...
Analyzing PDF Malware - Part 3D
July 19, 2012 | Ryan Merritt
Pentesting like an Eastern European
July 18, 2012 | Jonathan Werrett
Through SpiderLabs' Incident Response and Penetration Testing services we get a ...