[Honeypot Alert] More WordPress is_human Plugin Remote Command Injection Attack Detected
March 12, 2012 | Ryan Barnett
As we first noted in a previous Honeypot Alert Blog post, our web honeypots ...
[Honeypot Alert] Status Report for February 2012
March 12, 2012 | Ryan Barnett
Monthly Web Honeypot Status Report We have received a tremendous amount of ...
OWASP Virtual Patching Survey Results
March 09, 2012 | SpiderLabs Researcher
In a previous blog post, we issued a call for assistance to help OWASP with a ...
Detecting Brazilian Banking Trojans with Snort http_inspect
March 08, 2012 | Admin
If you take a look at malware samples down here in Brazil, probably in most of ...
Virtual Patch for Movable Types XSS (CVE 2012-1262)
March 01, 2012 | Ryan Barnett
My SpiderLabs Research colleague Jonathan Claudius recently identified an XSS ...
PIG - Finding Your Target Without Saying a Word
February 27, 2012 | Ryan Linn
You see blogs, talks, presentations, and tutorials on how to break into boxes ...
SpiderLabs Threat Intelligence Program
February 23, 2012 | Admin
So a lot of people have been asking me "What do you do at Trustwave?" and I ...
#TWContest: And the winner of the @Trustwave @SpiderLabs 2012 Global Security Report contest is...
February 21, 2012 | SpiderLabs Anterior
Here is a summary of the questions and answers:
#TWContest: One in how many organizations use insecure remote access...
February 20, 2012 | SpiderLabs Anterior
The question was… "One in how many organizations use insecure remote access ...
Call for Assistance: OWASP Virtual Patching Survey
February 17, 2012 | Ryan Barnett
Identification of web application vulnerabilities is only half the battle with ...
#TWContest: The two main motivations for web-based attacks are...
February 16, 2012 | SpiderLabs Anterior
On Thursday we posted our sixth question of the Trustwave 2012 Global Security ...
Trustwave SpiderLabs: My First Nine Days
February 15, 2012 | Space Rogue
So as some of you may have heard I now work at Trustwave for their SpiderLabs ...
Patch Tuesday, Feb 2012: What I did this Valentine's Day
February 15, 2012 | nosteve
#TWContest: The correct data aggregation technique is...
February 15, 2012 | SpiderLabs Anterior
On Tuesday we posted our fifth question of the Trustwave 2012 Global Security ...
Top Ten Web Protection Techniques of 2011
February 14, 2012 | Ryan Barnett
Top Ten Web Hacking Techniques of 2011 Every year the web security community ...
#TWContest: The top 'origin' of attack is...
February 14, 2012 | SpiderLabs Anterior
The question was… "What was the top "origin" of attack as seen through ...
Common Attack Methodologies Identified in European Customers
February 13, 2012 | Ryan Barnett
As you may have heard, Trustwave SpiderLabs released our Global Security Report ...
#TWContest: The industry that ranked third is...
February 10, 2012 | SpiderLabs Anterior
On Thursday we posted our second question of the Trustwave 2012 Global Security ...
#TWContest: 1 out of every ~800 devices on the Internet is vulnerable to…
February 09, 2012 | SpiderLabs Anterior
On Tuesday we posted our first question of the Trustwave 2012 Global Security ...
WASC Distributed Web Honeypots Project Update
February 08, 2012 | Admin
As the WASC Distributed Web Honeypots Project Sponsor, we are excited to ...
[Honeypot Alert] Status Report for January 2012
February 06, 2012 | Ryan Barnett
Monthly Web Honeypot Status Report We have received a tremendous amount of ...
Island Hopping the SpiderLabs Way
February 02, 2012 | Nathan Drier
More and more, I find myself having to fight with highly segmented networks and ...
HOIC DDoS Analysis and Detection
January 27, 2012 | Ryan Barnett
In a previous blog post, we provided details of a DDoS attack tool called LOIC ...
Cuckoo for Cuckoo Box
January 26, 2012 | Ryan Merritt
Cuckoo Sandbox is an automated, open source, malware analysis system that ...
TWSL2012-002: Multiple Vulnerabilities in WordPress
January 24, 2012 | Robert Foggia
Trustwave SpiderLabs has published a new advisory today for multiple ...
On Null Byte Poisoning and XPath Injection
January 23, 2012 | Dan Crowley
Recently I released a tool called XMLmao, a configurable testbed for learning ...
[Honeypot Alert] Simple Page Options Module for Joomla! Local File Inclusion Attack Detected
January 19, 2012 | Ryan Barnett
Our web honeypots generated the following ModSecurity alert today:
Android IRC Bot - This Ain't Your Granny's Android Malware (Or Maybe It Is)
January 18, 2012 | Josh Grunzweig
As I'm sure many of you know, the rise of mobile-based malware has been on the ...