Showing 11 results for: June 2017 ×

Elephone P9000 Lock Screen Lockout Bypass

Brute force attacks against smartphones are not usually a viable attack vector. Manufacturers employ scaling lockouts that progress into longer and longer periods between attempts and, if the user is security conscious, the device may wipe after 10 attempts. However...

0-Day Alert: Your Humax WiFi Router Might Be In Danger

Over the years WiFi Routers have been notoriously susceptible to simple attacks. In early 2017, Trustwave SpiderLabs Researcher Simon Kenin identified 43 different models of Netgear Router to be vulnerable for Remote and Local Password Disclosure. More recently, in May...

The Petya/NotPetya Ransomware Campaign

This is an ongoing, emerging story and may be updated after posting. There is a new wormlike ransomware campaign on the loose today and you wouldn't be mistaken if you're experiencing a little WannaCry deja vu. The campaign has been...

ModSecurity version 3: Fuzzing as part of the QA

The stability of any given project is often tracked by its maturity, which is generally measured by how old the code is. Even though this may be true a lot of the time, here at Trustwave SpiderLabs we wanted to...

Minimalist Alina PoS Variant Starts Using SSL

More than four years ago, we published a series of blogs discussing in-depth analysis of Alina Point of Sale (PoS) malware. And for the past four years, it is interesting to see how different iterations of Alina POS malware keep...

Microsoft Patch Tuesday, June 2017

For the June 2017 Patch Tuesday Microsoft is releasing 97 CVEs, nearly double the number of vulnerabilities patched in May. The release includes patches for 19 CVEs rated "Critical", 76 rated "Important" and one vulnerability each rated "Moderate" and "Low"....