Showing 11 results for: June 2015 ×

Attacking Ruby Gem Security with CVE-2015-3900

A Ruby gem is a standard packaging format used for Ruby libraries and applications. This packaging format allows Ruby software developers a clearly defined format in which they can reliably build and distribute software. Developers push Ruby gems to a...

TrustKeeper Scan Engine Update June 17 2015

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. This week we bring you nine new vulnerability checks including tests for "LogJam", ClamAV, Drupal,...

SpiderLabs Radio for the Week of June 15, 2015

In this week's episode: SwiftKey Android and Apple zero days LastPass breach Listen to this and archived episodes on Trustwave SpiderLabs Radio or in iTunes. Or you can download the MP3 file directly here. Or listen right from your browser...

Microsoft Patch Tuesday, June 2015

It's that time of the month again, Patch Tuesday for June! With only eight total bulletins (2 Critical and 6 Important) this Patch Tuesday is surprisingly light compared to months past. What's not surprising is that Internet Explorer is back...

Trustwave 2015 Global Security Report Available Now

Today, we reveal our Trustwave 2015 Global Security Report. We've spent months analyzing hundreds of our data breach investigations over the past year, and culling threat intelligence from our industry-leading security research and data collected from technology managed by our...

New Episode of Punkey PoS Malware Airs

Reruns from the 1980s are all the rage these days, and like the sitcom it's based on, we've encountered a second run from the Punkey Point of Sale malware as part of an investigation we're working on with the FBI....

SpiderLabs Radio for the Week of June 1, 2015

In this week's episode: OpenSesame: Hacking Garage Door Openers Two Ransomware Authors Get Out Of The Game Listen to this and archived episodes on Trustwave SpiderLabs Radio or in iTunes. Or you can download the MP3 file directly here. Or...

TrustKeeper Scan Engine Update June 3 2015

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. This week we've added a check for Squid Proxy MitM via spoofed x.509 certificate (CVE-2015-3455)....

AppDetectivePRO and DbProtect Knowledgebase Update 4.50

This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available. Knowledgebase version 4.50 includes new and/or updated checks for vulnerabilities in SAP (Sybase) ASE, Microsoft Azure SQL Database, Oracle Database, Hadoop and MySQL. New Vulnerability and Configuration Check...

Changes in Oracle Database 12c password hashes

Oracle has made improvements to user password hashes within Oracle Database 12c. By using a PBKDF2-based SHA512 hashing algorithm, instead of simple SHA1 hash, password hashing is more secure. With this post, I'll explain some of the changes and their...