Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Sextortion Scam Now With Malicious Downloader

Sextortion scams were a hit campaign last year and are continuing in  2019 with a new trick – the inclusion of an archive attachment which contains a malicious JavaScript downloader as “proof”.

Machine Learning Update 1

An update on my Machine Learning project to classify, categorize, and otherwise group like pieces of malware together to better understand and analyze malicious code.

Me Myself and I, Robot

I am conducting a research project to look into using a form of AI/ML/NLP to help categorize and classify the gigabytes of malware we process everyday.

Mongodb - Security Weaknesses in a typical NoSQL database

Over the last year or so, I've noticed 2 ports appearing more frequently during internal penetration tests, namely 27017/tcp and 28017/tcp. These can be easily missed if full port scans are not performed. A quick service scan revealed this as...

Stay Connected


Subscribe

Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.


Trending Topics