Showing 14 results for: December 2015 ×

Endless Evasion Racing Game

In the past year we have been exploring the Magnitude Exploit Kit - one of the major actors in the cybercriminal scene. Like most of the modern exploit kits Magnitude is comprised of several layers in order to decrease the...

Neutrino Exploit Kit – One Flash File to Rule Them All

There's been a bit of talk about the Neutrino exploit kit lately, most of it revolving around sites redirecting users to Neutrino. But Neutrino has also been through some interesting technological changes and now the landing page of Neutrino only...

An Overview of the Upcoming libModSecurity

libModSecurity is a major rewrite of ModSecurity. It preserves the rich syntax and feature set of ModSecurity while delivering improved performance, stability, and a new experience in easy integration on different. libModSecurity - Motivations While ModSecurity version 2.9.0 is available...

Protecting Your Sites from Apache.Commons Vulnerabilities

A few weeks ago, FoxGlove Security released this important blog post that includes several Proof-of-Concepts for exploiting Java unserialize vulnerabilities. A remote attacker can gain Remote Code Execution by sending specially crafted payload to any endpoint expecting a serialized...

Joomla 0-Day Exploited In the Wild (CVE-2015-8562)

A recent new 0-day in Joomla discovered by Sucuri (Sucuri Blog) has drawn a lot of attention from the Joomla community, as well as attackers. Using knowledge gained from our recent research on Joomla (CVE-2015-7857, SpiderLabs Blog Post) and information...

TrustKeeper Scan Engine Update for December 16, 2015

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

Mom Spies a Hack

Have you ever wondered if all that informal training you do with your friends & family is paying off? When you say things like "use trusted sites" or "don't give your password to anyone" you wonder if they'll remember those...

TrustKeeper Scan Engine Update for December 09, 2015

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

AppDetectivePRO and DbProtect Knowledgebase Update 4.56

This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available. Knowledgebase version 4.56 includes new check for MS Azure SQL, new policy for Oracle, and updated checks for Oracle, MS SQL, and SAP (Sybase) Adaptive Server Enterprise (ASE)...

Microsoft Patch Tuesday, December 2015

The December Microsoft Path Tuesday is upon us and it does not bring any happy tidings. It brings with it twelve bulletins with seven rated Critical and five rated Important. Across the board there are 58 individual CVEs, one of...

Another Brick in the FrameworkPoS

Introduction FrameworkPoS is a well-documented family of malware that targets Point of Sale (PoS) systems and has been attributed to at least one high profile retail breach. The malware author(s) have continued to improve upon the original malware, releasing several...