‘Tis the Season for Online Shopping and Phishing Scams

The 2022 holiday shopping season is here. Retailers’ discounts are kicking off early, and shoppers ...

Read More

Killnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites

Pro-Russian threat actor group Killnet claims to have launched DDoS attacks against Starlink and ...

Read More

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed ...

Read More

Automating RDS Security Via Boto3 (AWS API)

When it comes to security in AWS, there is the shared responsibility model for AWS services, which ...

Read More

Development of the Ukrainian Cyber Counter-Offensive

Overview Russia’s military incursion against Ukraine began on February 24, 2022, with a massive ...

Read More

Denial of Service and RCE in OpenSSL 3.0 (CVE-2022-3786 and CVE-2022-3602)

Overview On November 1 the OpenSSL Project released patches addressing the previously rated ...

Read More

Insta-Phish-A-Gram

Following Trustwave SpiderLabs’ blog on social media-themed phishing on Facebook, comes another ...

Read More

Archive Sidestepping Self-Unlocking Password-Protected RAR

Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in ...

Read More

ModSecurity Request Body Parsing: Recent Bypass Issues

Overview ModSecurity is an open-source web application firewall (WAF) engine maintained by ...

Read More

HTML File Attachments: Still A Threat

Introduction This past month, Trustwave SpiderLabs observed that HTML (Hypertext Markup Language) ...

Read More

Post-Exploitation Persistent Email Forwarder in Outlook Desktop

There is an exploitation method that can automatically forward emails CC’d to external addresses ...

Read More

Trustwave Action Response: Zero Day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019

Update Oct. 4: Microsoft released Security Update Guides for these two vulnerabilities.

Read More

CVE-2022-37461: Two Reflected XSS Vulnerabilities in Canon Medical’s Vitrea View

Overview During a penetration test, Trustwave Spiderlabs’ researchers, Jordan Hedges and Avery ...

Read More

Retaliation by the Pro-Russian Group KillNet

At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang - began actively ...

Read More

2022 Trustwave SpiderLabs Telemetry Report

As organizations go about their regular routine of finding and adding new technologies to help ...

Read More

Oracle SBC: Multiple Security Vulnerabilities Leading to Unauthorized Access and Denial of Service

Oracle Communications Session Border Controller (SBC) is one of the most popular products worldwide ...

Read More

Overview of the Cyber Weapons Used in the Ukraine - Russia War

Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks ...

Read More

The Price Cybercriminals Charge for Stolen Data

For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a ...

Read More

IPFS: The New Hotbed of Phishing

A few months ago, we reported on an interesting site called the Chameleon Phishing Page. These ...

Read More

Want To Become A Red Teamer? This Is What You Need To Know

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the ...

Read More

Decade Retrospective: The State of Vulnerabilities

Decade Retrospective: The State of Vulnerabilities The Spanish philosopher George Santayana is ...

Read More

CVE-2022-29593- Authentication Bypass by Capture Replay (Dingtian-DT-R002)

In the OT space it is increasingly common to see devices that are used to bridge the gap between ...

Read More

Interactive Phishing Mark II: Messenger Chatbot Leveraged in a New Facebook-Themed Spam

Facebook Messenger is one of the most popular messaging platforms in the world, amassing 988 ...

Read More

The Importance of White-Box Testing: A Dive into CVE-2022-21662

I want to take some time to explain the importance of using a white-box approach when testing ...

Read More

ModBus 101: One Protocol to Rule the OT World

Ever wondered how large-scale power plants monitor or control the myriad of systems that fill their ...

Read More

Trustwave's Action Response: More MSDT Fallout with “Dogwalk”

A zero-day vulnerability has been re-disclosed that is very similar to the Follina zero-day ...

Read More

Not all "Internet Connections" are Equal

People commonly think that any “Internet Connection” is exactly the same, or they may be vaguely ...

Read More

Trustwave's Action Response: Microsoft zero-day CVE-2022-30190 (aka Follina)

Update June 7 - In the event of a compromise related to the Follina vulnerability, IT teams can ...

Read More