[Honeypot Alert] phpThumb() 'fltr[]' Parameter Command Injection Detected

December 28, 2011 | Ryan Barnett

The SpiderLabs Research Team has identified active scanning for the phpThumb() ...

Read More

[Honeypot Alert] Plone and Zope Remote Command Execution Detected

December 27, 2011 | Ryan Barnett

We have identified active scanning for the recent Plone and Zope Remote Command ...

Read More

[Honeypot Alert] User Agent Field Arbitrary PHP Code Execution

December 21, 2011 | Ryan Barnett

While reviewing today's web honeypot logs, SpiderLabs Research identified two ...

Read More

Announcing Release of OWASP ModSecurity Core Rule Set v2.2.3

December 19, 2011 | Ryan Barnett

The SpiderLabs Research Team is pleased to announce the ModSecurity OWASP Core ...

Read More

[Honeypot Alert] phpAlbum PHP Code Execution Attacks

December 19, 2011 | Ryan Barnett

We have seen a number of scans probing for phpAlbum code execution vulns in our ...

Read More

[Honeypot Alert] Awstats Command Injection Scanning Detected

December 13, 2011 | Ryan Barnett

Issue Detected Our daily web honeypot analysis has detected an increase in ...

Read More

[Honeypot Alert] WordPress/Joomla/Mambo SQL Injection Scanning Detected

December 09, 2011 | Ryan Barnett

Our web honeypot analysis today detected scanning looking for SQL Injection ...

Read More

[Honeypot Alert] WordPress/Joomla/Mambo SQL Injection Scanning Detected

December 09, 2011 | Ryan Barnett

Our web honeypot analysis today detected scanning looking for SQL Injection ...

Read More

[Honeypot Alert] Mass Joomla Component LFI Attacks Identified

November 17, 2011 | Ryan Barnett

Joomla Component LFI Vulnerabilities Joomla has hundreds of Controller ...

Read More

ModSecurity Advanced Topic of the Week: Remote File Inclusion Attack Detection

September 11, 2011 | Ryan Barnett

Remote file inclusion (RFI) is a popular technique used to attack web ...

Read More

Implementing AppSensor Detection Points in ModSecurity

August 31, 2011 | Ryan Barnett

This is a follow-up to a previous blog post entitled "Real-time Application ...

Read More

Detecting Malice with ModSecurity: (Updated) CSRF Attacks

August 30, 2011 | Ryan Barnett

UPDATE - since this original post, we added new data manipulation capabilities ...

Read More

(Updated) Mitigation of Apache Range Header DoS Attack

August 24, 2011 | Ryan Barnett

Update After deeper research into the underlying vulnerability and analyzing ...

Read More

ModSecurity Advanced Topic of the Week: (Updated) Exception Handling

August 23, 2011 | Ryan Barnett

UPDATE - since this original post, we added new exception handling capabilities ...

Read More

ModSecurity Advanced Topic of the Week: Automated Virtual Patching Script

August 18, 2011 | Ryan Barnett

Automated Virtual Patching Example Script

Read More

ModSecurity Advanced Topic of the Week: Audit Log Searching with ModGrep

August 11, 2011 | Ryan Barnett

This is an updated section from my previous book Preventing Web Attacks with ...

Read More

What Web Application Security Monitoring Can Learn From Casino Surveillance

August 07, 2011 | Ryan Barnett

Read More

Detecting Malice with ModSecurity: HoneyTraps

August 02, 2011 | Ryan Barnett

This week's installment of Detecting Malice with ModSecurity will discuss how ...

Read More

Live ModSecurity Challenges at Blackhat Arsenal

July 28, 2011 | Ryan Barnett

ModSecurity is participating in the upcoming Blackhat Arsenal Tools Demo next ...

Read More

ModSecurity SQL Injection Challenge: Lessons Learned

July 26, 2011 | Ryan Barnett

This is a post-mortem blog post to discuss the successful Level II evasions ...

Read More

Advanced Topic of the Week: (Updated) Real-time Blacklist Lookups

July 19, 2011 | Ryan Barnett

Updated - the information in this blog has been updated to reflect the current ...

Read More

Announcing Release of ModSecurity v2.6.1

July 18, 2011 | Ryan Barnett

Availability of ModSecurity 2.6.1-RC1 Release (July 18, 2011) The ModSecurity ...

Read More

(Updated) ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks

July 13, 2011 | Ryan Barnett

Update - the latest version of the ModSecurity 2.6 has a new directive called ...

Read More

Announcing the ModSecurity SQL Injection Challenge

June 22, 2011 | Ryan Barnett

The ModSecurity Project Team is happy to announce our first community hacking ...

Read More

ModSecurity Advanced Topic of the Week: Application Logout Response Actions

June 21, 2011 | Ryan Barnett

Application Defense Response Actions What is the best way to respond to ...

Read More

Patch the Vuln - Feathers - SQLi

June 20, 2011 | Ryan Barnett

Spot the Vuln -> Patch the Vuln SpotTheVuln This blog post series is ...

Read More

ModSecurity Advanced Topic of the Week: Unicode Mapping Support

June 07, 2011 | Ryan Barnett

Read More

ModSecurity Happy Hour at Blackhat USA 2011

June 06, 2011 | Ryan Barnett

I am excited to announce that SpiderLabs will be hosting a ModSecurity Happy ...

Read More