An In-depth Look at MailTo Ransomware, Part Two of Three
April 08, 2020 | Joshua Deacon, Lloyd Macrohon
Overview In Part One of this series, we discussed how MailTo ransomware ...
Windows Debugging and Exploiting Part 5 SMBGhost CVE-2020-0796 Technical Review
April 03, 2020 | Bruno Oliveira
Introduction Hi everyone, how are you? I know the times are strange but we ...
An In-depth Look at MailTo Ransomware, Part One of Three
March 31, 2020 | Joshua Deacon, Lloyd Macrohon
In February, an Australian transportation company called Toll Group was hit by ...
COVID-19 Malspam Activity Ramps Up
March 31, 2020 | Joshua Deacon, Homer Pacag, Rodel Mendrez, Phil Hay
Back in February, we reported on two Coronavirus-themed phishing emails. But ...
Would You Exchange Your Security for a Gift Card?
March 26, 2020 | Alejandro Baca, Rodel Mendrez
UPDATED March 27, 2020
SMBGhost CVE-2020-0796 a Critical SMBv3 RCE Vulnerability
March 16, 2020 | Karl Sigler
Overview Last week Microsoft announced that there was a buffer overflow ...
ModSecurity Award Nominations and the Challenges of Open Source
March 12, 2020 | SpiderLabs Researcher
In the hustle and bustle of everyday work life we tend to look at the current ...
Persistent Cross-Site Scripting, the MSSQL Way
March 12, 2020 | Jonathan Yarema
Overview If you save wide Unicode brackets (i.e. <>) into a char or varchar ...
More Excel 4.0 Macro MalSpam Campaigns
March 11, 2020 | Diana Lopera
In light of the recent blog by my colleague Rodel Mendrez, we looked back at ...
Patch Tuesday March 2020
March 10, 2020 | Karl Sigler
Today marks Microsoft's March Patch Tuesday. While it may not be on the top of ...
Monster Lurking in Hidden Excel Worksheet
March 05, 2020 | Rodel Mendrez
A recent blog by Didier Steven’s showed how malicious Excel 4 macros can be ...
Windows Debugging and Exploiting Part 4: NTQuerySystemInformation
March 02, 2020 | Bruno Oliveira
Introduction Hello again! We are back with more Windows internals and it's time ...
RATs Wrapped and Hidden in PNG
February 27, 2020 | Diana Lopera
The Remote Access Tool (RAT) is one of the malware types we often encounter ...
Phishing in the Cloud
February 19, 2020 | Dr. Fahim Abbasi, Phil Hay
Credential phishing is one of the leading threats faced by organizations today. ...
Multiple Phishing Attacks Discovered Using the Coronavirus Theme
February 13, 2020 | Homer Pacag
It’s out there in the newspaper, social media, and television headlines. The ...
Patch Tuesday February 2020
February 11, 2020 | Karl Sigler
February's Patch Tuesday is here and brings with it patches for 98 CVEs. These ...
Reversing (and Recreating) Cryptographic Secrets Found in .NET Assemblies Using Python
February 04, 2020 | Tom Neaves
Picture the scene - you’re on a penetration test, somehow you’ve got hold of a ...
Microsoft Internet Explorer Remote Code Execution 0-Day (CVE-2020-0674)
January 21, 2020 | SpiderLabs Researcher
2020 is not starting out quietly for Microsoft, it seems. After the first Patch ...
ModSecurity Denial of Service Details - CVE-2019-19886
January 20, 2020 | Trustwave SpiderLabs
ModSecurity is an open-source WAF engine maintained by Trustwave. As a lively ...
Windows CryptoAPI Spoofing Vulnerability - CVE-2020-0601
January 17, 2020 | Karl Sigler
One of the most notable vulnerabilities patched during Microsoft's first Patch ...
Citrix ADC/Netscaler - CVE-2019-19781
January 16, 2020 | Bryant Smith
The Citrix vulnerability (CVE-2019-19781) was first identified in December of ...
Patch Tuesday, January 2020
January 14, 2020 | Karl Sigler
Happy 2020! Microsoft is helping you celebrate the new decade with patches for ...
ModSecurity v3.0.4 Released!
January 14, 2020 | SpiderLabs Researcher
It is a pleasure to announce the release of ModSecurity version 3.0.4 ...
Windows Debugging & Exploiting Part 3: WinDBG Time Travel Debugging
January 09, 2020 | Bruno Oliveira
Introduction Hi, my fellow friends! How are you? Hopefully, you had a terrific ...
Using the InterPlanetary File System For Offensive Operations
January 02, 2020 | Stephan Borosh
Introduction In this blog post, I intend to provide some insight into using the ...
Leveraging Disk Imaging Tools to Deliver RATs
December 23, 2019 | Joshua Deacon, Diana Lopera, Fahim Abbasi
This year we observed a notable uptick in disc imaging software (like .ISO) ...
Undressing the REvil
December 20, 2019 | Rodel Mendrez
Contributors: Lloyd Macrohon and Rodel Mendrez
Anyone Can Check for Magecart with Just the Browser
December 18, 2019 | Michael Yuen
In the past, there have been plenty of articles and blog posts recommending the ...