Announcing the availability of ModSecurity extension for IIS
July 27, 2012 | Ryan Barnett
This blog post has also been posted on the Microsoft Security Research and ...
PenTest Manager 2.0 - Attack Sequences
July 27, 2012
Trustwave recently launched PenTest Manager 2.0, a major enhancement of the ...
Reducing web application attack surface
July 25, 2012 | Breno Silva
For as long as companies rely on web sites to do business with their customers ...
Spiders are FUN! Party at DEF CON
July 25, 2012
Hey folks! This week a fair amount of us (15k) are heading to Vegas for Black ...
Beyond Apache: ModSecurity for IIS/Nginx is Coming
July 21, 2012 | Ryan Barnett
The Trustwave SpiderLabs Research Team is proud to announce that, through a ...
Spam Down II: Grum Down
July 21, 2012 | Phil Hay
So the media is abuzz with news of the takedown of the Grum botnet, which has ...
Analyzing PDF Malware - Part 3D
July 20, 2012 | Ryan Merritt
Pentesting like an Eastern European
July 19, 2012 | Jonathan Werrett
Through SpiderLabs' Incident Response and Penetration Testing services we get a ...
Spam Down: Where is Lethic?
July 18, 2012 | Phil Hay
At Trustwave SpiderLabs we keep a close eye on spam trends. We keep and publish ...
Hashcat Per Position Markov Chains
July 18, 2012 | Daniel Turner
I just wanted to let you guys know about some interesting work Atom has been ...
What did the Java applet say to the SWF? Don't leave me alone in this Blackholeee!
July 17, 2012 | SpiderLabs Researcher
Last week as we were analyzing the new version of Blackhole with the new Java ...
Conference tips from your friends at Trustwave SpiderLabs
July 12, 2012 | SpiderLabs Anterior
We are quickly approaching the largest security conference week on the planet. ...
Microsoft Patch Tuesday July 2012 – TLS and Office for Mac?
July 10, 2012
We have nine bulletins to deal with this month three of which are rated ...
Analyzing PDF Malware - Part 3C
July 04, 2012 | Ryan Merritt
Let me explain, no there is too much, let me sum up… This is part 3C in the ...
How much data? Apache, Ubuntu and the Lies of the Logs.
July 04, 2012 | Ryan Jones
Forensic investigators rely heavily on log file data in order to analyse ...
Apex Secure Coding Considerations
July 03, 2012 | Rohini Sulatycki
Apex is an on-demand language that extends the Force.com platform by providing ...
Stolen Laptop Recovery via OSX Trap Partition
July 03, 2012
My Macbook Air has 2 partitions, one that is my normal everyday partition that ...
Wham Bam, the Cutwail/Blackhole Combo
July 02, 2012 | Phil Hay
Over the past few weeks we have seen a resurgence of malicious spam with links ...
Oops, I pwned your router- Part One
June 30, 2012 | Videoman
Embedded computing is very much about making a computer as small as possible, ...
Analyzing PDF Malware - Part 3B
June 27, 2012 | Ryan Merritt
Down that dusty trail… As the big blue letters above state, this is part 3B of ...
eHarmony Password Dump Analysis
June 26, 2012 | Mike Kelly
Unless you've been hauled up in a bunker, eating MREs and watching Doomsday ...
I Forgot Your Password
June 24, 2012 | Chris Vinecombe
I'm now going into my second year in application security, and as I learn more ...
Security Capture the Flag Competitions
June 24, 2012 | John Hoopes
Many people look at capture the flag competitions with varying reactions. Some ...
Five E-Commerce Security Myths (Part 2)
June 23, 2012
In part 1 of this series I gave an introduction into how most merchants accept ...
Five E-Commerce Security Myths (Part 1)
June 23, 2012 | Marc Bown
Compromises of e-commerce websites are increasingly common. In our 2012 Global ...
CVSS for Penetration Test Results (Part I)
June 22, 2012 | Tim Maletic
Trustwave has been adding support for the Common Vulnerability Scoring System ...
Metasploit = tips, tricks, hashes and tokens
June 20, 2012
Metasploit is one of the many tools that can be used during a penetration test, ...
Internet Explorer Vulnerabilities Gone Wild
June 20, 2012 | Anat (Fox) Davidi
It's a busy time for Internet Explorer: Patch Tuesday addressed quite a few ...