Showing 19 results for: October 2013 ×

TrustKeeper Scan Engine Update - October 29, 2013

Just in time for All Hallows' Eve, we're thrilled to announce the latest update to the TrustKeeper Scan Engine. This update includes 12 spooky new vulns in WordPress and phpMyAdmin. This update also includes the second half of OS fingerprint...

PHP.Net Site Infected with Malware

Earlier today, users attempting to access the www.php.net site were met with malware warnings from Google's Safe Browsing plugins in Chrome/FireFox and other browsers - So, what was the problem? Malware Redirection Details Google's SafeBrowsing currently lists the following for...

SpiderLabs Radio October 25, 2013 w/ Space Rogue

This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave SpiderLabs and features stories about PHP lockdown, ReadyNAS = ReadyPwned, MitM Intro, Cyber Grand Challenge, UK to Hire Criminals, Project Shield, Quantum Dawn 2,...

Card Data Siphon with Google Analytics

The introduction of EMV (Chip & Pin) payment devices in 2003 resulted in a rapid decline in physical credit card cloning in Europe. EMV technology has also led to an increase in attacks on e-commerce systems targeting cardholder data. Each...

SpiderLabs Radio October 18, 2013 w/ Space Rogue

This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave SpiderLabs and features stories about KDMS Team hits EST and Bitdefender, DLink is PreP0wned, MS and Google fight over XP, Op Maryville aka Op...

TrustKeeper Scan Engine Update - October 15, 2013

Summary The latest update to the TrustKeeper scan engine is ready to rock and roll. The release contains coverage for 9 new vulnerabilities including coverage for Microsoft Windows, Microsoft Sharepoint, Movable Type, Wordpress and more. The release also includes a...

Fingerprinting Ubuntu OS Versions using OpenSSH

Over the past couples weeks, I've been working on enhancing the operating system detection logic in the TrustKeeper Scan Engine. Having the capability to detect a target's operating system can be very useful. Whether you're performing a simple asset identification...

Hiding Webshell Backdoor Code in Image Files

Looks Can Be Deceiving Do any of these pictures look suspicious? First appearances may be deceiving... Web attackers have have been using a method of stashing pieces of their PHP backdoor exploit code within the meta-data headers of these image...

En Fiesta Con Ploutus

We've translated our original blog post discussing Ploutus malware into Spanish because it was found to be targeting ATMs in Mexico. Hace poco, SafenSoft informó al público de una nueva familia de programas maliciosos, conocidos como "Ploutus", que fueron dirigidos...

SpiderLabs Radio October 11, 2013 w/ Space Rogue

This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave SpiderLabs and features stories about Paunch Arrested, Blackhole not updated, Gonzi author freed, KDMS Team hits Avira, AVG and Metasploit, Whatsapp is theoretical, Microsoft...

Having a Fiesta With Ploutus

A short while ago, SafenSoft reported a new family of malware, named 'Ploutus', that targeted a number of ATMs in Mexico (http://www.safensoft.com/archiv/n/774/1778). The malware was installed when "criminals acquired access to the ATM's CD-ROM drive and inserted a new boot...

AV Vendors Targeted in Defacement Campaign

Attacked Sites The KDMS hacking team recently defaced several popular websites include Whatsapp.com and two Anti-Virus (AV) vendors AVG and Avira. Attack Vectors The most likely attack vector is that the attackers were able to take control of the Domains...

Microsoft Patch Tuesday, October 2013

Here in Philadelphia this month the local weather people are calling it "Aug-tober" due to the rather warm temperatures that have continued well into October. This month's Patch Tuesday, however, is nothing like August at all. For one, Trustwave SpiderLabs...

Another Day, SpiderLabs Discovers Another IE Zero-Day

We at SpiderLabs investigate many suspicious webpages on a daily basis. Occasionally we run into something that seems new and unfamiliar to us, which is generally when things become interesting. A recent discovery of ours began just like that and...

Microsoft Advance Notification for October 2013

It is on a monthly schedule but for some reason Microsoft's Patch Tuesday sneaks up on me every month. Tomorrow, Microsoft is expected to push out eight new bulletins. This is quickly becoming a big patch period with Adobe releasing...

SpiderLabs Radio October 4, 2013 w/ Space Rogue

This week's episode of SpiderLabs Radio hosted by Space Rogue is brought to you by Trustwave SpiderLabs and features stories about Adobe Source Gone, an epic defacement of Bitcointalk.org , IE zero-day, More bug bounty drama, Operation Payback, Syrian Electronic...

TrustKeeper Scan Engine Update - October 3, 2013

We're back and bringing you another TrustKeeper Scan Engine update. This time we've got coverage for 19 new vulnerabilities including coverage for a bunch of Adobe Coldfusion, Microsoft and Wordpress vulns. We've also made some improvements to our web application...