TWSL2011-004: Cross-Site Scripting Vulnerability in ZyXEL ZyWALL 70 Firewall

October 22, 2018 | Josh Grunzweig

Hunter
Read More

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave, A LevelBlue Company.

Alina: Following The Shadow Part 1

August 18, 2018 | Josh Grunzweig

Last I spoke with you, I went into the details of a family of Point of Sale ...

Read More

Backoff - Technical Analysis

July 31, 2014 | Josh Grunzweig

As discussed in the an advisory published by US-CERT, Trustwave SpiderLabs has ...

Read More

JackPOS – The House Always Wins

February 11, 2014 | Josh Grunzweig

A new point of sale (POS) malware family could be a jackpot for credit card ...

Read More

Hacking a Reporter: Writing Malware For Fun and Profit (Part 2 of 3)

November 08, 2013 | Josh Grunzweig

Matthew Jakubowski (@jaku) contributed to the writing of this blog post.

Read More

Hacking a Reporter: Writing Malware For Fun and Profit (Part 1 of 3)

October 31, 2013 | Josh Grunzweig

Matthew Jakubowski (@jaku) contributed to the writing of this blog post.

Read More

Having a Fiesta With Ploutus

October 10, 2013 | Josh Grunzweig

A short while ago, SafenSoft reported a new family ofmalware, named 'Ploutus', ...

Read More

Digging Into the New Apache Injection Module

June 26, 2013 | Josh Grunzweig

I recently got a chance to dig into a couple variants of the new Apache ...

Read More

Alina: Following The Shadow Part 2

June 03, 2013 | Josh Grunzweig

This will likely be the final blog post in this series on the Alina Point of ...

Read More

Alina: Casting a Shadow on POS

May 08, 2013 | Josh Grunzweig

Over the pastfew months, a number of malware families targeting Point of Sale ...

Read More

Basic Packers: Easy As Pie

April 24, 2013 | Josh Grunzweig

Throughout Trustwave SpiderLabs' many forensicinvestigations, we often stumble ...

Read More

Mimicking Attackers: Building Malware for CCDC

March 12, 2013 | Josh Grunzweig

This past weekend my fellow coworkers/friends and myself had the opportunity ...

Read More

The Dexter Malware: Getting Your Hands Dirty

December 13, 2012 | Josh Grunzweig

A very interesting piece of malware that targets Point of Sale systems has ...

Read More

FinSpy Mobile - Configuration and Insight

September 27, 2012 | Josh Grunzweig

A couple of weeks ago, Citizen Lab announced the discovery of the mobile ...

Read More

How Antivirus Saved the Day…Sort of.

August 28, 2012 | Josh Grunzweig

Recently, I found myself in a common situation—helping a comrade in our ...

Read More

Defeating Flame String Obfuscation with IDAPython

June 01, 2012 | Josh Grunzweig

Like many other security research firms, SpiderLabs Research has been actively ...

Read More

RedKit Payload - Binary Fun

May 01, 2012 | Josh Grunzweig

Before I jump into this blog post, I'd like to point out some interesting ...

Read More

Dirty RAT Eats Nate's Banana

March 21, 2012 | Josh Grunzweig

I've got a real treat for everyone today, as I received approval to blog about ...

Read More

Android IRC Bot - This Ain't Your Granny's Android Malware (Or Maybe It Is)

January 18, 2012 | Josh Grunzweig

As I'm sure many of you know, the rise of mobile-based malware has been on the ...

Read More

NickiSpy.C - Android Malware Analysis Demo

October 26, 2011 | Josh Grunzweig

Recently I got the chance to dig into a nice little piece of Android spyware, ...

Read More

Morto: More than Meets the Eye

September 06, 2011 | Josh Grunzweig

There's been a lot of talk the past week or so about Morto. For those ...

Read More

TWSL2011-008: Focus Stealing Vulnerability in Android

August 08, 2011 | Josh Grunzweig

The SpiderLabs team at Trustwave published a new advisory today, which details ...

Read More

TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain

July 25, 2011 | Josh Grunzweig

The SpiderLabs team at Trustwave published a new advisory today, which details ...

Read More

TWSL2011-004: Cross-Site Scripting Vulnerability in ZyXEL ZyWALL 70 Firewall(1)

June 10, 2011 | Josh Grunzweig

The SpiderLabs team at Trustwave published a new advisory today, which details ...

Read More

TWSL2011-003: Vulnerabilities in Avocent Cyclades ACS Web Manager

March 11, 2011 | Josh Grunzweig

The SpiderLabs team at Trustwave published a new advisory today, which details ...

Read More

Mobile Visability Limitation? There's an App for that.

March 08, 2011 | Josh Grunzweig

Last July myself and Christian Papathanasiou presented a DEF CON 18 talk ...

Read More

TWSL2011-002: Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)

February 05, 2011 | Josh Grunzweig

The SpiderLabs team at Trustwave published a new advisory yesterday, which ...

Read More

CVE-2010-4506 and CVE-2010-4507 Released

December 11, 2010 | Josh Grunzweig

The SpiderLabs team published two new advisories today. The first, ...

Read More