Showing 106 results for: 2012 ×Security Research ×

Web Application Defense: Bayesian Attack Analysis

Regular Expressions for Input Validation If your web application defensive strategy against injection attacks relies solely upon the use of blacklist regular expression for input validation, it is only a matter of time before an attacker finds an evasion. Want...

Blackhole Exploit Kit v2

A few days ago a new version of THE most common exploit kit was released. Unlike most exploit kit authors, who try to keep a low profile, the author of Blackhole publishes his work in Russian forums and even writes...

TrustKeeper Scan Engine Update - September 14, 2012

Yes folks, it is time again for another update on the new developments in the TrustKeeper Scan Engine. This update includes coverage for three new vulnerabilities for phpMyAdmin. These vulnerabilities are cross-site scripting vulnerabilities in a variety of components that...

Getting a Start in the Security Industry

This has been a fairly common topic over the last year and I've seen plenty of blog posts and presentations about the subject. For me personally, many just don't cover the information I've found to be essential during my entrance...

The Patsy Proxy: Getting others to do your dirty work

Patsy (slang) - A person easily taken advantage of, cheated, blamed, or ridiculed. My girlfriend (@savagejen) and I will be presenting at Derbycon this year about some research we've done into systems not configured as proxies, but which will pass...

Backward Compatibility Plays to Malware's Hands

Maintaining backward compatibility in software products is hard. Technology evolves on a daily basis, and while it feels "right" to go ahead and ditch the old technology in favor of the new, it sometimes might cause issues, especially when a...

TrustKeeper Scan Engine Update - August 29, 2012

Today marks the next update to the TrustKeeper Scan Engine and as usual, we have been slaving away in the dungeon annihilating new vulnerabilities with sword and shield. This update includes a recent Dell SonicWALL Scrutinizer (also know as Plixer...

Client-side Payload - The Brazilian Way.

My name is Wendel Guglielmetti Henrique, and I'm a senior security consultant at Trustwave's SpiderLabs. I have over 12 years experience in Information Technology, with the last 7 years dedicated to penetration testing. My recent presentations include RSA Conference 2012...

All Your Password Hints Are Belong to Us

This past weekend I ended up coming into the SpiderLabs office and "nerded out" with my good friend Ryan Reynolds to follow-up on the research we released at DEFCON and BlackHat this year. As some of you may already know,...

Announcing the availability of ModSecurity extension for IIS

This blog post has also been posted on the Microsoft Security Research and Defense site: By: Greg Wroblewski, Microsoft Security Engineering Center Ryan Barnett, Trustwave SpiderLabs Vulnerabilities in on-line services, like cross-site scripting, cross-site request forgery, or even information disclosure,...

Spam Down II: Grum Down

So the media is abuzz with news of the takedown of the Grum botnet, which has caused a big reduction in spam. Make no mistake this is welcome news indeed, and credit to Atif Mushtaq from FireEye for taking action....

Analyzing PDF Malware - Part 3D

Part 3D of a demonstration on analyzing malware embedded within a suspicious PDF document. This finale post of the series illuminates the ultimate goal of the malware and concludes with a discussion on ways to protect yourself from similar attack vectors.

Spam Down: Where is Lethic?

At Trustwave SpiderLabs we keep a close eye on spam trends. We keep and publish a bunch of statistics relating to spam, and last week people were asking me where these were as the old M86 website is phased out....

TrustKeeper Scan Engine Update - July 12, 2012

The latest update to the TrustKeeper scan engine has been released. This update includes a lot of under-the-hood work for core protocol libraries such as SSL, SNMP, Kerberos and SSH. These improvements allow the scan engine to be more efficient...

Analyzing PDF Malware - Part 3C

Part 3C of a demonstration on analyzing malware embedded within a suspicious PDF document. This part specifically deals with dynamic analysis of the discovered shellcode itself within a virtual machine.

Wham Bam, the Cutwail/Blackhole Combo

Over the past few weeks we have seen a resurgence of malicious spam with links leading off to the Blackhole exploit kit. Last week about 2% of spam hitting our traps fell into this category, which is pretty significant given...

TrustKeeper Scan Engine Update

A new update to the TrustKeeper scan engine is being released, with several new vulnerability detections and numerous internal improvements. The new vulnerabilities detected include several that were fixed in the latest release of Wordpress, 3.3.2, including three cross-site scripting...