Showing 1197 results

CHM Badness Delivers a Banking Trojan

Like good old Microsoft Office Macros, Compiled HTML (CHM) Help files have been utilized by malware authors for more than a decade to sneak malicious downloader code into files making them harder to detect. CHMs are a Microsoft proprietary online...

Sneaky *.BAT File Leads to Spoofed Banking Page

If you thought using BAT files was old hat, think again. While monitoring our Secure Email Gateway Cloud service, we came across several suspect spam emails targeting Brazilian users. The figure below shows email details to trick and entice users...

Microsoft Patch Tuesday, December 2017

Today marks the last Microsoft Patch Tuesday of 2017 and, with only 34 CVEs patched, it's one of the smallest releases of the year. 19 of those CVEs are rated "Critical" and 15 are rated "Important". Of course the Microsoft...

Helping to Secure your PostgreSQL Database

When big high-tech companies like Apple, Red Hat and Cisco use PostgreSQL in their data infrastructure, you can be certain that PostgreSQL ranks up there with the bigger relational database managers. PostgreSQL is an enterprise-level open source database that has...

Microsoft Patch Tuesday, November 2017

It's that time of the month again for Microsoft updates. November's Patch Tuesday brings with it patches for 53 CVEs as well as rollup security patches for Adobe Flash and Microsoft Office. 19 of those 53 are rated "Critical", 31...

Denial of Service Vulnerability in Brother Printers

A vulnerability in the web front-end of Brother printers (called Debut) allows an attacker to launch a Denial of Service attack. The attack is executed by sending a single malformed HTTP POST request. The attacker will receive a 500 error...

An Easy Introduction to Steganography

Some time ago, a person reached out to Trustwave to get answers regarding some news that he saw about Steganography. After this, I noticed that not many people understand what steganography is and the risks it presents for companies. In...

ModSecurity Web Application Firewall - Commercial Rules Update

We have recently released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we are highlighting virtual patches...

"Don't Mine Me" – Coinhive

What's worse than annoying ads on a website? Crypto Miner on a website! Over the last couple of weeks there has been a lot of talk about Coinhive, a service that claims to provide an alternative to advertising for monetizing...

VAT Return with a Vengeance

Authors: Dr. Fahim Abbasi, Gerald Carsula and Rodel Mendrez Scam Overview Her Majesty's Revenue & Customs (HMRC) is the UK department responsible for collecting taxes and other tax related services like VAT returns. On 6th September, 2017, scammers launched a...

Locky Part 2: As the Seasons Change so is Locky

It's that time of year where the seasons are changing. The Northern Hemisphere moves into Autumn, and the Southern Hemisphere moves to Spring. So it is with Locky. As we discussed in our last post, spam campaigns were downloading Locky...

Microsoft Patch Tuesday, October 2017

October is here and brings with it patches for 62 CVEs and a handful of additional advisories. 28 of the vulnerabilities patched are rated "Critical" and 34 are rated "Important". The largest number of vulnerabilities patched (18 total) reside in...

Post-Soviet Bank Heists: A Hybrid Cybercrime Study

Today we are publishing a SpiderLabs Advanced Threat Report that details a major cyberattack targeting banks mainly located in post-Soviet states. All the attacks share a common profile and the finely tuned orchestration of the entire operation shows an innovative...