SpiderLabs Radio for the Week of January 26, 2015
February 02, 2015
In this week's episode:
GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
January 30, 2015 | Ryan Barnett
A heap-based buffer overflow vulnerability in glibc (CVE-2015-0235) was ...
SpiderLabs Radio for the Week of January 19, 2015
January 25, 2015
In this week's episode:
A New Zero-Day of Adobe Flash is used by the Prevalent Angler Exploit Kit in the Wild
January 22, 2015
Just yesterday, security researcher Kafeine discovered a zero-day vulnerability ...
JSON Crypto Helper a Ruby-based Burp Extension for JSON Encryption/Decryption - Part III
January 21, 2015 | Christophe De La Fuente
This is the third in a three-part series about how to write a simple Ruby ...
JSON Crypto Helper a Ruby-based Burp Extension for JSON Encryption/Decryption - Part II
January 20, 2015 | Christophe De La Fuente
This is the second post in a three-part series about how to write a simple Ruby ...
JSON Crypto Helper a Ruby-based Burp Extension for JSON Encryption/Decryption - Part I
January 19, 2015 | Christophe De La Fuente
Burp Suite is one of my favorite tools when performing security assessments of ...
SpiderLabs Radio for the Week of January 12, 2015
January 18, 2015
In this week's episode we discuss Responsible Vulnerability Disclosure in the ...
Microsoft Patch Tuesday, January 2015
January 13, 2015
Happy New Year and welcome to the first Microsoft Patch Tuesday of 2015. This ...
SpiderLabs Radio for the Week of January 5, 2015
January 10, 2015
In this week's episode:
Deobfuscating Malicious Macros Using Python
January 08, 2015 | Rodel Mendrez
Over the past few weeks, we've observed cybercriminals spamming users, ...
No Country For Old Vulnerabilities
December 31, 2014 | Robert Rowley
Finding a common cross-site scripting vulnerability in Cisco's new IOS Software ...
Building my own personal password cracking box
December 31, 2014 | Wendel Guglielmetti Henrique
Since 2003, I've spent a majority of my workdays hacking systems. I've ...
[Honeypot Alert] Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit Attempt
December 30, 2014 | Ryan Barnett
Our web honeypots picked up some exploit attempts for the recently released ...
Signed Ruby Gems: A c7decrypt walk-through
December 22, 2014 | Jonathan Claudius
As someone who's responsible for a number of Ruby projects, both open-source ...
Announcing Net::TNS for Ruby – A Gem for Connecting to Oracle Databases
December 18, 2014 | woodbusy
For the security professional, working with Oracle Database can present ...
Alina POS malware 'sparks' off a new variant
December 18, 2014 | Eric Merritt
Alina is a well-documented family of malware used to scrape Credit Card (CC) ...
SpiderLabs Radio for the week of December 8, 2014
December 14, 2014
In this episode:
New Device Module (DM) update for Trustwave SIEM 1.2.1 now available
December 11, 2014 | Jeff Pold
Trustwave's most recent Device Module (DM), DM-22, is now available to ...
Microsoft Patch Tuesday, December 2014
December 09, 2014 | SpiderLabs Researcher
December's Microsoft Patch Tuesday is upon us and, hopefully, marks the last ...
CVE-2014-3797: Reflected XSS Vulnerability in VMware Virtual Center Appliance (vCSA)
December 08, 2014
Trustwave SpiderLabs published an advisory today in conjunction with VMWare for ...
Magnitude Exploit Kit Backend Infrastructure Insight - Part III
December 08, 2014
This is the fourth post in a four-part series about Magnitude (if you like, ...
SpiderLabs Radio for the week of December 1, 2014
December 07, 2014
In this episode:
Microsoft Advance Notification for December 2014
December 04, 2014 | Robert Foggia
Microsoft will publish the last scheduled security release of the year on ...
SpiderLabs Radio for the week of November 24, 2014
November 28, 2014
SpiderLabs Radio is taking a hiatus this week to celebrate the Thanksgiving ...
ModSecurity Advanced Topic of the Week: Detecting Malware with Fuzzy Hashing
November 27, 2014 | Ryan Barnett
We witnessed a sophisticated phishing campaign on 16th August 2017, targeting ...
Magnitude Exploit Kit Backend Infrastructure Insight - Part II
November 24, 2014 | SpiderLabs Researcher
Welcome back to another edition of "exposing Magnitude exploit-kit internals"! ...
SpiderLabs Radio for the week of November 17, 2014
November 22, 2014
In this episode: