Denial of Service: A Survival Guide
August 01, 2016 | Yannick Bedard
From Anonymous style SYN flooding to Application layer denial of service, ...
Microsoft Patch Tuesday, July 2016
July 12, 2016 | SpiderLabs Researcher
July's Patch Tuesday is here and brings with it five bulletins rated Critical ...
How I Cracked a Keylogger and Ended Up in Someone's Inbox
July 01, 2016 | Rodel Mendrez
It all started from a spam campaign. Figure 1 shows a campaign we picked up ...
Malware Authors Adopt CEO Fraud Techniques
June 29, 2016 | Erwin Balunsat
CEO Fraud scams, a type of Business Email Compromise (BEC), have gained ...
CEO Fraud Scams and How to Deal With Them at the Email Gateway
June 29, 2016 | Phil Hay
Email scams known as "CEO Fraud" are very common right now. They are a type of ...
PoSeidon Adventures in Memory
June 24, 2016 | Shawn Kanady
Background
About Lenovo Solution Center 3.3.002 Vulnerabilities (CVE-2016-5249)
June 23, 2016 | Martin Rakhmanov
After patching set of issues reported by Trustwave SpiderLabs last month, ...
Linux Kernel ROP - Ropping your way to # (Part 2)
June 22, 2016 | Vitaly Nikolenko
Introduction In Part 1 of this tutorial, we have demonstrated how to find ...
Microsoft Patch Tuesday, June 2016
June 14, 2016 | SpiderLabs Researcher
June's Patch Tuesday doesn't hold many surprises and is similar to the past ...
Linux Kernel ROP - Ropping your way to # (Part 1)
June 10, 2016 | Vitaly Nikolenko
Kernel ROP In-kernel ROP (Return Oriented Programming) is a useful technique ...
Zero Day Auction for the Masses
June 09, 2016 | SpiderLabs Researcher
UPDATE: The seller once again lowered their price on the 6th of June to ...
Digging in the Spam Folder
June 03, 2016 | James Antonakos
Introduction Unlike spam that appears in my real-world mailbox, the numerous ...
Suzy’s Phishing Season
May 17, 2016 | Simon Kenin
Although most SWG-related blogs talk about exploit kits and malicious code, ...
Earlier Flaws Revisited: MS Office and PDF Combo Attack
May 16, 2016 | Erwin Balunsat
Recently, we came across a campaign spamming out emails containing both DOC and ...
About SAP ASE DSAM SQL Injection (CVE-2016-4013)
May 11, 2016 | Martin Rakhmanov
SAP introduced a new feature in SP02 for Adaptive Server Enterprise 16.0 that ...
Database Security Knowledgebase Update 5.01
May 10, 2016 | Lolita Chandra
This month's update for Database Security Knowledgebase is now available.
Privilege Escalation Vulnerability In Lenovo Solution Center (CVE-2016-1876)
May 10, 2016 | Martin Rakhmanov
Trustwave has reported several issues in Lenovo software in the past. Last week ...
Microsoft Patch Tuesday, May 2016
May 10, 2016 | SpiderLabs Researcher
May's Patch Tuesday is here and brings with it 16 Bulletins with 51 unique ...
Microsoft Patch Tuesday, April 2016
April 12, 2016 | SpiderLabs Researcher
April is here and with it comes a new Patch Tuesday. This month Microsoft is ...
Intercepting SSL And HTTPS Traffic With mitmproxy and SSLsplit
April 01, 2016
Looking for vulnerabilities in mobile applications and smart home devices ...
TWSL2016-006: Multiple XSS Vulnerabilities reported for Zen Cart
March 25, 2016 | Sriram Akurati
Today Trustwave released a vulnerability advisory in conjunction with Zen Cart. ...
Every Tool in the Tool Box
March 22, 2016 | Eric Merritt
Introduction When I teach people about reverse engineering, I often hear the ...
Angler Takes Malvertising to New Heights
March 14, 2016 | SpiderLabs Researcher
We have just discovered an advertising campaign that has been placing malicious ...
TWSL2016-004: Multiple Cross-Site Scripting (XSS) Vulnerabilities in Magnolia CMS
March 10, 2016 | Michael Yuen
Trustwave SpiderLabs published an advisory today in conjunction with Magnolia ...
TWSL2016-005: Memory corruption in a third-party component: how to find what’s wrong
March 10, 2016 | Martin Rakhmanov
In continuation of this post: ...
TWSL2016-003: Sophos Anti-Virus Mac OS X Version Update File Unlinking Vulnerability
March 10, 2016 | Martin Rakhmanov
While researching inter-process communication on Mac OS X, I found a small ...
Massive Volume of Ransomware Downloaders being Spammed
March 09, 2016 | Rodel Mendrez
We are currently seeing extraordinarily huge volumes of JavaScript attachments ...
Microsoft Patch Tuesday, March 2016
March 08, 2016 | SpiderLabs Researcher
Today is March's Patch Tuesday with 13 bulletins and 39 unique CVEs, which is ...