PenTest Manager: Now with Secure File Transfer
March 30, 2012
PenTest Manager, the cutting-edge reporting tool created by Trustwave ...
Hack Your Own Code: Advanced training for Developers
March 28, 2012 | nosteve
Mike Park and Marc Bown recently locked themselves in a conference room, ...
ModSecurity Advanced Topic of the Week: Automated Virtual Patching using OWASP Zed Attack Proxy
March 27, 2012 | Ryan Barnett
Automated Virtual Patching using OWASP Zed Attack Proxy The SpiderLabs Research ...
SpiderLabs Radio Podcast: March 2012
March 25, 2012
We have just released the SpiderLabs Radio March Edition. This show is packed ...
Upcoming SpiderLabs Speaking Events - March / April 2012
March 23, 2012 | SpiderLabs Anterior
At Trustwave SpiderLabs we encourage our team members to frequently perform ...
TWSL2012-005: Cross-Site Scripting Vulnerability in osCommerce Platform
March 23, 2012 | Robert Foggia
Trustwave SpiderLabs has published a new advisory today for a Cross-Site ...
A New Neighbor in Town: The Nuclear Pack v2.0 Exploit Kit
March 22, 2012
In the past few years, cybercriminals have been increasingly using exploit kits ...
[Honeypot Alert] Large Scale LFI Attack From Brazillian Domains
March 22, 2012 | Ryan Barnett
Our web sensors picked up a big uptick in Local File Inclusion (LFI) attacks ...
Dirty RAT Eats Nate's Banana
March 21, 2012 | Josh Grunzweig
I've got a real treat for everyone today, as I received approval to blog about ...
LIKE, omg!
March 15, 2012 | Dan Crowley
If you read this blog, you might have seen my earlier post regarding my ...
The Race for MS12-020
March 15, 2012 | Space Rogue
So if you missed our previous blog post on the MS Patch Tuesday earlier this ...
[Honeypot Alert] Zen Cart 'admin/sqlpatch.php' SQL Injection Attacks
March 14, 2012 | Ryan Barnett
SpiderLabs T-Shirt Designs 2006-2011
March 14, 2012 | SpiderLabs Anterior
Microsoft Patch Tuesday, March 2012: Beware the RDP's of March
March 13, 2012
[Honeypot Alert] More WordPress is_human Plugin Remote Command Injection Attack Detected
March 12, 2012 | Ryan Barnett
As we first noted in a previous Honeypot Alert Blog post, our web honeypots ...
[Honeypot Alert] Status Report for February 2012
March 12, 2012 | Ryan Barnett
Monthly Web Honeypot Status Report We have received a tremendous amount of ...
OWASP Virtual Patching Survey Results
March 09, 2012 | SpiderLabs Researcher
In a previous blog post, we issued a call for assistance to help OWASP with a ...
Detecting Brazilian Banking Trojans with Snort http_inspect
March 08, 2012
If you take a look at malware samples down here in Brazil, probably in most of ...
Virtual Patch for Movable Types XSS (CVE 2012-1262)
March 01, 2012 | Ryan Barnett
My SpiderLabs Research colleague Jonathan Claudius recently identified an XSS ...
PIG - Finding Your Target Without Saying a Word
February 27, 2012 | Ryan Linn
You see blogs, talks, presentations, and tutorials on how to break into boxes ...
SpiderLabs Threat Intelligence Program
February 23, 2012
So a lot of people have been asking me "What do you do at Trustwave?" and I ...
[Honeypot Alert] phpMyAdmin Code Injection Attacks for Botnet Recruitment
February 21, 2012 | Ryan Barnett
Our web honeypots picked up the following attacks today:
#TWContest: And the winner of the @Trustwave @SpiderLabs 2012 Global Security Report contest is...
February 21, 2012 | SpiderLabs Anterior
Here is a summary of the questions and answers:
#TWContest: One in how many organizations use insecure remote access...
February 20, 2012 | SpiderLabs Anterior
The question was… "One in how many organizations use insecure remote access ...
Call for Assistance: OWASP Virtual Patching Survey
February 17, 2012 | Ryan Barnett
Identification of web application vulnerabilities is only half the battle with ...
#TWContest: The two main motivations for web-based attacks are...
February 16, 2012 | SpiderLabs Anterior
On Thursday we posted our sixth question of the Trustwave 2012 Global Security ...
Trustwave SpiderLabs: My First Nine Days
February 15, 2012 | Space Rogue
So as some of you may have heard I now work at Trustwave for their SpiderLabs ...
#TWContest: The correct data aggregation technique is...
February 15, 2012 | SpiderLabs Anterior
On Tuesday we posted our fifth question of the Trustwave 2012 Global Security ...