Showing 47 results for: 2011 ×ModSecurity ×

Microsoft Patch Tuesday, December 2011

This Patch Tuesday, there are 3 new Critical and 10 new Important Bulletins. With this many high-urgency bulletins, it's tough to get a handle on which ones to tackle first. Of course, "all of them" is the standard answer, but...

[Honeypot Alert] WordPress Timthumb Attacks Rising

SpiderLabs Research Team has been tracking an increase in WordPress Timthumb plug-in scanning. How wide spread are the attacks? We just added the following entry to the Web Hacking Incident Database (WHID) - WHID 2011-262: Hackers 'Timthumb' Their Noses At...

Trustwave Releases New ModSecurity Rules and Support

ModSecurity is the most popular open source web application firewall (WAF) deployed today. We receive thousands of downloads each month from our main repository alone. It is estimated that there are over 1 million sites on the internet using it...

Implementing AppSensor Detection Points in ModSecurity

This is a follow-up to a previous blog post entitled "Real-time Application Profiling" that implements extended profiling logic using the ModSecurity Lua API. AppSensor Detection Points SpiderLabs Research Team is happy to announce that we have just updated the OWASP...

Detecting Malice with ModSecurity: (Updated) CSRF Attacks

UPDATE - since this original post, we added new data manipulation capabilities to v2.6.0 with the introduction of the @rsub operator. See the last section on modifying outbound data server-side. This week's installment of Detecting Malice with ModSecurity will discuss...

(Updated) Mitigation of Apache Range Header DoS Attack

Update After deeper research into the underlying vulnerability and analyzing customer traffic, SpiderLabs has developed a new BETA ModSecurity ruleset to mitigate the Apache Range Header DoS vulnerability. The following rules may be used to truncate the Range header fields...

Detecting Malice with ModSecurity: HoneyTraps

This week's installment of Detecting Malice with ModSecurity will discuss how to implement HoneyTraps in order to detect malicious activity on your website. HoneyTrap excerpt section of Robert "Rsnake" Hansen's book "Detecting Malice" - Booby Trapping Your Application I briefly...

Live ModSecurity Challenges at Blackhat Arsenal

ModSecurity is participating in the upcoming Blackhat Arsenal Tools Demo next week in Las Vegas. Details: When: Wed. Aug 3rd from 1:45 pm - 4:30 pm Where: POD 1 We will have live demos/challenges running from our kiosk. In addition...

ModSecurity SQL Injection Challenge: Lessons Learned

This is a post-mortem blog post to discuss the successful Level II evasions found by participants during the recent ModSecurity SQL Injection Challenge. First of all, I would like to thank all those people that participated in the challenge. All...

Announcing Release of OWASP ModSecurity Core Rule Set v2.2.1

I am pleased to announce the release of the OWASP CRS v2.2.1. This is a significant update with regards to SQL Injection protections. Trustwave's SpiderLabs Team conducted an analysis/review of the SQL Injection Challenge Level II evasions - http://www.modsecurity.org/demo/challenge.html and...

Announcing Release of ModSecurity v2.6.1

Availability of ModSecurity 2.6.1-RC1 Release (July 18, 2011) The ModSecurity Development Team is pleased to announce the availability of ModSecurity 2.6.1 Release. This release includes some new features and bug fixes, please see the release notes included into CHANGES file....