Loading...
Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Retaliation by the Pro-Russian Group KillNet

At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang - began actively collecting open-source intelligence (OSINT), which drew interest from various threat actor groups. Heightened interest in the OSINT data led to additional actors joining KillNet, growing its membership to include not only Russian cyber criminals, but uniting other cyber gangs sympathetic to Russia.

2022 Trustwave SpiderLabs Telemetry Report

As organizations go about their regular routine of finding and adding new technologies to help increase their overall success, each organization must keep in mind the security implications of each move, along with the fact that much of their current technology stack has to be maintained with a well-thought out and quickly implemented patching program.

The Price Cybercriminals Charge for Stolen Data

For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a cybercriminal can obtain all the information needed to max out a person’s stolen credit card and possibly steal their identity.

IPFS: The New Hotbed of Phishing

We have observed more than 3,000 emails containing phishing URLs that have utilized IPFS for the past 90 days and it is evident that IPFS is increasingly becoming a popular platform for phishing websites.

Want To Become A Red Teamer? This Is What You Need To Know

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company.

Decade Retrospective: The State of Vulnerabilities

Trustwave team believed this was a suitable time to take a minute and review some of the watershed moments that had a major impact on cybersecurity between 2011 and 2021.

CVE-2022-29593- Authentication Bypass by Capture Replay (Dingtian-DT-R002)

This blog post describes an authentication bypass within one such device, that allows an attacker with access to the IP network the ability to capture and subsequently replay discrete device commands, which allows for the switching on and off the physical relays on the device.

The Importance of White-Box Testing: A Dive into CVE-2022-21662

When CVE-2022-21662 (https://nvd.nist.gov/vuln/detail/CVE-2022-21662) came out there wasn’t a much-published material regarding this vulnerability. I want to take some time to explain the importance of using a white-box approach when testing applications for vulnerabilities.

ModBus 101: One Protocol to Rule the OT World

This post will look to illuminate how one tiny legacy protocol, namely "ModBus" could help to understand just how straight forward this could be.

Not all "Internet Connections" are Equal

People commonly think that any “Internet Connection” is exactly the same, or they may be vaguely aware that some connections are faster than others. However, there are significant differences between the connections. While these differences may not matter to someone who just wants to browse websites and read email, they can be significant or even showstoppers for more advanced users or cybersecurity teams remotely conducting vulnerability and security scan s. This is especially true for anyone looking to do security testing or vulnerability scanning.

Trustwave's Action Response: Atlassian Confluence CVE-2022-26134

Trustwave SpiderLabs is tracking the critical-rated zero-day vulnerability CVE-2022-26134. Threat actors are reported to be actively exploiting this vulnerability in the wild. Atlassian disclosed and issued guidance for CVE-2022-26134 on June 2.

Grandoreiro Banking Malware Resurfaces for Tax Season

Trustwave SpiderLabs in early April observed a Grandoreiro malware campaign targeting bank users from Brazil, Spain, and Mexico. The campaign exploits the tax season in target countries by sending out tax-themed phishing emails.

Interactive Phishing: Using Chatbot-like Web Applications to Harvest Information

The Trustwave SpiderLabs Email Security team identified a phishing campaign pretending to be a missed package from DHL. What’s interesting about this campaign is that clicking on the link leads to a chatbot that discusses the missed package, provides pictures of it, and guides the potential victim through providing their credit card information and user credentials.

Stay Connected


Subscribe

Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.


Trending Topics