Showing 1237 results

Steganography... what is that?

When people think about Information Security the first word that generally comes mind is "Hacking", but there are many disciplines in security and one of them is called "Steganography", an offshoot of encryption and "data hiding". The word "steganography" can...

Necurs – the Heavyweight Malware Spammer

Today we want to dwell upon a pesky botnet that goes by the name of Necurs, and in particular its spamming activities. The botnet has been responsible for a massive amount of malware distributed via spam over the last 18...

TrustKeeper Scan Engine Update for September 09, 2016

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

Microsoft Patch Tuesday, September 2016

September's Patch Tuesday is upon us and it's the biggest one so far this year. While past months have been relatively light, September has nearly twice as many vulnerabilities patched compared to August. All told September contains 14 bulletins patching...

Sundown EK – Stealing Its Way to the Top

Sundown is one of the newest Exploit Kits on the market these days, and like many up-and-coming exploit kits before it, this means that it is in under constant development. With the recent disappearance of the Angler and Nuclear exploit...

Database Security Knowledgebase Update 5.04

This month's update for Database Security Knowledgebase is now available. Knowledgebase version 5.04 includes new checks for SAP (Sybase) ASE, Microsoft SQL Server, MySQL and Oracle, and updated checks for Microsoft SQL Server. New Vulnerability and Configuration Check Highlights SAP...

TrustKeeper Scan Engine Update for August 17, 2016

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

OWASP ModSecurity CRS Version 3.0 RC1 Released

Trustwave has been dedicated to supporting ModSecurity and the associated community for the better part of a decade. Over this time, ModSecurity and the associated OWASP Core Rule Set (CRS) have seen major advances and are currently positioned as leading...

TrustKeeper Scan Engine Update for August 02, 2016

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

Microsoft Patch Tuesday, August 2016

Today is August's Patch and with only 9 bulletins with 27 unique CVEs it's one of the lightest months in recent history. Four of the bulletins are rated Critical with the other five are rated as Important. Internet Explorer and...

Turning Up The Heat on IoT: TRANE Comfortlink XL850

The Internet of Things (IoT) continues to explode in the consumer market as demand for network connected devices has spread to all kinds non-traditional network connected systems from toasters to toilets and from refrigerators to lamps. Unfortunately this rush to...

To Obfuscate, or not to Obfuscate

Introduction Malware's goal is to bypass computer defenses, infect a target, and often remain on the system as long as possible. A variety of techniques are used to accomplish these goals. Deciding which of these techniques to use depends on...

SAP ASE file creation vulnerability (CVE-2016-6196)

Recently SAP released a patch for an Adaptive Server Enterprise vulnerability that allows legitimate database users to create files on disk where the server process can write to. This is useful when doing a chained database attack - first create...

Denial of Service: A Survival Guide

From Anonymous style SYN flooding to Application layer denial of service, denial of service is a subject that has been often confused with hacking by the grand public. While your data might not be stolen, the impact both on sales...

TrustKeeper Scan Engine Update for July 20, 2016

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

Database Security Knowledgebase Update 5.03

This month's update for Database Security Knowledgebase is now available. Knowledgebase version 5.00 includes new checks for Microsoft SQL Server, MySQL, Oracle and Teradata and new CIS policies for MySQL v1.0.2 and Oracle 11gR2 v2.0.0. New Vulnerability and Configuration Check...

TrustKeeper Scan Engine Update for July 07, 2016

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

Microsoft Patch Tuesday, July 2016

July's Patch Tuesday is here and brings with it five bulletins rated Critical and 6 rated Important. These eleven bulletins patch 47 unique CVEs (not including the monthly Adobe Flash CVEs which clock in at 24 critical CVEs). Our usual...