This blog post offers insight into Magecart and offers advice on how t protect your systems from this threat using a number of methods including ModSecurity WAF rules.
Blogs & Stories
SpiderLabs Blog
Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.
We are happy to announce ModSecurity version 2.9.3!
At precisely 155 commits ahead of the latest version, ModSecurity version 3.0.3 contains a number of improvements and features to enhance the ModSecurity experience. In this blog post, we'll explain some of the new capabilities in the latest release. Better...
libModSecurity aka ModSecurity version 3.0 is out there. libModSecurity starts a new era in terms of ModSecurity extensibility. The modular architecture provides flexibility to extend ModSecurity core with scripting languages and from scripting languages. Facilitating work such as: UI integration,...
We have recently released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we are highlighting virtual patches...
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we would like to highlight the...
Recently we announced the first release candidate for libModSecurity (also as known as ModSecurity version 3). The goal was to turn ModSecurity into a mature library that could be used seamlessly regardless of web server or platform. The motivations for...
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we are highlighting virtual patches for...
We recently released ModSecurity version 2.9.2. The release contains a number of bug fixes, including two security issues: Allan Boll reported an uninitialized variable that may lead to a crash on Windows platform. Brian Adeloye reported an infinite loop on...
We have released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we would like to highlight the...
The stability of any given project is often tracked by its maturity, which is generally measured by how old the code is. Even though this may be true a lot of the time, here at Trustwave SpiderLabs we wanted to...
We have just released new commercial rules for ModSecurity Web Application Firewall (WAF) v2.9 and above. These rules' purpose is to protect against new emerging attacks that target vulnerabilities in public software. For this release we would like to highlight...
A note from the Trustwave Spiderlabs ModSecurity team: The following blog was written at the culmination of the Google Summer Of Code (GSOC) program by Akhil Koul. The ModSecurity team mentored Akhil to help enhance the open source ModSecurity project...
Have you ever seen a rule for ModSecurity? They may look similar to the following: SecRule REQUEST_URI "@endswith example.com/index.html" "id:1,log,deny,redirect:http://modsecurity.org" This rule may look complicated, but it is extremely basic. It says, if you find a URL ending with example.com/index.html...
The OWASP Core Rule Set (CRS) team is excited to announce the immediate availability of the OWASP Core Rule Set Version 3.0.0 stable release. This release represents over two and a half years of effort with nearly 1000 commits and...
The OWASP Core Rule Set (CRS) is an Open Source project run by the Open Web Application Security Project (OWASP) and is frequently paired with the Open Source ModSecurity project. As part of Trustwave's commitment to ModSecurity, the Spiderlabs Web...
Trustwave has been dedicated to supporting ModSecurity and the associated community for the better part of a decade. Over this time, ModSecurity and the associated OWASP Core Rule Set (CRS) have seen major advances and are currently positioned as leading...
Previous Work As part of our positions at SpiderLabs Research we each get time to undertake various research tasks. Typically on the Web Server Security team we spend this time improving ModSecurity and Trustwave WAF, analyzing the latest web threats,...
libModSecurity is a major rewrite of ModSecurity. It preserves the rich syntax and feature set of ModSecurity while delivering improved performance, stability, and a new experience in easy integration on different. libModSecurity - Motivations While ModSecurity version 2.9.0 is available...
A few weeks ago, FoxGlove Security released this important blog post that includes several Proof-of-Concepts for exploiting Java unserialize vulnerabilities. A remote attacker can gain Remote Code Execution by sending specially crafted payload to any endpoint expecting a serialized...
Stay Connected
Subscribe
Sign up to receive the latest security news and trends from Trustwave.