Microsoft Advance Notification for December 2012
December 06, 2012 | Space Rogue
Next week is Patch Tuesday, so this week we get the advance notification for ...
Blackberry OS 10 BlackLists Batman and PoohBear
December 06, 2012 | Space Rogue
A Blackberry oriented website in the UK was the first to notice an interesting ...
CCCDC Blue Teams vs Corporate Blue Team Comparision
December 06, 2012 | Ryan Linn
This weekend was the Community College Cyber Defense competition at Iowa State ...
Proxmark 3, now with more Android
December 03, 2012
It's no secret; I'm a fan of the Proxmark 3 RFID testing board. It's a device ...
[Honeypot Alert] SQL Injection Scanning Targeting Joomla Plugins
December 03, 2012 | Ryan Barnett
The following SQL Injection attack payloads targeting Joomla components were ...
The Return of SpiderLabs Radio: Now with Space Rogue
November 30, 2012
The SpiderLabs podcast known as SpiderLabs Radio has gone through many ...
An Analysis of a Fake Vodafone Bill PDF File
November 29, 2012
We haven't come across many malicious PDF files recently in our spam traps, so ...
[Honeypot Alert] User-Agent Field XSS Attacks
November 29, 2012 | Ryan Barnett
Our web honeypots picked up some more XSS attacks today:
Detecting Successful XSS Testing with JS Overrides
November 29, 2012 | Ryan Barnett
Do you know when an attacker or security researcher successfully finds a ...
Microsoft Patch Tuesday, November 2012 – Lions and Tigers and RCE, Oh My!
November 13, 2012 | Space Rogue
I feel some compassion for those system administrators alongthe East Coast of ...
CVE-2012-4969 and the Unnamed Admin Panel
November 13, 2012 | Moshe Basanchig
While CVE-2012-4969 isn't new, we are still curious about the various ways this ...
Microsoft Advanced Notification for November 2012 - RCE, Yikes!
November 08, 2012 | Space Rogue
Microsoft has released its advance notification for next weeks Patch Tuesday ...
CWE the Vote
November 06, 2012
It's a nice, sunny day in Cleveland, my friends. Tonight, after the votes are ...
Introducing Responder-1.0
October 24, 2012
Responder is a multi threaded tool that answers to IPv4 LLMNR (Link-local ...
TWSL2012-016: Multiple Vulnerabilities in Bitweaver
October 24, 2012 | Robert Foggia
The Trustwave SpiderLabs team has published a new advisory for multiple ...
Worm Propagates Through Skype Messages
October 12, 2012 | Rodel Mendrez
For the past week, we've received a lot of reports of a worm that propagates ...
mDNS - Telling the world about you (and your device)
October 10, 2012
Luiz Eduardo ( @effffn) and Rodrigo Montoro ( @spookerlabs ) have presented ...
Microsoft Patch Tuesday, October 2012 – Legend of Zelda Edition
October 09, 2012
Hope you enjoyed last months light patch Tuesday with only two bulletins as ...
Microsoft Advanced Notification for October 2012 – Lync, SQL, Headache
October 05, 2012
Microsoft has released its Advanced Notification for October 2012. After last ...
The Grey Line Between Feature and Vulnerability, iOS edition
October 02, 2012 | Mike Park
I do a lot of Mobile Application Penetration testing for some of our largest ...
James Bond's Dry Erase Marker: The Hotel PenTest Pen
October 01, 2012
You may have seen the talk and demonstration by Cody Brocious that allows him ...
Announcing the availability of ModSecurity extension for Nginx
September 28, 2012 | Ryan Barnett
ModSecurity for Nginx ModSecurity for Nginx is a web server plug-in for the ...
Trustwave SpiderLabs in Africa
September 28, 2012
Africa. The land of origin; the original unknown.
Update from Trustwave SpiderLabs EMEA
September 28, 2012
Europe, Middle East and Africa consists of around 120 countries depending on ...
Good things happen when Forensics and Malware Analysis work together.
September 28, 2012 | Grayson Lenik
The SpiderLabs Incident Response team worked a case earlier this year where ...
Smart Phone + Mail Server = Location Tracking
September 28, 2012
My last two posts have touched on the privacy perspective in relation tomobile ...
Adding Anti-CSRF Support to Burp Suite Intruder
September 28, 2012 | Ulisses Alburquerque
In the web application penetration testing industry, Burp Suite is considered a ...
Using Mobile Applications for attacking Web Applications
September 28, 2012 | Joaquim Espinhara da Silva Neto
This simple blog post was motivated by my desire to look at some mobile ...