Showing 10 results for: March 2016 ×

TWSL2016-006: Multiple XSS Vulnerabilities reported for Zen Cart

Today Trustwave released a vulnerability advisory in conjunction with Zen Cart. Researchers from the SpiderLabs Research team at Trustwave recently found multiple Cross-Site Scripting (XSS) vulnerabilities in the popular online open source shopping cart application. The vulnerabilities affect Zen Cart...

Every Tool in the Tool Box

Introduction When I teach people about reverse engineering, I often hear the following statement: "I got the right answer, but I cheated to get it". They are typically talking about using dynamic analysis to get an answer versus statically analyzing...

Angler Takes Malvertising to New Heights

We have just discovered an advertising campaign that has been placing malicious advertisements on very popular websites both in the US and internationally. "answers.com" (Alexa rank 420 Global and 155 in the US), "zerohedge.com" (Ranked 986 in the US) and...

Massive Volume of Ransomware Downloaders being Spammed

We are currently seeing extraordinarily huge volumes of JavaScript attachments being spammed out, which, if clicked on by users, lead to the download of a ransomware. Ransomware encrypts data on a hard drive, and then demands payment from the victim...

Microsoft Patch Tuesday, March 2016

Today is March's Patch Tuesday with 13 bulletins and 39 unique CVEs, which is about the same level of release as we received in February. This includes five bulletins rated Critical and the remaining eight rated Important. As always, both...

PoSeidon Completionist

Introduction Most gamers have explored every nook and cranny of their favorite game, completing achievements for hours after they finished the main story line. This same completionist attitude drives a lot of forensic investigators to try to solve every last...

Data Extraction via String Concatenation in a Blind SQL Injection Vulnerability

A few weeks ago while performing a web application test for $CLIENT, I happened to run into search functionality. As one of the very first standard tests I inserted a single quote ' into the search field and clicked the search button. The SQL error message that was returned was the stuff dreams are made of (ie: a lot of info, slightly vague, not everything there, but enough in that moment to make you really, really believe). After a few quick tests to see if anything easy could be obtained (nope, no such luck), and confirming that I wouldn't be negatively impacting $CLIENT's systems if I did so, I turned it over to automated tools and went about testing other parts of the application.