SpiderLabs Radio for the Week of October 19, 2015
October 25, 2015
Two separate SpiderLabs vulnerabilities released:
Joomla SQL Injection Vulnerability Exploit Results in Full Administrative Access
October 22, 2015 | Asaf Orpani
Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection ...
How To Decrypt Ruby SSL Communications with Wireshark
October 19, 2015
Debugging a program that communicates with a remote endpoint usually involves ...
Zero-day in Magmi database client for popular e-commerce platform Magento targeted in the wild
October 13, 2015 | Assi Barak
We've observed HTTP requests associated with an exploit attempt on the Magento ...
AppDetectivePRO and DbProtect Knowledgebase Update 4.54
October 13, 2015 | SpiderLabs Researcher
This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now ...
Microsoft Patch Tuesday for October 2015
October 13, 2015
October's Patch Tuesday is upon us and with only six bulletins, it's one of ...
SpiderLabs Radio for the Week of September 28, 2015
October 05, 2015
In this week's episode:
Quaverse RAT: Remote-Access-as-a-Service
September 23, 2015 | Rodel Mendrez
***UPDATE as of September 28, 2015 - see the bottom of this post for removal ...
HOW TO: Setting up Encrypted Communications Channels in Oracle Database
September 22, 2015 | Martin Rakhmanov
In this article, I will explain how to set up an encrypted communications ...
SpiderLabs Radio for the Week of September 14, 2015
September 21, 2015
In this week's episode:
HOW TO: Setting up Encrypted Communications Channels in Oracle Database (1)
September 16, 2015 | Martin Rakhmanov
In this article, I will explain how to set up an encrypted communications ...
Microsoft Patch Tuesday, September 2015
September 08, 2015
Today marks Patch Tuesday for September and this month brings with it 12 ...
Lessons in Spam JavaScript Obfuscation Layers
September 08, 2015 | Brian Bebeau
Spammers seem to be adding layers of obfuscation to their malware attachments ...
SpiderLabs Radio for the Week of August 31, 2015
September 06, 2015
In this week's episode:
Debugging SAP ASE .NET Provider Issues
September 03, 2015 | Martin Rakhmanov
I've recently been chasing a bug that made it impossible to call one built-in ...
About Two SAP Adaptive Server Enterprise (ASE) Extended Procedure Subsystem Vulnerabilities
September 03, 2015
Recently SAP patched two important security issues in Adaptive Server ...
SpiderLabs Radio for the Week of August 24, 2015
August 31, 2015
In this week's episode:
SpiderLabs Radio for the Week of August 17, 2015
August 24, 2015
In this week's episode:
Two Vulnerabilities Reported by SpiderLabs Fixed in Oracle Critical Patch Update July 2015
August 17, 2015 | Martin Rakhmanov
In July, Oracle released a Critical Patch Update for multiple products ...
Microsoft Patch Tuesday for August 2015
August 11, 2015
Today marks Patch Tuesday for August. Almost identical to last month's list, ...
SpiderLabs Radio for the Week of July 27, 2015
August 03, 2015
In this week's episode:
RIG Reloaded - Examining the Architecture of RIG Exploit Kit 3.0
August 03, 2015 | SpiderLabs Researcher
A few months ago the RIG exploit kit took quite a hit when its source code was ...
Username Enumeration against OpenSSH-SELinux with CVE-2015-3238
July 30, 2015 | Sebastien Macke
I recently disclosed a low-risk vulnerability in Linux-PAM versions prior to ...
Tsar Team Microsoft Office Zero Day CVE-2015-2424
July 29, 2015 | Rami Kogan
After the publication of Flash and IE zero days following the Hacking Team ...
Finding XSS Vulnerabilities More Quickly with Dynamic Contextual Analysis
July 20, 2015 | Michael Yuen
Cross-Site Scripting (XSS) has been around since the 1990s and countless ...
SpiderLabs Radio for the Week of July 13, 2015
July 17, 2015
In this week's episode:
Microsoft Patch Tuesday July 2015
July 14, 2015
July's Patch Tuesday is here and brings with it a rather large 14 bulletins ...
SpiderLabs Radio for the Week of Jul 6, 2015
July 13, 2015
In this week's episode we talk about the Hacking Team getting hacked.