Showing 23 results for: May 2014 ×

SpiderLabs Radio: May 30, 2014

In this episode I talk about: New vulnerabilities in Chip and Pin cards A new 0day IE vulnerability Outlook for Android doesn't encrypt email Truecrypt sets the rumor mill ablaze with a vague shutdown and multiple vulnerabilities discovered in LEA...

CVE-2014-2120 – A Tale of Cisco ASA “Zero-Day”

A few months ago I was trying to PoC a known cross-site scripting vulnerability in the Cisco ASA WebVPN portal (CVE-2013-3414) for inclusion in the TrustKeeper Scan Engine. I tried a number of different techniques on multiple different ASA versions/branches...

Third-Party Auth Token Theft: The Big Picture

Nothing sets the technical journalists abuzz like the prospect of a catastrophic, Internet-wide vulnerability. Fresh off the very legitimate excitement over Heartbleed, some media outlets were hoping for a new scoop with “Covert Redirections”. Spoiler alert: there’s no catastrophe. For...

Wireless Cameras and Webcams: Are You Being Watched?

Trustwave SpiderLabs recently disclosed vulnerabilities in several models of Y-Cam brand wireless cameras. The most severe of these could allow anyone to access an internet connected camera. Although these vulnerabilities affect only some discontinued Y-cam models, these models were widely...

Java-based Malware Distributed Through Spam

For the past few months, we’ve observed more spam with Java-based malware attachments. The recent examples purport to be an invoice from a logistics company. The attachment is a .JAR file using a variety of filenames such as Authorised Invoice...

SpiderLabs Radio: May 22, 2014

In this episode I talk about: The international roundup of Blackshades rat users China's military accused of hacking US companies Highlights from Trustwave's Global Security Report including: Non-payment card data theft is up Spam is down and organizations need to...

2014 Trustwave Global Security Report Available Now

Today we released our annual 2014 Trustwave Global Security Report, an analysis of compromise and threat statistics that we gathered from 691 data breach investigations conducted across the world, telemetry pulled from our deployed technologies and our 24/7 global security...

Trustkeeper Scan Engine Update - May 21, 2014

We're back to bring you a large Scan Engine update. We've packed this release with tons of new vulnerabilities as well as some huge improvements to our servce protocol discovery engine. Increased coverage and faster scans--what could be better? New...

Mass Malicious PDF Email Campaigns from Cutwail

Over the last two weeks we have noticed a high number of emails with PDF attachments in our spam traps, which is unusual. These campaigns spanned several days, and originated from the Cutwail botnet, well known for spamming out malicious...

Baby's first NX+ASLR bypass

Recently, I've been trying to improve my skills with regards to exploiting memory corruption flaws. While I've done some work in the past with exploiting basic buffer overflows, format string issues, etc., I'd only done the most basic work in...

DEFCON 22 CTF Qualifiers Writeup

Hi folks! I got to spend a little time playing the DEFCON 22 quals this previous weekend, presented by the Legitimate Business Syndicate (LegitBS), several of members of which are players in previous DEFCON CTF games. I didn't manage to...

SpiderLabs Radio: May 15, 2014

In this episode: I review the Microsoft and Adobe patch release Another online cryptocurrency hack Ransomware finally hits Android Researchers disclose methods to evade android malware scanners A US Navy sailor might also be the leader of hacking group Team...

Microsoft Patch Tuesday, May 2014

May's Microsoft Patch Tuesday contains eight bulletins, the most of any release so far this year. Despite an out-of-band patch for Internet Explorer two weeks ago, Windows XP users will not receive any patches this cycle. This leaves XP users...

SpiderLabs Radio: May 8, 2014

In this episode: Wannabe Facebook hackers hack themselves John McAfee helps launch a new secure messaging app Some new vulnerabilities and disclosures surrounding iPhone Symantec claims that Antivirus is dead A vulnerabilitiy in Dropbox exposes shared links 4chan hacked and...

Microsoft Advance Notification for May 2014

Tuesday, May 13 marks the next Microsoft security patch release. This release will contain eight bulletins, which is the most in a single release so far this year. The good news is that each of these bulletins only address a...

[Honeypot Alert] Open Flash Charts File Upload Attacks

Our web honeypots picked up some increased scanning/exploit activity for the following file upload vulnerability in Open Flash Charts - The following screenshot shows the contents of the vulnerable ofc_upload_image.php file: As you can see from this simple code, there...

Microsoft Internet Explorer 0-Day (CVE-2014-1776)

A zero-day vulnerability in Microsoft Internet Explorer, CVE-2014-1776, was recently discovered when it was used as part of a targeted attack. Despite being an exploit for Internet Explorer, the attack used a Flash file to deliver the malicious code and...

Detecting A Surveillance State - Part 4 Cellular Attacks

This is the fourth and final post in my series of posts about state actor surveillance technologies. Thus far we’ve covered hardware infections, radio frequency exfiltration devices and BIOS/Firmware infections. In this final post, I'll discuss a topic that might...