Trustwave Action Response: Polkit Privilege Escalation Vulnerability - PwnKit (CVE-2021-4034)
January 26, 2022 | SpiderLabs Researcher
Summary of Trustwave Actions (updated 1/26/2022): Trustwave security and ...
Trustwave Threat Hunting Guide: Identifying PwnKit (CVE-2021-4034) Exploitation
January 26, 2022 | Reegun Jayapaul
The Trustwave Threat Hunting team has authored a practical guide to help the ...
Dark Web Recon: Cybercriminals Fear More Law Enforcement Action in the Wake of the REvil Takedown
January 21, 2022 | Ziv Mador
In the wake of the takedown of the REvil/Sodinokibi ransomware gang by the ...
Decrypting Qakbot’s Encrypted Registry Keys
January 13, 2022 | Lloyd Macrohon, Rodel Mendrez
Since the return of the Qakbot Trojan in early September 2021, especially ...
COVID-19 Phishing Lure to Steal and Mine Cryptocurrency
December 23, 2021 | Bernard Bautista
Recently, we observed a malware spam campaign leveraging the current COVID-19 ...
Trustwave's Action Response: Multiple Log4j Zero-Day Vulnerabilities
December 10, 2021 | SpiderLabs Researcher
Updates: Dec. 29: Updated to cover three additional CVEs: CVE-2021-4104, ...
Law Enforcement Collaboration Has Eastern-European Cybercriminals Questioning Whether There Is A Safe Haven Anymore
December 08, 2021 | Trustwave SpiderLabs
Through the active Dark Web research that Trustwave SpiderLabs conducts for its ...
ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)
November 24, 2021 | Trustwave SpiderLabs
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...
CrypKey License Service Allows Privilege Escalation
November 04, 2021 | Martin Rakhmanov
Overview CrypKey (https://www.crypkey.com/) is a third-party licensing service ...
BlackByte Ransomware – Pt. 1 In-depth Analysis
October 15, 2021 | Rodel Mendrez, Lloyd Macrohon
Please click here for Part 2
BlackByte Ransomware – Pt 2. Code Obfuscation Analysis
October 15, 2021 | Rodel Mendrez, Lloyd Macrohon
In Part 1 of our BlackByte ransomware analysis, we covered the execution flow ...
A Handshake with MySQL Bots
October 14, 2021 | Radoslaw Zdonczyk
Edge Services It’s well known that we just don’t put services or devices on the ...
Missing Critical Vulnerabilities Through Narrow Scoping
September 16, 2021 | John Anderson
The typical process when scoping a penetration test is to get a list of targets ...
How Lack of Awareness and Clinging to the Past Threaten Your Networks
September 09, 2021 | John Anderson
The security landscape is always changing. New features are coming out all the ...
Patch Tuesday, August 2021
August 10, 2021 | Karl Sigler
Here we are in August and it's Patch Tuesday once more. It's another light ...
SQL Injection in WordPress Plugins: ORDER and ORDER BY as Overlooked Injection Points
August 06, 2021 | Martin Vierula
Trustwave SpiderLabs recently undertook a survey of some 100 popular WordPress ...
Telegram Self-Destruct? Not Always
August 05, 2021 | Reegun Jayapaul
Summary Secret-Chats in Telegram use end-to-end encryption, which is meant for ...
Compromising a Network Using an "Info" Level Finding
July 21, 2021 | John Anderson
Anyone who has ever read a vulnerability scan report will know that scanners ...
Vulnerability in ON24 Plugin for macOS Shares More Than Just Your Screen
July 21, 2021 | Martin Rakhmanov
ON24 presenter mode requires you to install a plugin that is used to share your ...
Patch Tuesday, July 2021
July 13, 2021 | Karl Sigler
We're a little over halfway through the year now as July's Patch Tuesday is ...
ModSecurity v3 and URI Fragments
July 08, 2021 | Martin Vierula
ModSecurity is an open-source WAF engine maintained by Trustwave. This blog ...
Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails
July 07, 2021 | Rodel Mendrez, Nikita Kazymirskyi
On, July 2nd, a massive ransomware attack was launched against roughly 60 ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
Solarwinds Serv-U 15.2.3 Share URL XSS (CVE-2021-32604)
July 06, 2021 | Victor Kahan
Sometimes when pen-testing a large network you come across a few exposed web ...
Yet Another Archive Format Smuggling Malware
June 24, 2021 | Diana Lopera
The use of novel disk image files to encapsulate malware distributed via spam ...
Thousands of Vulnerable VMWare vCenter Servers Still Publicly Exposed (CVE-2021-21985, CVE-2021-21986)
June 14, 2021 | Jason Villaluna
Background On May 25th, 2021, VMWare released patches to address ...
Patch Tuesday, June 2021
June 08, 2021 | Karl Sigler
Summer is officially here and with it June's Patch Tuesday. This is a ...
Huawei LTE USB Stick E3372: From File Overwrite to Code Execution
June 02, 2021 | Martin Rakhmanov
In today's world, more and more devices are connected to the Internet for ...