Showing 63 results for: 2016 ×

Steganalysis, the Counterpart of Steganography

In my last blog post I discussed the art of embedding secret messages in any file so that only the sender and the receiver know about the presence of that message. This is called steganography. In this post I will...

Raiding the Piggy Bank: Webshell Secrets Revealed

Introduction A recent investigation into credit card fraud that was enabled by a webshell revealed several interesting methods used by the attacker. These methods are the subject of this blog, as well as providing some suggestions on what E-commerce companies...

Microsoft Patch Tuesday, December 2016

December's Patch Tuesday is here to greet you with the pleasant tidings of patches for all of your (currently known Microsoft) vulnerabilities. It's a big release just in time for the holidays with 12 bulletins covering 48 CVEs. Five of...

A Backdoor in Skype for Mac OS X

Trustwave recently reported a locally exploitable issue in the Skype Desktop API Mac OS-X which provides an API to local programs/plugins executing on the local machine. The API is formally known as the Desktop API (previously known as the Skype...

New Carbanak / Anunak Attack Methodology

In the last month Trustwave was engaged by multiple hospitality businesses for investigations by an unknown attacker or attackers. The modus operandi for all three investigations were very similar and appear to be a new Carbanak gang attack methodology, focused...

OWASP Core Rule Set 3.0.0 (Final) release

The OWASP Core Rule Set (CRS) team is excited to announce the immediate availability of the OWASP Core Rule Set Version 3.0.0 stable release. This release represents over two and a half years of effort with nearly 1000 commits and...

Microsoft Patch Tuesday, November 2016

The November Patch Tuesday is here and it's a big one with 14 bulletins covering 68 unique CVEs. Despite the large volume of patches, this patch cycle still promises to be less painful than Election Day here in the USA....

Bopup Communications Server Remote Buffer Overflow Vulnerability

Trustwave recently discovered a remotely exploitable issue in all current versions of "B Labs" Bopup Communications Server. The issues were discovered and confirmed to exist in version 4.5.1.12872 as detailed in the recently posted Trustwave advisory. Bopup Communications Server runs...

OWASP ModSecurity CRS Version 3.0 RC2 Released

The OWASP Core Rule Set (CRS) is an Open Source project run by the Open Web Application Security Project (OWASP) and is frequently paired with the Open Source ModSecurity project. As part of Trustwave's commitment to ModSecurity, the Spiderlabs Web...

Microsoft Patch Tuesday, October 2016

October has arrived with seasonal changes and a new Microsoft Patch Tuesday. This Patch Tuesday brings with it 10 bulletins with a total of 36 unique CVE's, definitely a step back from September's massive list, but also not a light...

RIG's Facelift

RIG EK has been in the headlines recently mainly because both EITEST and PseudoDarkLeech (big traffic gates) have been redirecting traffic to RIG to deliver the CrypMIC Ransomware. A year ago we published a deep analysis of RIG which described...

Steganography... what is that?

When people think about Information Security the first word that generally comes mind is "Hacking", but there are many disciplines in security and one of them is called "Steganography", an offshoot of encryption and "data hiding". The word "steganography" can...

Necurs – the Heavyweight Malware Spammer

Today we want to dwell upon a pesky botnet that goes by the name of Necurs, and in particular its spamming activities. The botnet has been responsible for a massive amount of malware distributed via spam over the last 18...

Microsoft Patch Tuesday, September 2016

September's Patch Tuesday is upon us and it's the biggest one so far this year. While past months have been relatively light, September has nearly twice as many vulnerabilities patched compared to August. All told September contains 14 bulletins patching...

Sundown EK – Stealing Its Way to the Top

Sundown is one of the newest Exploit Kits on the market these days, and like many up-and-coming exploit kits before it, this means that it is in under constant development. With the recent disappearance of the Angler and Nuclear exploit...

OWASP ModSecurity CRS Version 3.0 RC1 Released

Trustwave has been dedicated to supporting ModSecurity and the associated community for the better part of a decade. Over this time, ModSecurity and the associated OWASP Core Rule Set (CRS) have seen major advances and are currently positioned as leading...

Microsoft Patch Tuesday, August 2016

Today is August's Patch and with only 9 bulletins with 27 unique CVEs it's one of the lightest months in recent history. Four of the bulletins are rated Critical with the other five are rated as Important. Internet Explorer and...