Hunting For Password Reset Tokens By Spraying And Using HTTP Pipelining

As is tradition with my blog posts, let’s start off a definition of what HTTP pipelining is all ...

Read More

Analyzing the NTC Vulkan Leak: What it Says About Russia's Cyber Capabilities

Information disclosed in the leaked NTC Vulkan papers allows us to investigate the high probability ...

Read More

Microsoft Encrypted Restricted Permission Messages Deliver Phishing

Over the past few days, we have seen phishing attacks that use a combination of compromised ...

Read More

From Response To Request, Adding Your Own Variables Inside Of GraphQL Queries For Account Take Over

For those wondering what GraphQL is…

Read More

When User Impersonation Features In Applications Go Bad

A user impersonation feature typically allows a privileged user, such as an administrator, but ...

Read More

Abusing Time-Of-Check Time-Of-Use (TOCTOU) Race Condition Vulnerabilities in Games, Harry Potter Style

I feel I need to clarify, for legal reasons, that this is nothing to do with any Harry Potter game. ...

Read More

Rendezvous with a Chatbot: Chaining Contextual Risk Vulnerabilities

Ignoring the little stuff is never a good idea. Anyone who has pretended that the small noise their ...

Read More

Why It’s Important to Change Default Credentials

Security best practice guidelines always call for changing default passwords as any password left ...

Read More

Dissecting Buffer Overflow Attacks in MongoDB

Towards the end of 2020, a new vulnerability in MongoDB was found and published. The vulnerability ...

Read More

CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd

A little bit of background for those not familiar with chfn…

Read More

Deobfuscating the Recent Emotet Epoch 4 Macro

In early March, one of the notorious botnets, Emotet, resumed its spamming activities after a ...

Read More

Rilide: A New Malicious Browser Extension for Stealing Cryptocurrencies

Trustwave SpiderLabs uncovered a new strain of malware that it dubbed Rilide, which targets ...

Read More

Trustwave Action Response: Supply Chain Attack Using 3CX PABX Software

Overview On March 29, a massive supply chain compromise in 3CX software resulted in malware being ...

Read More

Anonymous Sudan: Religious Hacktivists or Russian Front Group?

The Trustwave SpiderLabs research team has been tracking a new threat group calling itself ...

Read More

2023 Tax Scam Emails Exposed: Unmasking Deceptive Trends

Tax season is a busy time of year for taxpayers and threat actors. Consumers and businesses focus ...

Read More

ChatGPT: The Right Tool for the Job?

Since it was first released to the public late last year, ChatGPT has successfully captured the ...

Read More

OneNote Spear-Phishing Campaign

Trustwave SpiderLabs “noted” in Part 1 and Part 2 of our OneNote research that OneNote has been ...

Read More

A Noteworthy Threat: How Cybercriminals are Abusing OneNote – Part 1

Introduction Threat actors are taking advantage of Microsoft OneNote's ability to embed files and ...

Read More

A Noteworthy Threat: How Cybercriminals are Abusing OneNote – Part 2

In part one, we examined how threat actors abuse a OneNote document to install an infostealer. Part ...

Read More

Network Map NMAP Meets ChatGPT

We’ve now seen a number of different use cases for ChatGPT from marketing, sales, software ...

Read More

HTML Smuggling: The Hidden Threat in Your Inbox

Last October, Trustwave SpiderLabs blogged about the use and prevalence of HTML email attachments ...

Read More

Money Lover App Vulnerability Exposes Personal Info

An information disclosure vulnerability has been identified in Money Lover, a finance tracking ...

Read More

Vulnerability Causing Deletion of All Users in CrushFTP Admin Area

During a recent penetration test, Trustwave SpiderLabs researchers discovered a weak input ...

Read More

CVE-2022-43704 - Capture-Replay Vulnerability in Sinilink XY-WFT1 Thermostat

Trustwave SpiderLabs has found a vulnerability in the Sinilink XY-WFT1 Remote WiFi home Thermostat. ...

Read More

2022 Year in Review: Ransomware

With 2022 having just ended, let's take a look back at the year in ransomware. With the average ...

Read More

Malicious Macros Adapt to Use Microsoft Publisher to Push Ekipa RAT

After Microsoft announced this year that macros from the Internet will be blocked by default in ...

Read More

ChatGPT: Emerging AI Threat Landscape

ChatGPT has been available to the public since November 30, 2022. Since then, it has made headlines ...

Read More

Trustwave Action Response: Zero-Day Vulnerability in Citrix ADC (CVE-2022-27518)

On Tuesday, December 13, a joint announcement from the United States NSA and Citrix announced a ...

Read More