Showing 333 results for: Security Research ×

Chip Off the Old EMV

Recently, Jason Knowles of ABC 7's I-Team asked us, "What is the security risk if your EMV chip falls off your credit card? What could someone do with that?" My first thought was, "How in the hell does the chip...

Petya From The Wire: Detection using IDPS

Most malware that traverses a network do so with specific indicators, some of which look like legitimate network traffic and others that are completely unique to the malware. A single IDPS signature can have high confidence of detecting an infection...

A Computational Complexity Attack against Racoon and ISAKMP Fragmentation

Trustwave recently reported a remotely exploitable computational complexity vulnerability in the racoon isakmp daemon that is part of the ipsec-tools open-source project (http://ipsec-tools.sourceforge.net/). The vulnerability is present in the handling of fragmented packets. A computational complexity attack seeks to cause...

Elephone P9000 Lock Screen Lockout Bypass

Brute force attacks against smartphones are not usually a viable attack vector. Manufacturers employ scaling lockouts that progress into longer and longer periods between attempts and, if the user is security conscious, the device may wipe after 10 attempts. However...

0-Day Alert: Your Humax WiFi Router Might Be In Danger

Over the years WiFi Routers have been notoriously susceptible to simple attacks. In early 2017, Trustwave SpiderLabs Researcher Simon Kenin identified 43 different models of Netgear Router to be vulnerable for Remote and Local Password Disclosure. More recently, in May...

URSNIF is Back Riding a New Wave of Spam

The infamous data-stealing URSNIF malware has done it again and it's here to collect more keystrokes, login credentials, browsing activities, and other user activities. It continues to undress and dress itself differently, time and time again. Earlier this year, we...

Multiple Vulnerabilities in Avast Antivirus

Last year I decided to do some security research on an antivirus product. Avast seemed a good target since it is among most popular AV products used by home users and, as an added bonus, there is a bug bounty...

Exploiting Privilege Escalation in Serv-U by SolarWinds

I was recently working on an external network penetration test where I identified a new vulnerability in a file sharing web application called Serv-U by SolarWinds. This vulnerability granted me administrative privileges to the Serv-U application, and, allowed for remote...

Authentication and Encryption in PAS Web Shell Variant

Introduction During a recent incident response case, we were tasked with discovering the point of entry for an attacker that had compromised the entire Windows network. Among other things we uncovered evidence of web application attacks targeting the company's public...

Undocumented Backdoor Account in DBLTek GoIP

Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor in...

Unauthenticated Backdoor Access in Unanet

The default configuration of the Unanet web application has a backdoor that can allow unauthenticated users to login and manipulate the user accounts and the roles they maintain. This vulnerability is due to a code branch that exists within the...

Underground Scams: Cutting the Head Off a Snake

Shortly after publishing our post about Terror EK, "King Cobra" (a Twitter account that we mentioned at the end of that blog post), tweeted a note to us: Figure 1: King Cobra's tweet to Trustwave This, along with other feedback...