Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

15 Members of Trustwave's SpiderLabs Selected to Present at DEF CON

Cyber Security Experts Talk About Mobile Security, Disaster Preparedness and Unlikeliest Attacks Ever Seen

CHICAGO (July 26, 2011) -Trustwave, a leading provider of information security and compliance solutions, today announced that fifteen cyber security experts will deliver talks, training sessions and a kids demonstration at DEF CON 19, the world's largest hacker gathering, in Las Vegas, August 4 through 7. The presentations will be delivered by members of Trustwave's SpiderLabs, the team of ethical hackers responsible for application security, incident response and forensics, penetration testing and security research.

Thomas Wilhelm, senior security consultant, will present Staying Connected during a Revolution or Disaster, in response to the wake of recent revolutions in the Middle East and Africa where telecommunications services were diminished in response to organized demonstrations. The discussion will examine the breakdowns in telecommunication channels - intentional and otherwise - that can occur during crucial moments, including revolutions, protests, and natural disasters. Wilhelm's talk will conclude with the introduction of a new open source tool that will have the capabilities to generate spontaneous networks in times of crisis using current cellular phone technology.

Rob Havelt, director of penetration testing, and Wendel Henrique, security consultant, will present Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests, which will review a massive collection of the weirdest, freakiest, rarest, and most bizarre hacks ever seen in the wild. Trustwave's SpiderLabs has performed thousands of penetration tests and has a large collection of first-hand accounts of these unlikely hacks. The presentation will also discuss how systems employed by companies can also be leveraged by an attacker to harm the very network they are protecting.

For a second year, Nicholas J. Percoco, senior vice president and head of Trustwave's SpiderLabs, and Sean Schulte, software engineer, will present This is REALLY Not the Droid You're Looking For, which focuses on the User Interface (UI) of the Android OS. After a successful talk on the implication of malware and rootkits on mobile devices during DEF CON 18, this year's presentation will look at potential flaws in the Android OS. Using legitimate and documented APIs, they will demonstrate vulnerabilities around credentials and other user information from the most popular applications in the Android market.

Andrew Wilson, security consultant, will deliver Traps of Gold, a study which examines the offenses and defenses of web application security and introduces "maneuverability" - a new strategy for fighting back. This style of fighting aims to make hackers expend their resources while strategically positioning the potential victim organization to better prevent hacks. Real world examples of this technique will be demonstrated.

"We are delighted to be increasing our presence and involvement at one of the most respected gatherings of cyber security experts," said Robert J. McCullen, chairman, CEO and president of Trustwave. "Additionally, we're honored that two of our speakers have been asked to run newly created training sessions at DEF CON, which we feel is an important step towards further educating the public about cyber security."

Other talks that Trustwave's SpiderLabs will present include:

  • Steve Ocepek will deliver Blinkie Lights: Network Monitoring with Arduino, which will introduce new concepts around network visibility, offering insight on how typical users can help to secure the network.
  • David Bryan and Luiz Eduardo, along with other panelists, will present Building the DEF CON Network, Making a Sandbox for 10,000 Hackers, which will cover how the DEF CON network team builds a network from scratch, in three days with very little budget, to support several thousand users concurrently.
  • Nicholas J. Percoco and Paul Kehrer will deliver Getting SSLizzard, a discussion and demonstration of flaws at both the application and OS layer that need to be addressed by both the mobile application developers, as well as the mobile device manufacturers. The talk will include the discovery of a recent iOS vulnerability and include a live audience participation to discover similar flaws in other mobile devices.
  • Grayson Lenik will present I'm your MAC(b) Daddy, which will cover the use of file system timelines to crack data breach cases and illustrate how to defeat common anti-forensics techniques. He will also review the tools and techniques available to perform these tasks and demonstrate how quickly this data can be obtained and parsed.
  • Nicholas J. Percoco and Jibran Ilyas will deliver Malware Freakshow 3, for a third year. In this installment, Percoco and Ilyas will highlight four new pieces of malware where the victims are you and people you know. These pieces of malware can be found at work, at the grocery store, mobile phone, and even a local watering hole.
  • Ryan Linn will present PIG: Finding Truffles Without Leaving a Trace, which will review and dissect traffic emitted from computers connected to networks. This simple connection produces a fair amount of information about the computer and its user, which can then be used to profile corporate users and computers without a malicious attack.
  • Dan Crowley will deliver Speaking with Cryptographic Oracles, a discussion of methods for finding and exploiting encryption, decryption, and padding oracles.

Latest News Releases

New Trustwave SpiderLabs Research Exposes Unique Cybersecurity Threats Facing Education Industry

Chicago – February 22, 2024 – Trustwave, a leading cybersecurity and managed security services provider, today released comprehensive research uncovering unique cybersecurity threats faced by...

Read More

Trustwave MailMarshal Now Available on Microsoft Azure Marketplace

Chicago – February 1, 2024 – Trustwave, a global cybersecurity and managed security services leader, today announced the availability of Trustwave MailMarshal on the Microsoft Azure Marketplace, an...

Read More

Aquion and Trustwave Announce Strategic Partnership to Boost Cybersecurity in Australia and New Zealand

Sydney, Australia - Jan 30, 2024 - Aquion, a specialist in value-added software distribution, proudly announces its strategic partnership with global managed cybersecurity leader Trustwave. This...

Read More