ModSecurity Request Body Parsing: Recent Bypass Issues

October 13, 2022 | Trustwave SpiderLabs

Hunter
Read More

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave, A LevelBlue Company.

The Price Cybercriminals Charge for Stolen Data

August 03, 2022 | Trustwave SpiderLabs

For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, ...

Read More

Stormous: The Pro-Russian, Clout Hungry Ransomware Gang Targets the US and Ukraine

April 29, 2022 | Trustwave SpiderLabs

May 2 Stormous update: The Trustwave SpiderLabs team has noted Stormous’ ...

Read More

Cyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns

March 25, 2022 | Trustwave SpiderLabs

The Trustwave SpiderLabs email security team has been monitoring the ongoing ...

Read More

Trustwave’s Action Response: The Lapsus$ Hacker Group Shows Us the Importance of Securing the Digital Supply Chain

March 23, 2022 | Trustwave SpiderLabs

Update March 24: This blog has been updated to reflect the new information ...

Read More

Law Enforcement Collaboration Has Eastern-European Cybercriminals Questioning Whether There Is A Safe Haven Anymore

December 08, 2021 | Trustwave SpiderLabs

Through the active Dark Web research that Trustwave SpiderLabs conducts for its ...

Read More

ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)

November 24, 2021 | Trustwave SpiderLabs

ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...

Read More

Trustwave's Action Response to the Microsoft Exchange Server Zero-Day Vulnerabilities and Attacks

March 08, 2021 | Trustwave SpiderLabs

UPDATES

Read More

Trustwave’s Action Response To the FireEye Data Breach & SolarWinds Orion Compromise

December 31, 2020 | Trustwave SpiderLabs

UPDATES This blog post was updated March 17 to include information on new ...

Read More

Trustwave’s Action Response To the FireEye Data Breach

December 11, 2020 | Trustwave SpiderLabs

Update With the new information and developments released by FireEye, we have ...

Read More

ModSecurity Denial of Service Details - CVE-2019-19886

January 20, 2020 | Trustwave SpiderLabs

ModSecurity is an open-source WAF engine maintained by Trustwave. As a lively ...

Read More

A Call for Cooler Heads

November 08, 2019 | Trustwave SpiderLabs

One of the unfortunate parts of a business like ours is when disputes arise ...

Read More

10 Years On – A Look Back at MS08-067

October 24, 2018 | Trustwave SpiderLabs

It has been ten years since the release of MS08-067. Unlike many of the other ...

Read More

Creating the ModSecurity v3 IDS connector as part of Google Summer of Code

January 27, 2017 | Trustwave SpiderLabs

A note from the Trustwave Spiderlabs ModSecurity team:

Read More

Trustwave 2015 Global Security Report Available Now

June 09, 2015 | Trustwave SpiderLabs

Read More

AppDetectivePRO and DbProtect Knowledgebase Update 4.46

February 19, 2015 | Trustwave SpiderLabs

This month's update for our AppDetectivePRO and DbProtect Knowledgebase is now ...

Read More

RIG Exploit Kit Source Code Leak - The End or Just the Beginning of RIG?

February 12, 2015 | Trustwave SpiderLabs

Recently, source code for the RIG exploit kit was leaked. An independent ...

Read More

The SpiderLabs blog will move to the Trustwave domain this week

February 04, 2015 | Trustwave SpiderLabs

In the coming days, the SpiderLabs blog will move-in to its new home within the ...

Read More

Indicators of Compromise: A Discussion with Karl Sigler

September 12, 2014 | Trustwave SpiderLabs

Head over to the Trustwave blog for a video discussion about indicators of ...

Read More

Magnitude Exploit Kit Backend Infrastructure Insight - Part I

August 07, 2014 | Trustwave SpiderLabs

In our recently released Trustwave Global Security Report Online and previous ...

Read More

A Peek Into the Lion's Den – The Magnitude [aka PopAds] Exploit Kit

August 05, 2014 | Trustwave SpiderLabs

Recently we managed to get an unusual peek into the content that is used on the ...

Read More

2014 Trustwave Global Security Report Available Now

May 21, 2014 | Trustwave SpiderLabs

Read More

Microsoft Internet Explorer 0-Day (CVE-2014-1776)

May 05, 2014 | Trustwave SpiderLabs

A zero-day vulnerability in Microsoft Internet Explorer, CVE-2014-1776, was ...

Read More

Microsoft Word RTF 0-Day (CVE-2014-1761)

April 03, 2014 | Trustwave SpiderLabs

A zero-day vulnerability in Microsoft Word involving the handling of the RTF ...

Read More

Trustwave SpiderLabs at OWASP’s AppSec USA 2013

November 15, 2013 | Trustwave SpiderLabs

Will you be at the OWASP Foundation's AppSec USA event next week in New York ...

Read More

The Technical Aspects of Exploiting IE Zero-Day CVE-2013-3897

October 10, 2013 | Trustwave SpiderLabs

Just two days ago we announced thediscovery of in-the-wild attacks that used ...

Read More

Upcoming Webinars: 2013 Trustwave Global Security Report Threat Trends

March 07, 2013 | Trustwave SpiderLabs

A few weeks ago we released the 2013 Trustwave Global Security Report. This ...

Read More

Dissecting a CVE-2012-4792 Payload

January 04, 2013 | Trustwave SpiderLabs

A little while ago I was fortunate enough to get ahold of a sample that was ...

Read More