Tycoon2FA New Evasion Technique for 2025

April 10, 2025 | Rodel Mendrez

Hunter
Read More

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave, A LevelBlue Company.

The State of Magecart: A Persistent Threat to E-Commerce Security

January 09, 2025 | Rodel Mendrez

Trustwave SpiderLabs first blogged about Magecart back in 2019; fast forward ...

Read More

Why Do Criminals Love Phishing-as-a-Service Platforms?

September 23, 2024 | Rodel Mendrez

Phishing-as-a-Service (PaaS) platforms have become the go-to tool for ...

Read More

Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor

June 05, 2024 | Rodel Mendrez

During a recent client investigation, Trustwave SpiderLabs found a malicious ...

Read More

Breakdown of Tycoon Phishing-as-a-Service System

February 20, 2024 | Rodel Mendrez

Just weeks after Trustwave SpiderLabs reported on the Greatness ...

Read More

Apache ActiveMQ Vulnerability Leads to Stealthy Godzilla Webshell

January 18, 2024 | Rodel Mendrez

Trustwave has observed a surge in attacks exploiting vulnerabilities in Apache ...

Read More

Stealthy VBA Macro Embedded in PDF-like Header Helps Evade Detection

September 20, 2023 | Rodel Mendrez

In the ever-evolving landscape of malware threats, threat actors are ...

Read More

Gootloader: Why your Legal Document Search May End in Misery

August 11, 2023 | Rodel Mendrez

Introduction Recently, we’ve seen a noticeable surge in malware cases linked to ...

Read More

HTML File Attachments: Still A Threat

October 06, 2022 | Rodel Mendrez

Introduction This past month, Trustwave SpiderLabs observed that HTML ...

Read More

Pillowmint: FIN7’s Monkey Thief

June 20, 2020 | Rodel Mendrez

In this blog, we take an in-depth technical look at Pillowmint malware samples ...

Read More

Monster Lurking in Hidden Excel Worksheet

March 05, 2020 | Rodel Mendrez

A recent blog by Didier Steven’s showed how malicious Excel 4 macros can be ...

Read More

Undressing the REvil

December 20, 2019 | Rodel Mendrez

Contributors: Lloyd Macrohon and Rodel Mendrez

Read More

Messing with Azorult Part 2: Command and Control

October 18, 2019 | Rodel Mendrez

As we mentioned in our earlier blog, Azorult is very popular in the underground ...

Read More

Messing with Azorult Part 1: Malware Breakdown

October 15, 2019 | Rodel Mendrez

In this blog series, we dive into an information stealing Trojan called Azorult ...

Read More

Digging Deep into Magecart Malware Part II

September 04, 2019 | Rodel Mendrez

Magecart is the name given to notorious groups of hackers that target online ...

Read More

Hiding PHP Code in Image Files Revisited

July 26, 2019 | Rodel Mendrez

Over five years ago, we published a blog detailing how a webshell’s backdoor ...

Read More

Digging Deep Into Magecart Malware

February 21, 2019 | Rodel Mendrez

Last week, one of my SpiderLabs colleagues was working on a PCI forensic triage ...

Read More

Demystifying Obfuscation Used in the Thanksgiving Spam Campaign

November 26, 2018 | Rodel Mendrez

During Thanksgiving week, we noticed this quite unusual XML-format MS Office ...

Read More

Red Alert v2.0: Misadventures in Reversing Android Bot Malware

October 22, 2018 | Rodel Mendrez

(Analysis by Rodel Mendrez and Lloyd Macrohon)

Read More

Crypter-as-a-Service Helps jRAT Fly Under The Radar

March 26, 2018 | Rodel Mendrez

(Contributor: Dr. Fahim Abbasi and Phil Hay)

Read More

CHM Badness Delivers a Banking Trojan

December 18, 2017 | Rodel Mendrez

Like good old Microsoft Office Macros, Compiled HTML (CHM) Help files have been ...

Read More

Tale of the Two Payloads – TrickBot and Nitol

August 04, 2017 | Rodel Mendrez

A couple of weeks ago, we observed the Necurs botnet distributing a new malware ...

Read More

Minimalist Alina PoS Variant Starts Using SSL

June 19, 2017 | Rodel Mendrez

More than four years ago, we published a series of blogs discussing in-depth ...

Read More

SVG Files Are Not As Benign As It May Seem

January 27, 2017 | Rodel Mendrez

Bad guys are getting quite creative trying to evade spam filters and antivirus ...

Read More

Down the Rabbit Hole: Extracting Maliciousness from MSG Files Without Outlook

October 12, 2016 | Rodel Mendrez

Email As Infection Vector

Read More

How I Cracked a Keylogger and Ended Up in Someone's Inbox

July 01, 2016 | Rodel Mendrez

It all started from a spam campaign. Figure 1 shows a campaign we picked up ...

Read More

Massive Volume of Ransomware Downloaders being Spammed

March 09, 2016 | Rodel Mendrez

We are currently seeing extraordinarily huge volumes of JavaScript attachments ...

Read More

3-in-1 Malware Infection through Spammed JavaScript Attachments

December 22, 2015 | Rodel Mendrez

Recently we've observed a massive uptick of malicious spam with JavaScript ...

Read More