Trustwave security teams are aware of two zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) impacting Microsoft Exchange Server 2013, 2016, and 2019 that, if exploited, can allow an attacker to elevate privilege and remote code execution capability.

During a penetration test, Trustwave Spiderlabs’ researcher, Jordan Hedges, identified two vulnerabilities in third-party software for Canon Medical’s Vitrea View (https://anz.medical.canon/).

At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang - began actively collecting open-source intelligence (OSINT), which drew interest from various threat actor groups. Heightened interest in the OSINT data led to additional actors joining KillNet, growing its membership to include not only Russian cyber criminals, but uniting other cyber gangs sympathetic to Russia.

As organizations go about their regular routine of finding and adding new technologies to help increase their overall success, each organization must keep in mind the security implications of each move, along with the fact that much of their current technology stack has to be maintained with a well-thought out and quickly implemented patching program.

Oracle Communications Session Border Controller (SBC) is one of the most popular products worldwide that helps service providers deliver trusted, carrier-grade, real-time communications such as VoLTE, VoIP, video conferencing and calling, presence, IM, and IPTV.

Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy.

For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a cybercriminal can obtain all the information needed to max out a person’s stolen credit card and possibly steal their identity.

We have observed more than 3,000 emails containing phishing URLs that have utilized IPFS for the past 90 days and it is evident that IPFS is increasingly becoming a popular platform for phishing websites.

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company.

Trustwave team believed this was a suitable time to take a minute and review some of the watershed moments that had a major impact on cybersecurity between 2011 and 2021.

This blog post describes an authentication bypass within one such device, that allows an attacker with access to the IP network the ability to capture and subsequently replay discrete device commands, which allows for the switching on and off the physical relays on the device.

Facebook Messenger is one of the most popular messaging platform in the world, amassing 988 million monthly active users as of January 2022 according to Statista.

When CVE-2022-21662 (https://nvd.nist.gov/vuln/detail/CVE-2022-21662) came out there wasn’t a much-published material regarding this vulnerability. I want to take some time to explain the importance of using a white-box approach when testing applications for vulnerabilities.

This post will look to illuminate how one tiny legacy protocol, namely "ModBus" could help to understand just how straight forward this could be.

A zero-day vulnerability has been re-disclosed that is very similar to the Follina zero-day announced last week and is actively being tracked by Trustwave SpiderLabs.

People commonly think that any “Internet Connection” is exactly the same, or they may be vaguely aware that some connections are faster than others. However, there are significant differences between the connections. While these differences may not matter to someone who just wants to browse websites and read email, they can be significant or even showstoppers for more advanced users or cybersecurity teams remotely conducting vulnerability and security scan s. This is especially true for anyone looking to do security testing or vulnerability scanning.

Trustwave SpiderLabs is tracking the critical-rated zero-day vulnerability CVE-2022-30190. Threat actors are reported to be actively exploiting this vulnerability in the wild. Microsoft disclosed and issued guidance for CVE-2022-30190 on May 30.

Trustwave SpiderLabs is tracking the critical-rated zero-day vulnerability CVE-2022-26134. Threat actors are reported to be actively exploiting this vulnerability in the wild. Atlassian disclosed and issued guidance for CVE-2022-26134 on June 2.

Trustwave SpiderLabs in early April observed a Grandoreiro malware campaign targeting bank users from Brazil, Spain, and Mexico. The campaign exploits the tax season in target countries by sending out tax-themed phishing emails.

The Trustwave SpiderLabs Email Security team identified a phishing campaign pretending to be a missed package from DHL. What’s interesting about this campaign is that clicking on the link leads to a chatbot that discusses the missed package, provides pictures of it, and guides the potential victim through providing their credit card information and user credentials.