OWASP/WASC Distributed Web Honeypots Project Re-Launch - Seeking Participants
March 31, 2015 | Ryan Barnett
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave, A LevelBlue Company.
Drupal Compromise Analysis Including Indicators of Compromise
March 20, 2015 | Ryan Barnett
I would like to thank fellow SpiderLabs Researcher Chaim Sanders and Dennis ...
[Honeypot Alert] FHS Null Byte Attack (CVE-2014-6287) Attempts to Install DDoS Malware (Iptablex)
February 25, 2015 | Ryan Barnett
Our web honeypots picked up some exploit attempts for CVE-2014-6287 which is a ...
Announcing ModSecurity v2.9.0 Stable Release
February 12, 2015 | Ryan Barnett
The SpiderLabs Research - ModSecurity Team is proud to announce the stable ...
GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
January 30, 2015 | Ryan Barnett
A heap-based buffer overflow vulnerability in glibc (CVE-2015-0235) was ...
[Honeypot Alert] Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit Attempt
December 30, 2014 | Ryan Barnett
Our web honeypots picked up some exploit attempts for the recently released ...
ModSecurity Advanced Topic of the Week: Detecting Malware with Fuzzy Hashing
November 27, 2014 | Ryan Barnett
We witnessed a sophisticated phishing campaign on 16th August 2017, targeting ...
Setting HoneyTraps with ModSecurity: Adding Fake Cookies
October 31, 2014 | Ryan Barnett
This blog post continues with the topic of setting "HoneyTraps" within your web ...
Shellshock a Week Later: What We Have Seen
October 01, 2014 | Ryan Barnett
Trustwave, like most other information security firms, has been busy ...
[Honeypot Alert] New Bot Malware (BoSSaBoTv2) Attacking Web Servers Discovered
September 15, 2014 | Ryan Barnett
Our web honeypots picked up some interesting attack traffic. The initial web ...
[Honeypot Alert] Active Probes for WordPress revslider_show_image Plugin Local File Inclusion Flaw
September 03, 2014 | Ryan Barnett
A local file inclusion vulnerability in the WordPress Slider Revolution Plugin ...
Blackhat Arsenal 2014: Live ModSecurity Demonstrations
August 05, 2014 | Ryan Barnett
If you are heading out to Blackhat USA 2014 in Las Vegas this week, please stop ...
[Honeypot Alert] Wordpress XML-RPC Brute Force Scanning
July 23, 2014 | Ryan Barnett
There are news reports of new Wordpress XML-PRC brute force attacks being seen ...
Setting HoneyTraps with ModSecurity: Adding Fake Hidden Form Fields
June 12, 2014 | Ryan Barnett
This blog post continues with the topic of setting "HoneyTraps" within your web ...
ModSecurity Advanced Topic of the Week: JSON Support
May 02, 2014 | Ryan Barnett
Submitted by Felipe Costa and Ryan Barnett (SpiderLabs Research - ModSecurity ...
Announcing ModSecurity v2.8.0
April 16, 2014 | Ryan Barnett
[Honeypot Alert] JCE Joomla Extension Attacks
March 26, 2014 | Ryan Barnett
Our web honeypots picked up some increased exploit attempts for an old Joomla ...
ColdFusion Admin Compromise Analysis (CVE-2010-2861)
March 18, 2014 | Ryan Barnett
In a previous blog post, I provided "Method of Entry" analysis for a ColdFusion ...
WordPress XML-RPC PingBack Vulnerability Analysis
March 12, 2014 | Ryan Barnett
There were news stories this week outlining how attackers are abusing the ...
ModSecurity Advanced Topic of the Week: Detecting Browser Fingerprint Changes During Sessions
February 19, 2014 | Ryan Barnett
This blog post will discuss a section from Recipe 8-5: Detecting Browser ...
ModSecurity Advanced Topic of the Week: HMAC Token Protection
January 24, 2014 | Ryan Barnett
This blog post presents a powerful feature of ModSecurity v2.7 that has been ...
[Honeypot Alert] More PHP-CGI Scanning (apache-magika.c)
November 26, 2013 | Ryan Barnett
In the past 24 hours, one of the WASC Distributed Web Honeypot participant's ...
PHP.Net Site Infected with Malware
October 25, 2013 | Ryan Barnett
Earlier today, users attempting to access the www.php.net site were met with ...
Hiding Webshell Backdoor Code in Image Files
October 11, 2013 | Ryan Barnett
Looks Can Be Deceiving Do any of these pictures look suspicious?
AV Vendors Targeted in Defacement Campaign
October 08, 2013 | Ryan Barnett
Attacked Sites The KDMS hacking team recently defaced several popular websites ...
Setting HoneyTraps with ModSecurity: Adding Fake robots.txt Disallow Entries
August 26, 2013 | Ryan Barnett
The following blog post is taken from Recipe 3-2: Adding Fake robots.txt ...
[Honeypot Alert] Probes for Apache Struts 2.X OGNL Vulnerability
August 16, 2013 | Ryan Barnett
Today our web honeypot sensors picked up probes for the recent Apache Struts ...
The Web IS Vulnerable: XSS on the Battlefront (Part 1)
August 15, 2013 | Ryan Barnett