[Honeypot Alert] User-Agent Field PHP Injection Attacks
February 15, 2013 | Ryan Barnett
In a previous Honeypot Alert blog post, I showed an example of attackers using ...
Owning Windows Networks With Responder Part 2
February 15, 2013
One of the great things about working within SpiderLabs is that we prefer to ...
Microsoft Patch Tuesday, February 2013 – Happy Chinese New Year!
February 12, 2013 | Ryan Barnett
Submitted by Space Rogue
SpiderLabs Radio February 8, 2013 w/ Space Rogue
February 08, 2013
This week's episode of SpiderLabs Radio hosted by Space Rogue covers Twitter ...
Server-Side XSS Attack Detection with ModSecurity and PhantomJS
February 08, 2013 | Ryan Barnett
Client-Side JS Overriding Limitations In a previous blog post, I outlined how ...
Microsoft Advance Notification for February 2013
February 07, 2013 | Space Rogue
The Advance Notification of Patch Tuesday from Microsoft has twelve bulletins ...
CryptOMG Walkthough - Challenge 2
February 07, 2013 | Andrew Jordan
For those of you that missed it last time, CryptOMG is a configurable CTF-style ...
ModSecurity IIS Updates: Stable Release, Award Recognition and More
February 05, 2013
ModSecurity for IIS Stable Release As part of our recent release of ModSecurity ...
SpiderLabs Radio February 1, 2013 w/ Space Rogue
February 01, 2013
This weeks episode of SpiderLabs Radio hosted by Space Rogue covers The New ...
[Honeypot Alert] Active Probes for Ruby on Rails XML Vulns
January 25, 2013 | Ryan Barnett
In a previous blog post, I outlined some ModSecurity defenses to help protect ...
SpiderLabs Radio January 25, 2013 w/ Space Rogue
January 25, 2013
This weeks episode of SpiderLabs Radio hosted by Space Rogue covers the ...
Owning Windows Networks with Responder 1.7
January 24, 2013
A lot has been happening with Responder lately!
SpiderLabs Crypto Contest - Winner!
January 21, 2013
We have a winner! @TimoHirvonen
SpiderLabs Radio January 18, 2013 w/ Space Rogue
January 18, 2013
This week's episode of SpiderLabs Radio hosted by Space Rogue covers Aaron ...
Defeating AES without a PhD
January 17, 2013 | Dan Crowley
"Cryptography is typically bypassed, not penetrated." – Adi Shamir FAITH IN THE ...
QA w/ SpiderLabs Research: Java 0day CVE-2013-0422
January 16, 2013 | Arseny Levin
Q: What's going on? People are talking about some Java 0daywhich threatens the ...
Microsoft Patch Tuesday, January 2013 - Part II
January 14, 2013 | Robert Foggia
It's now official, there is another bulletin (MS13-008) release for the month ...
SpiderLabs Radio January 11, 2013 w/ Space Rogue
January 11, 2013 | Space Rogue
We are back with another episode of SpiderLabs Radio hosted by Space Rogue. ...
ModSecurity Mitigations for Ruby on Rails XML Exploits
January 10, 2013 | Ryan Barnett
There is big trouble in Ruby on Rails (RoR) land... The issue is related to XML ...
First Java 0day For The Year 2013
January 10, 2013
Today @Kafeine was the first to announce the new Java 0day. This 0day allows an ...
SpiderLabs Crypto Contest - Hints
January 09, 2013
This is a post for those attempting to solve the Crypto contest I introduced a ...
Microsoft Patch Tuesday, January 2013 – Hot Sauce
January 08, 2013 | Space Rogue
I had lunch today at a great little Cajun restaurant in Chicago called Heaven ...
Goodies released with Trustwave SWG Security Update 141
January 08, 2013 | Rami Kogan
As cliché as it may sound, security is done in layers and so, using our generic ...
SpiderLabs Radio January 04, 2013 w/ Space Rogue
January 04, 2013
We are back with another episode of SpiderLabs Radio hosted by Space Rogue. ...
Dissecting a CVE-2012-4792 Payload
January 04, 2013 | Trustwave SpiderLabs
A little while ago I was fortunate enough to get ahold of a sample that was ...
Microsoft Advance Notification for January 2013
January 03, 2013 | Space Rogue
If you were hoping for a nice relaxing Patch Tuesday after the holidays, well, ...
Hacking with Drain Cleaner – Yet Another BitLocker Bypass Technique
January 02, 2013
As hard-wired as any Application Specific Integrated Circuit it seems the ...
Choppy Regulatory Waters ahead for EU SMEs?
January 02, 2013
There's been a reasonable amount of coverage of the (proposed) data protection ...