Breakdown of Tycoon Phishing-as-a-Service System
February 20, 2024 | Rodel Mendrez
Just weeks after Trustwave SpiderLabs reported on the Greatness ...
Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising
February 06, 2024
During an Advanced Continual Threat Hunt (ACTH) investigation that took place ...
Trustwave SpiderLabs Guide: Jailbreaking Apple iOS 17 and Above
February 01, 2024 | Therese Mendoza
PLEASE NOTE: Jailbreaking any phone has the potential to permanently damage ...
Trusted Domain, Hidden Danger: Deceptive URL Redirections in Email Phishing Attacks
January 29, 2024 | Kevin Adriano
In this ever-evolving landscape of cyberthreats, email has become a prime ...
Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients
January 26, 2024 | Tom Neaves
This is another one of those blog posts from me about how I independently ...
Trustwave SpiderLabs Detects Spike in Greatness Phishing Kit Attacks on Microsoft 365 Users
January 25, 2024 | Bernard Bautista
Trustwave SpiderLabs is tracking a spike in usage of the Greatness phishing kit ...
Apache ActiveMQ Vulnerability Leads to Stealthy Godzilla Webshell
January 18, 2024 | Rodel Mendrez
Trustwave has observed a surge in attacks exploiting vulnerabilities in Apache ...
Beyond the Facade: Unraveling URL Redirection in Google Services
January 17, 2024 | Mike Casayuran
In the murky waters of cyber threats, one tactic has steadily gained wide ...
Types of Social Engineering Attacks used to Gain Internal Network Access
January 16, 2024 | Zak Willsallen
Social engineering is a technique commonly used by adversaries to manipulate ...
(Response) Splitting Up Reverse Proxies To Reach Internal Only Paths
January 11, 2024 | Tom Neaves
When I’m carrying out security research into a thing, I generally don’t like to ...
Trustwave Transfers ModSecurity Custodianship to the Open Worldwide Application Security Project (OWASP)
January 09, 2024
After serving as its steward for over a decade, Trustwave has agreed to ...
CVE-2023-50916: Authentication Coercion Vulnerability in Kyocera Device Manager
January 08, 2024 | Jordan Hedges
Overview of Authentication Coercion Vulnerability
Fueling Chaos: Hacker Group Grinds 70% of Iran's Gasoline System to a Halt
January 02, 2024 | Arthur Erzberger
The Iranian government has made the claim that a cyber threat group, identified ...
Top 10 SpiderLabs Blog Posts of 2023
December 27, 2023
The Top 10 Trustwave SpiderLabs’ blogs in 2023 reflected the cybersecurity ...
Hunting for Android Privilege Escalation with a 32 Line Fuzzer
December 22, 2023 | Maksymilian Motyl
Trustwave SpiderLabs tested a couple of Android OS-based mobile devices to ...
Surfing the Tidal Waves of HR-Themed Spam Emails
December 21, 2023 | Katrina Udquin
Threat actors constantly improve their tactics and are always on the hunt for ...
Instagram Phishing Targets Backup Codes
December 20, 2023 | Diana Solomon
Recently, we noticed another strain of Instagram “Copyright Infringement” ...
Honeypot Recon: MySQL Malware Infection via User-Defined Functions (UDF)
December 14, 2023 | Radek Zdonczyk
In the vast world of cybersecurity, as technologies evolve, so do the methods ...
Trustwave SpiderLabs Report: LockBit 3.0 Ransomware Vs. the Manufacturing Sector
December 06, 2023
As the manufacturing sector continues its digital transformation, Operational ...
Overview of the Cyberwarfare used in Israel – Hamas War
December 05, 2023 | SpiderLabs Researcher
On October 7, 2023, the Palestinian organization Hamas launched the biggest ...
The 2023 Retail Services Sector Threat Landscape: A Trustwave Threat Intelligence Briefing
November 15, 2023
The annual holiday shopping season is poised for a surge in spending, a fact ...
Pwning Electroencephalogram (EEG) Medical Devices by Default
November 07, 2023 | John Jackson
Overall Analysis of Vulnerability Identification – Default Credentials Leading ...
Hidden Data Exfiltration Using Time, Literally
October 17, 2023 | Tom Neaves
I was looking at my watch last week and my attention was moved towards the ...
Unveiling the CAPTCHA Escape: The Dance of CAPTCHA Evasion Using TOR
October 13, 2023 | Medz Barao
In this era, threat actors have proven to be tireless in their pursuit of ...
HTTP/2 Rapid Reset
October 13, 2023 | Medz Barao
A recent vulnerability tracked as Rapid Reset (CVE-2023-44487) in the HTTP/2 ...
2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies
October 11, 2023
Cyberattacks striking the financial services industry are more prevalent, ...
Patch Tuesday, October 2023
October 11, 2023 | Jeannette Dickens Hale
Halloween is arriving and with it, Trustwave’s return to Patch Tuesday reports.
Amazon (AWS) S3 Bucket Take Over
September 27, 2023 | Medz Barao
Let’s try something a bit different and take a look at some of Trustwave ...