Showing 49 results for: 2014 ×Security Research ×

No Country For Old Vulnerabilities

Finding a common cross-site scripting vulnerability in Cisco's new IOS Software Checker Feature. During my normal day-to-day work I interface with a number of websites while researching the details of recently released vulnerabilities. It was a pleasant surprise when one...

Alina POS malware "sparks" off a new variant

Alina is a well-documented family of malware used to scrape Credit Card (CC) data from Point of Sale (POS) software. We published a series of in-depth write-ups on the capabilities Alina possesses as well as the progression of the versions....

Magnitude Exploit Kit Backend Infrastructure Insight - Part II

Welcome back to another edition of "exposing Magnitude exploit-kit internals"! As already mentioned in our previous posts (1st and 2nd), the back-end infrastructure of this highly prevalent Exploit Kit has been revealed to be pretty exciting from the security research...

Setting HoneyTraps with ModSecurity: Adding Fake Cookies

This blog post continues with the topic of setting "HoneyTraps" within your web applications to catch attackers. Please review the previous posts for more examples: Project Honeypot Integration Unused Web Ports Adding Fake robots.txt Entries Adding Fake HTML Comments Adding...

Reflected File Download - A New Web Attack Vector

PLEASE NOTE: As promised, I've published a full white paper that is now available for download: White paper "Reflected File Download: A New Web Attack Vector" by Oren Hafif. On October 2014 as part of my talk at the Black...

Jailbreak Detection Methods

This post concludes our three-part series about mobile security. Today's post will outline some options for detecting jailbroken devices, should you choose to do so. Yesterday, we asked whether blocking an app's execution on jailbroken devices was worth it. Earlier...

Executing Apps on Jailbroken Devices

This post is part two of a three-part series about mobile security. Today's post will discuss the execution of apps on jailbroken devices. Yesterday, we described some vulnerabilities in iOS web browsers. Tomorrow, we'll explore detecting jailbroken devices. “App cannot...

Exploring and Exploiting iOS Web Browsers

Today we begin a three-post series about mobile security. We start with a discussion of vulnerabilities in iOS web browsers. Later this week we'll cover apps executing on jailbroken devices and the detection of jailbroken devices. While the release and...

Shellshock a Week Later: What We Have Seen

Trustwave, like most other information security firms, has been busy investigating the ShellShock vulnerability and subsequent scanning and exploit attempts. The SpiderLabs team at Truswave wanted to give the community some feedback on what we are seeing happening "in the...

Identify Crimeware Strains with Edit Distance

When trying to identify crimeware/malware, it's a good idea to design a multi-part system that deploys a variety of detection techniques to increase your chances of detection. You can start with one technique and then layer on additional techniques as...

Monkey Patching the Matrix

For those of you not familiar with monkey patching, it’s a mechanism to “extend or modify the run-time code of dynamic languages without altering the original source code”. Previously, I demonstrated how monkey patching can modify the logic of a...

Blackhat Arsenal 2014: Live ModSecurity Demonstrations

If you are heading out to Blackhat USA 2014 in Las Vegas this week, please stop by the Arsenal Tools area on Thursday morning to see live demonstrations of ModSecurity's advanced features. Arsenal Demonstration Information Location: Mandalay Bay Convention Center,...