Showing 1202 results

ModSecurity Version 3.0 Announcement

libModSecurity aka ModSecurity version 3.0 is out there. libModSecurity starts a new era in terms of ModSecurity extensibility. The modular architecture provides flexibility to extend ModSecurity core with scripting languages and from scripting languages. Facilitating work such as: UI integration,...

Microsoft Patch Tuesday, January 2018

Happy 2018 everyone! January's Patch Tuesday will ease you into the new year with just 23 CVEs patched. Historically January has always been a light patch month. The release patches one CVE each that's rated "Critical", "Moderate" and "Low". The...

Overview of Meltdown and Spectre

You have probably heard the news of new vulnerabilities that affect most major chipsets, including Intel, Arm, and AMD. This means that the vulnerability affects nearly everyone who owns a computing device. What is the vulnerability? The vulnerability affects how...

BrickerBot mod_plaintext Analysis

A week ago, the author of BrickerBot claimed that they retired and published their manifesto along with some source code of their bot. In the manifesto, they wrote: "Take a look at the number of payloads, 0-days and techniques and...

CHM Badness Delivers a Banking Trojan

Like good old Microsoft Office Macros, Compiled HTML (CHM) Help files have been utilized by malware authors for more than a decade to sneak malicious downloader code into files making them harder to detect. CHMs are a Microsoft proprietary online...

Sneaky *.BAT File Leads to Spoofed Banking Page

If you thought using BAT files was old hat, think again. While monitoring our Secure Email Gateway Cloud service, we came across several suspect spam emails targeting Brazilian users. The figure below shows email details to trick and entice users...

Microsoft Patch Tuesday, December 2017

Today marks the last Microsoft Patch Tuesday of 2017 and, with only 34 CVEs patched, it's one of the smallest releases of the year. 19 of those CVEs are rated "Critical" and 15 are rated "Important". Of course the Microsoft...

Helping to Secure your PostgreSQL Database

When big high-tech companies like Apple, Red Hat and Cisco use PostgreSQL in their data infrastructure, you can be certain that PostgreSQL ranks up there with the bigger relational database managers. PostgreSQL is an enterprise-level open source database that has...

Microsoft Patch Tuesday, November 2017

It's that time of the month again for Microsoft updates. November's Patch Tuesday brings with it patches for 53 CVEs as well as rollup security patches for Adobe Flash and Microsoft Office. 19 of those 53 are rated "Critical", 31...

Denial of Service Vulnerability in Brother Printers

A vulnerability in the web front-end of Brother printers (called Debut) allows an attacker to launch a Denial of Service attack. The attack is executed by sending a single malformed HTTP POST request. The attacker will receive a 500 error...

An Easy Introduction to Steganography

Some time ago, a person reached out to Trustwave to get answers regarding some news that he saw about Steganography. After this, I noticed that not many people understand what steganography is and the risks it presents for companies. In...

ModSecurity Web Application Firewall - Commercial Rules Update

We have recently released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we are highlighting virtual patches...

"Don't Mine Me" – Coinhive

What's worse than annoying ads on a website? Crypto Miner on a website! Over the last couple of weeks there has been a lot of talk about Coinhive, a service that claims to provide an alternative to advertising for monetizing...

VAT Return with a Vengeance

Authors: Dr. Fahim Abbasi, Gerald Carsula and Rodel Mendrez Scam Overview Her Majesty's Revenue & Customs (HMRC) is the UK department responsible for collecting taxes and other tax related services like VAT returns. On 6th September, 2017, scammers launched a...