Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

The Price Cybercriminals Charge for Stolen Data

For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a cybercriminal can obtain all the information needed to max out a person’s stolen credit card and possibly steal their identity.

IPFS: The New Hotbed of Phishing

We have observed more than 3,000 emails containing phishing URLs that have utilized IPFS for the past 90 days and it is evident that IPFS is increasingly becoming a popular platform for phishing websites.

Want To Become A Red Teamer? This Is What You Need To Know

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company.

Decade Retrospective: The State of Vulnerabilities

Trustwave team believed this was a suitable time to take a minute and review some of the watershed moments that had a major impact on cybersecurity between 2011 and 2021.

CVE-2022-29593- Authentication Bypass by Capture Replay (Dingtian-DT-R002)

This blog post describes an authentication bypass within one such device, that allows an attacker with access to the IP network the ability to capture and subsequently replay discrete device commands, which allows for the switching on and off the physical relays on the device.

The Importance of White-Box Testing: A Dive into CVE-2022-21662

When CVE-2022-21662 (https://nvd.nist.gov/vuln/detail/CVE-2022-21662) came out there wasn’t a much-published material regarding this vulnerability. I want to take some time to explain the importance of using a white-box approach when testing applications for vulnerabilities.

ModBus 101: One Protocol to Rule the OT World

This post will look to illuminate how one tiny legacy protocol, namely "ModBus" could help to understand just how straight forward this could be.

Not all "Internet Connections" are Equal

People commonly think that any “Internet Connection” is exactly the same, or they may be vaguely aware that some connections are faster than others. However, there are significant differences between the connections. While these differences may not matter to someone who just wants to browse websites and read email, they can be significant or even showstoppers for more advanced users or cybersecurity teams remotely conducting vulnerability and security scan s. This is especially true for anyone looking to do security testing or vulnerability scanning.

Trustwave's Action Response: Atlassian Confluence CVE-2022-26134

Trustwave SpiderLabs is tracking the critical-rated zero-day vulnerability CVE-2022-26134. Threat actors are reported to be actively exploiting this vulnerability in the wild. Atlassian disclosed and issued guidance for CVE-2022-26134 on June 2.

Grandoreiro Banking Malware Resurfaces for Tax Season

Trustwave SpiderLabs in early April observed a Grandoreiro malware campaign targeting bank users from Brazil, Spain, and Mexico. The campaign exploits the tax season in target countries by sending out tax-themed phishing emails.

Interactive Phishing: Using Chatbot-like Web Applications to Harvest Information

The Trustwave SpiderLabs Email Security team identified a phishing campaign pretending to be a missed package from DHL. What’s interesting about this campaign is that clicking on the link leads to a chatbot that discusses the missed package, provides pictures of it, and guides the potential victim through providing their credit card information and user credentials.

PwnFox - An IDOR Hunter's Best Friend

So, what is PwnFox? To put it simply, it’s a BurpPro extension that works with Firefox. It accomplishes two things. First, it helps containerize up to eight (yes, that’s right… eight!) different sessions within one browser and secondly, it organizes all your proxied traffic in Burp BY COLOR!

Trustwave’s Action Response: F5 BIG-IP Vulnerability (CVE-2022-1388)

Trustwave SpiderLabs is tracking a new critical-rated vulnerability (CVE-2022-1388) affecting F5 BIG-IP network devices. Threat actors are reported to be actively exploiting this vulnerability in the wild. F5 disclosed and issued a patch for CVE-2022-1388 on May 4.

Tough Times for Ukrainian Honeypot?

Hackers - both bad and good, government related or private groups - have their hands full every day as never before and compounding the situation is the Russia-Ukraine (UA) war which has sparked a cyber storm.

Trustwave’s Action Response: CVE-2022-22965 and CVE-2022-22963

Trustwave security and engineering teams are actively investigating the vulnerabilities CVE-2022-22965 (also referenced by other vendors at Spring4Shell / SpringShell) and CVE-2022-22963 and potential exploits. We are diligently watching over our clients for exposure and associated attacks and are taking action with approved mitigation efforts.

Cyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns

The Trustwave SpiderLabs email security team has been monitoring the ongoing Russia-Ukraine crisis to ensure that our clients are protected and aware of any imminent threats. This research blog captures some of the phishing email threats we have discovered.

Stay Connected


Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.

Trending Topics