Spammers Are Taking Advantage of Your Whitelists by Spoofing Legitimate Brands
February 05, 2014
***EDITOR'S NOTE: The content of this article does not make or imply any claims ...
SpiderLabs Radio: January 30, 2014
January 30, 2014
In this episode we look at a rash of gas pump credit card skimmers, the Syrian ...
Introducing ModSecurity Status Reporting
January 28, 2014 | Felipe "Zimmerle" Costa
The Trustwave SpiderLabs Research team is committed to making ModSecurity the ...
ModSecurity Advanced Topic of the Week: HMAC Token Protection
January 24, 2014 | Ryan Barnett
This blog post presents a powerful feature of ModSecurity v2.7 that has been ...
SpiderLabs Radio: January 23, 2014
January 23, 2014
In this episode I sit down with Grayson Lenik, a forensic expert for Trustwave ...
10,000 Litecoins Worth $230,000 USD Were Stolen!
January 22, 2014 | Ben Hayak
Newspapers, commentators and bloggers have lately been asking whether digital ...
Beware! Bats hide in your jQuery!
January 20, 2014
Injection of malicious code into JavaScript files is not new; however, we ...
What Dirty Little Secrets You Find on eBay
January 17, 2014 | Videoman
So I do networking (computers and wifi things) at a number of security ...
SpiderLabs Radio: January 16, 2014
January 16, 2014
In this episode:
Trustwave Analysis of the January 2014 Oracle CPU
January 16, 2014
It's the second Tuesday in January, so it is Oracle Critical Patch Update (CPU) ...
Setting HoneyTraps with ModSecurity: Adding Fake HTML Comments
January 14, 2014
This blog post continues with the topic of setting "HoneyTraps" within your web ...
Microsoft Patch Tuesday, January 2014
January 14, 2014
Hopefully January's Patch Tuesday is a sign of things to come for 2014. With ...
SpiderLabs Radio: January 10, 2014
January 12, 2014
In this week's podcast we talk about malware offered up in onlines ads, the ...
SAP Sybase ASE 15.7 security updates
January 10, 2014 | Martin Rakhmanov
SAP Sybase Adaptive Server Enterprise is a relational database management ...
Microsoft Advance Notification for January 2014
January 09, 2014
Microsoft is scheduled to release the next security update for consumers on ...
SpiderLabs Radio: January 3, 2014
January 06, 2014
Welcome to the SpiderLabs Radio Reboot! As we bid our old host, Space Rogue, a ...
DaumGame ActiveX 0day
January 06, 2014
One might think that vulnerabilities in ActiveX controls are a thing of the ...
The Case of an Obscure Injection
December 31, 2013 | Damian Profancik
During a recent application penetration test, I came across what proved to be ...
Wendel's Small Hacking Tricks - A not so common and neat Oracle [for Windows] hack.
December 20, 2013 | Wendel Guglielmetti Henrique
Since 2003 a large part of my workday has been devoted solely to hacking ...
How Snotnose the Elf was Able to Compromise The North Pole Domain and Retrieve the Nice and Naughty Lists
December 20, 2013 | Theresa
Last Winter, Snotnose won the North vs South Pole CTF contest, and Santa ...
Exploiting Password Recovery Functionalities
December 19, 2013 | Marcio Almeida
Password recovery functionalities can result in vulnerabilities in the same ...
Quick Joomla Refresher
December 19, 2013 | David Kirkpatrick
I haven't come into contact with Joomla for a while, but I had the opportunity ...
Announcing ModSecurity v2.7.6 Release (CI Platform Usage)
December 17, 2013
The ModSecurity Project team is pleased to announce public release version ...
The Curious Case of the Malicious IIS Module: Prologue (Method of Entry Analysis)
December 13, 2013
Earlier this week, SpiderLabs Research team released a blog post outlining ...
The Kernel is calling a zero(day) pointer – CVE-2013-5065 – Ring Ring
December 11, 2013 | Ben Hayak
SpiderLabs investigates a number of suspicious binary files on a daily basis. A ...
Microsoft Patch Tuesday, December 2013
December 10, 2013 | Robert Foggia
'Tis the season for an increase in cyber-criminal activities. In the past ...
The Curious Case of the Malicious IIS Module
December 09, 2013
Recently, we've seen a few instances of a malicious DLL that is installed as an ...
Microsoft Advance Notification for December 2013
December 06, 2013
On December 10th, Microsoft will begin deploying their security updates to ...