Showing 9 results for: July 2012 ×Security Research ×

Announcing the availability of ModSecurity extension for IIS

This blog post has also been posted on the Microsoft Security Research and Defense site: By: Greg Wroblewski, Microsoft Security Engineering Center Ryan Barnett, Trustwave SpiderLabs Vulnerabilities in on-line services, like cross-site scripting, cross-site request forgery, or even information disclosure,...

Spam Down II: Grum Down

So the media is abuzz with news of the takedown of the Grum botnet, which has caused a big reduction in spam. Make no mistake this is welcome news indeed, and credit to Atif Mushtaq from FireEye for taking action....

Analyzing PDF Malware - Part 3D

Part 3D of a demonstration on analyzing malware embedded within a suspicious PDF document. This finale post of the series illuminates the ultimate goal of the malware and concludes with a discussion on ways to protect yourself from similar attack vectors.

Spam Down: Where is Lethic?

At Trustwave SpiderLabs we keep a close eye on spam trends. We keep and publish a bunch of statistics relating to spam, and last week people were asking me where these were as the old M86 website is phased out....

TrustKeeper Scan Engine Update - July 12, 2012

The latest update to the TrustKeeper scan engine has been released. This update includes a lot of under-the-hood work for core protocol libraries such as SSL, SNMP, Kerberos and SSH. These improvements allow the scan engine to be more efficient...

Analyzing PDF Malware - Part 3C

Part 3C of a demonstration on analyzing malware embedded within a suspicious PDF document. This part specifically deals with dynamic analysis of the discovered shellcode itself within a virtual machine.

Wham Bam, the Cutwail/Blackhole Combo

Over the past few weeks we have seen a resurgence of malicious spam with links leading off to the Blackhole exploit kit. Last week about 2% of spam hitting our traps fell into this category, which is pretty significant given...

TrustKeeper Scan Engine Update

A new update to the TrustKeeper scan engine is being released, with several new vulnerability detections and numerous internal improvements. The new vulnerabilities detected include several that were fixed in the latest release of Wordpress, 3.3.2, including three cross-site scripting...