Showing 34 results for: 2014 ×Application Security ×

[Honeypot Alert] JCE Joomla Extension Attacks

Our web honeypots picked up some increased exploit attempts for an old Joomla Content Editor (JCE) Extension vulnerability. Although this vulnerability is a few years old, botnet owners are heavily scanning for sites that are vulnerable and attempting to exploit...

ColdFusion Admin Compromise Analysis (CVE-2010-2861)

In a previous blog post, I provided "Method of Entry" analysis for a ColdFusion compromise baed on sanitized data from a SpiderLabs IR/Forensics team investigation which resulted in the attacker's installing a malicious IIS module that captured customer credit card...

WordPress XML-RPC PingBack Vulnerability Analysis

There were news stories this week outlining how attackers are abusing the XML-PRC "pingback" feature of WordPress blog sites to launch DDoS attacks on other sites. This blog post will provide some analysis on this attack and additional information for...

Touchlogging Part 3 - Final Thoughts

This is the third and final part on the subject of Touchlogging. I do recommend reading part one and part two before reading this final part. The previous parts described the technical details of the touchlogging attacks. In this part,...

Touchlogging Part 2 - Android

This is part two in my Touchlogging series, you can find part one here. In part one, I wrote a little bit about the background and how to intercept touch events on jailbroken iOS. This part will focus on Android....

Touchlogging Part 1 - iOS

Although there have been numerous articles posted, I thought I would write about my recent presentation at the RSA Conference on the subject of touchlogging. Since many people have asked, I got the term touchlogging from this paper. I do...

CVE-2014-0050: Exploit with Boundaries, Loops without Boundaries

In this article I will discuss CVE-2014-0050: Apache Commons FileUpload and Apache Tomcat Denial-of-Service in detail. The article reviews the vulnerability's technical aspects in depth and includes recommendations that can help administrators defend from future exploitation of this security issue....

Trustwave Analysis of the January 2014 Oracle CPU

It's the second Tuesday in January, so it is Oracle Critical Patch Update (CPU) time. The January 2014 CPU contains 144 fixes across Oracle's Database, Fusion Middleware, E-Business Suite, PeopleSoft, Siebel, Oracle and Sun Systems Product Suite, MySQL, Oracle Linux and Virtualization, Oracle Java and some other less common product lines.