Showing 10 results for: September 2015 ×

Jumping through the hoops: multi-stage malicious PDF spam

We've recently encountered a number of malicious spam messages with PDFs attached. The PDFs themselves are not malicious as they don't contain executable code, but they do contain images with underlying URI actions. The image, if clicked, will open the...

Quaverse RAT: Remote-Access-as-a-Service

***UPDATE as of September 28, 2015 - see the bottom of this post for removal instructions*** Quaverse RAT or QRAT is a fairly new Remote Access Tool (RAT) introduced in May 2015. This RAT is marketed as an undetectable Java...

SpiderLabs Radio for the Week of September 14, 2015

In this week's episode: SYNFul Knock compromised routers TSA Master keys leaked Listen to this and archived episodes on Trustwave SpiderLabs Radio or in iTunes. Or you can download the MP3 file directly here. Or listen right from your browser...

Microsoft Patch Tuesday, September 2015

Today marks Patch Tuesday for September and this month brings with it 12 bulletins. Four are rated Critical, and eight are rated Important. Across all bulletins, a total of 55 individual CVEs are patched this month. Of the four Critical...

Lessons in Spam JavaScript Obfuscation Layers

Spammers seem to be adding layers of obfuscation to their malware attachments in an attempt to evade spam filters that look inside attachments. Most malware attachments come in the form of executables, or, increasingly, Word files with malware-laden macros. These...

SpiderLabs Radio for the Week of August 31, 2015

In this week's episode: 225K iPhones hacked Sleepy Puppy Chrome and Amazon blocks (some) Flash Carbanak comes back Listen to this and archived episodes on Trustwave SpiderLabs Radio or in iTunes. Or you can download the MP3 file directly here....

Debugging SAP ASE .NET Provider Issues

I've recently been chasing a bug that made it impossible to call one built-in stored procedure within SAP Adaptive Server Enterprise (ASE) .NET provider. The procedure in question is sp_loginconfig which exists only on ASE running on Windows platforms. If...