Showing 8 results for: February 2016 ×

Angler Exploit Kit – Gunning For the Top Spot

They say that with great power comes great responsibility. In the world of websites the more popular your website is the greater your responsibility, and being responsible means, amongst other things, keeping your systems up-to-date. We've recently come across an...

TrustKeeper Scan Engine Update for February 17, 2016

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

Microsoft Patch Tuesday, February 2016

February Patch Tuesday is here with double the number of vulnerabilities that were patched in January. In all there are thirteen bulletins issued this month patching 36 unique CVEs. Four of the bulletins are rated Critical. This includes 14 vulnerabilities...

AppDetectivePRO and DbProtect Knowledgebase Update 4.58

This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now available. Knowledgebase version 4.58 includes new checks for MySQL and Oracle, new policies for DISA-STIG Oracle 11G V8R1-15 -Audit, and updated checks for IBM DB2 LUW. New Vulnerability and...

Base64 versus Plaintext Observations

Recently we have been working on the libmodsecurity project. As part of the project we no longer use the Apache Portable Runtime (APR) as part of the core ModSecurity. While this change has allowed us to increase performance, portability, and...

TrustKeeper Scan Engine Update for February 03, 2016

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the more interesting vulnerability tests we added...

Sending ModSecurity Logs to MySQL

Previous Work As part of our positions at SpiderLabs Research we each get time to undertake various research tasks. Typically on the Web Server Security team we spend this time improving ModSecurity and Trustwave WAF, analyzing the latest web threats,...