Killnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites
November 23, 2022 | SpiderLabs Researcher
Pro-Russian threat actor group Killnet claims to have launched DDoS attacks ...
Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program
November 22, 2022 | Kory Daniels
Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an ...
Automating RDS Security Via Boto3 (AWS API)
November 18, 2022 | Selam Gebreananeya
When it comes to security in AWS, there is the shared responsibility model for ...
Development of the Ukrainian Cyber Counter-Offensive
November 10, 2022 | SpiderLabs Researcher
Overview Russia’s military incursion against Ukraine began on February 24, ...
Denial of Service and RCE in OpenSSL 3.0 (CVE-2022-3786 and CVE-2022-3602)
November 04, 2022 | Karl Sigler
Overview On November 1 the OpenSSL Project released patches addressing the ...
Insta-Phish-A-Gram
October 27, 2022 | Homer Pacag
Following Trustwave SpiderLabs’ blog on social media-themed phishing on ...
Archive Sidestepping Self-Unlocking Password-Protected RAR
October 20, 2022 | Bernard Bautista, Diana Lopera
Trustwave SpiderLabs’ spam traps have identified an increase in threats ...
ModSecurity Request Body Parsing: Recent Bypass Issues
October 13, 2022 | Trustwave SpiderLabs
Overview ModSecurity is an open-source web application firewall (WAF) engine ...
HTML File Attachments: Still A Threat
October 06, 2022 | Rodel Mendrez
Introduction This past month, Trustwave SpiderLabs observed that HTML ...
Post-Exploitation Persistent Email Forwarder in Outlook Desktop
October 05, 2022 | Abi Waddell
There is an exploitation method that can automatically forward emails CC’d to ...
Trustwave Action Response: Zero Day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019
October 02, 2022 | SpiderLabs Researcher
Update Oct. 4: Microsoft released Security Update Guides for these two ...
CVE-2022-37461: Two Reflected XSS Vulnerabilities in Canon Medical’s Vitrea View
September 29, 2022 | Jordan Hedges, Avery Warddhana
Overview During a penetration test, Trustwave Spiderlabs’ researchers, Jordan ...
Retaliation by the Pro-Russian Group KillNet
September 14, 2022 | SpiderLabs Researcher
At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang ...
Shikitega - New stealthy malware targeting Linux
September 06, 2022 | Ofer Caspi
Executive summary LevelBlue Labs has discovered a new malware targeting ...
Crypto miners’ latest techniques
August 29, 2022 | Fernando Martinez
Executive summary Crypto miners are determined in their objective of mining in ...
2022 Trustwave SpiderLabs Telemetry Report
August 24, 2022 | Jason Villaluna
As organizations go about their regular routine of finding and adding new ...
Oracle SBC: Multiple Security Vulnerabilities Leading to Unauthorized Access and Denial of Service
August 23, 2022 | Harold Zang
Oracle Communications Session Border Controller (SBC) is one of the most ...
Overview of the Cyber Weapons Used in the Ukraine - Russia War
August 18, 2022 | Pawel Knapczyk
Observing the ongoing conflict between Russia and Ukraine, we can clearly see ...
The Price Cybercriminals Charge for Stolen Data
August 03, 2022 | Trustwave SpiderLabs
For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, ...
Want To Become A Red Teamer? This Is What You Need To Know
July 25, 2022 | Idan Ron
Everyone loves buzz words, no? Red team is the newest (well... not that new) ...
Decade Retrospective: The State of Vulnerabilities
July 18, 2022 | Shrijin Srinivasan Alex Rothacker
Decade Retrospective: The State of Vulnerabilities The Spanish philosopher ...
Interactive Phishing Mark II: Messenger Chatbot Leveraged in a New Facebook-Themed Spam
June 28, 2022 | Katrina Udquin
Facebook Messenger is one of the most popular messaging platforms in the world, ...
The Importance of White-Box Testing: A Dive into CVE-2022-21662
June 17, 2022 | Adeeb Shah
I want to take some time to explain the importance of using a white-box ...
ModBus 101: One Protocol to Rule the OT World
June 10, 2022 | Victor Hanna
Ever wondered how large-scale power plants monitor or control the myriad of ...
Trustwave's Action Response: More MSDT Fallout with “Dogwalk”
June 09, 2022 | SpiderLabs Researcher
A zero-day vulnerability has been re-disclosed that is very similar to the ...
Not all "Internet Connections" are Equal
June 08, 2022 | John Anderson
People commonly think that any “Internet Connection” is exactly the same, or ...
Trustwave's Action Response: Atlassian Confluence CVE-2022-26134
June 03, 2022 | SpiderLabs Researcher
Updated June 5 - Atlassian issued a fix for CVE-2022-30190 for versions 7.4.17, ...
Trustwave's Action Response: Microsoft zero-day CVE-2022-30190 (aka Follina)
June 03, 2022 | SpiderLabs Researcher
Update June 7 - In the event of a compromise related to the Follina ...