Showing 14 results for: February 2013 ×

More on the TrustKeeper Phish

Yesterday we alerted people to a widespread phishing campaign misusing Trustwave's brand. Here we go into some more detail about the campaign. First up, I'd like to repeat, these messages did not originate from Trustwave, and at no time was...

SpiderLabs Radio February 22, 2013 w/ Space Rogue

This weeks episode of SpiderLabs Radio hosted by Space Rogue covers The Mandiant RedScare, WhiteHouse Cyber Strategy, The Whopper meets the Big Mac, NBC Malware, Singapore sextortion, Walgreeens phones out, Malaysian PM resignation fake and More! Listen to SpiderLabs radio...

Trustwave TrustKeeper PCI Scan Notification - Phishing ALERT

Over the last few hours, Trustwave has received multiple reports of individuals receiving fake emails pretending to be from Trustwave. These emails did not originate from Trustwave. Recipients should immediately delete the emails and not follow any links presented in...

Easy DOM-based XSS detection via Regexes

If you are interested in finding DOM-based XSS, you must have knowledge of http://code.google.com/p/domxsswiki/wiki/Introduction already. This is the best online resource about DOM-based XSS maintained by my friends Stefano di Paola and Mario Heiderich. The wiki contains a deep explanation...

Owning Windows Networks With Responder Part 2

One of the great things about working within SpiderLabs is that we prefer to use our own tools whenever possible. The biggest advantage to using your own toolset is lot more control over what's happening during the testing process; helping...

[Honeypot Alert] User-Agent Field PHP Injection Attacks

In a previous Honeypot Alert blog post, I showed an example of attackers using LFI attacks to access /proc/self/environ to execute code within the User-Agent field. Our web honeypots have identified more probes of this type. Here is an example...

SpiderLabs Radio February 15, 2013 w/ Space Rogue

This weeks episode of SpiderLabs Radio hosted by Space Rogue covers Bit9 Looses Bits, Adobe Adobe Adobe, Zombies in Montana, Trustwave GSR, McAffee Looses keys, Pres Signs Orders, Anon Fails to take down SotU, Walla Walla Walla, Myanmar targeted, Alicia...

SpiderLabs Radio February 8, 2013 w/ Space Rogue

This weeks episode of SpiderLabs Radio hosted by Space Rogue covers Twitter breach, Java again, Cyber First Strike, DoE unpachted, DoE Emergency, Operation B58, Cash Out, Hail to The Chief, PKNIC, Capture the Japanese Flag, Solo continues to disrupt, Nokia...

CryptOMG Walkthough - Challenge 2

For those of you that missed it last time, CryptOMG is a configurable CTF-style test bed that highlights flaws in cryptographic implementations. The application and installation instructions can be downloaded for free at the SpiderLabs Github. The challenge 1 walkthrough can be found here. The goal for the second challenge is to get the admin password. Unlike the first challenge, which told us there was probably a directory traversal flaw, this does not give us a very clear picture of the type of flaw we will be exploiting. After opening the application, we are presented with a login form and instructions telling us that we can login with guest/guest. Taking a closer look at the URL parameters, we have a "ReturnUrl" parameter with 32 hex characters, in this case 82803ac0ee614d894128649a2eb31f03.

Microsoft Advance Notification for February 2013

The Advance Notification of Patch Tuesday from Microsoft has twelve bulletins listed for this month. Not a small number by any means but not completely unmanageable either. Five bulletins are listed as critical and seven important. There will be six...

SpiderLabs Radio February 1, 2013 w/ Space Rogue

This weeks episode of SpiderLabs Radio hosted by Space Rogue covers The New York Times, Anonymous hits US Sentencing Commission-or do they, UPnP, Ruby - Don't Take Your Love to Town, Pentagon Hiring $$, Pi Million Dollars, No more DDoS...