“Catch Me If You Can” Trojan Banker Zeus Strikes Again (Part 4 of 5)
May 15, 2012 | SpiderLabs Researcher
This is the fourth part in a series of blogs. The prior blogs describe the ...
“Catch Me If You Can” Trojan Banker Zeus Strikes Again (Part 1 of 5)
May 15, 2012 | SpiderLabs Researcher
In the next series of blogs we will describe in detail an attack from one of ...
It Takes Two to Tango (myself, and your unprotected file share)
May 11, 2012 | Nathan Drier
BananaStand learned from last time (to see last time, go here ). Systems were ...
Bypass Vulnerabilities in Squid and McAfee Web Access Gateway
May 08, 2012 | Jonathan Claudius
About two weeks ago, a Brazilian security researcher by the name of Gabriel ...
Microsoft Patch Tuesday: Help Is On The Way!
May 08, 2012
This may sound a bit odd but "nosteve" who usually gives his take on the patch ...
THOTCON 0x3 - Hacker Brew Contest
May 08, 2012 | Ryan Merritt
This year's instantiation of the THOTCON hacking conference issued a unique ...
TWSL2012-004: Multiple Vulnerabilities in Zen Cart
May 08, 2012 | Robert Foggia
The SpiderLabs team at Trustwave published a new advisory yesterday, which ...
PHP-CGI Exploitation by Example
May 08, 2012 | Jonathan Claudius
Late last week, a vulnerability in PHP-CGI was disclosed, which allows all ...
[Honeypot Alert] (UPDATE) Active Exploit Attempts for PHP-CGI Vuln
May 07, 2012 | Ryan Barnett
UPDATE - we have received more exploit attempt details from web hosting ...
A Wild Exploit Kit Appears... Meet RedKit
May 02, 2012 | Arseny Levin
During our research we have recently encountered a new private exploit kit. The ...
RedKit Payload - Binary Fun
May 01, 2012 | Josh Grunzweig
Before I jump into this blog post, I'd like to point out some interesting ...
Recent Mass SQL Injection Payload Analysis
May 01, 2012 | Ryan Barnett
There have been a number of mass SQL Injection campaigns targeting ...
Update from Trustwave SpiderLabs EMEA, London
April 30, 2012
It was a hectic week in London. In case you hadn't heard its was InfoSec Europe ...
Brazilian Banking Malware: Pay Your Bill Slacker!
April 27, 2012
I recently got wind of an interesting little sample that I believe originated ...
Winning! PenTest Manager pwns SC Europe Innovation Award
April 26, 2012
We Won! :-) Thanks to all the hard work of the Trustwave's Engineering teams, ...
WordPress 3.3.2 Addresses Setup XSS Vulnerabilities
April 26, 2012 | Jonathan Claudius
Back in January we released a security advisory for WordPress, which included ...
Pwning a Spammer's Keylogger
April 26, 2012 | Rodel Mendrez
Recently, while scrounging around our spam traps, I spotted this ordinary piece ...
Once Again Cutwail Spam Campaign Ends Up In Phoenix Exploit Kit
April 24, 2012 | Daniel Chechik
In the past few months, a certain cybercrime group operates a large stable ...
Come and Join Us at InfoSecurity
April 24, 2012 | Ziv Mador
This week we will be presenting and speaking at InfoSecurity, Europe's No.1 ...
TWSL2012-012: Cross-Site Scripting Vulnerability in Support Incident Tracker
April 21, 2012 | Robert Foggia
Trustwave SpiderLabs has published a new advisory today for a reflective ...
SC Magazine Innovation Award Finalist - Trustwave SpiderLabs PenTest Manager
April 21, 2012
PenTest Manager, the cutting edge penetration test management and reporting ...
[Honeypot Alert] Joomla com_s5clanroster Local File Inclusion Attacks
April 16, 2012 | Ryan Barnett
Our web honeypots picked up some increased scanning for the following ...
Australian Apple Store Customers Targeted by Phishers
April 14, 2012 | Rodel Mendrez
Recently, we came across a phishing attack targeting Australian Apple Store ...
Smart Meter Attacks: Old Vectors Die Hard
April 13, 2012 | Barry O’Connell
Much has been made of the recent attacks against a Puerto Rican utility's smart ...
TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow sFlow Analyzer
April 13, 2012
Trustwave SpiderLabs has published a new advisory yesterday for multiple ...
[Honeypot Alert] Zeroboard now_connect() Remote Code Execution Attacks
April 12, 2012 | Ryan Barnett
Our web honeypots recently identified attacks for CVE-2009-4834 which is a ...
RCE root in all current Samba versions
April 11, 2012 | Space Rogue
While perusing the change log for the release of SAMBA that was pushed out ...
Microsoft Patch Tuesday: IE, Common Control, and Digitized Chuck Yeager
April 11, 2012 | nosteve
For those of you that remember Microsoft Works, today's update will be special ...