Honeypot Recon: Global Database Threat Landscape
June 13, 2023 | Radoslaw Zdonczyk
In today's digital era, the importance of securing databases cannot be ...
Trustwave Action Response: Zero Day Vulnerability in Barracuda Email Security Gateway Appliance (ESG) (CVE-2023-2868)
June 09, 2023 | SpiderLabs Researcher
On May 19, 2023, Barracuda Networks identified a remote command injection ...
From Admin to AdminPlusPlus: Breaking Out of Sandboxed Applications Through Recon, Being Brave and Abusing SSO Domain Account Mappings
June 08, 2023 | Tom Neaves
I've been pentesting applications for nearly two decades now and throughout ...
Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362)
June 02, 2023 | Karl Sigler
Update - June 16, 2023: The second vulnerability mentioned in the June 12 ...
Hunting For Password Reset Tokens By Spraying And Using HTTP Pipelining
May 30, 2023 | Tom Neaves
As is tradition with my blog posts, let’s start off a definition of what HTTP ...
Analyzing the NTC Vulkan Leak: What it Says About Russia's Cyber Capabilities
May 25, 2023 | Arthur Erzberger
Information disclosed in the leaked NTC Vulkan papers allows us to investigate ...
Microsoft Encrypted Restricted Permission Messages Deliver Phishing
May 24, 2023 | Phil Hay, Rodel Mendrez
Over the past few days, we have seen phishing attacks that use a combination of ...
From Response To Request, Adding Your Own Variables Inside Of GraphQL Queries For Account Take Over
May 23, 2023 | Tom Neaves
For those wondering what GraphQL is…
When User Impersonation Features In Applications Go Bad
May 18, 2023 | Tom Neaves
A user impersonation feature typically allows a privileged user, such as an ...
Abusing Time-Of-Check Time-Of-Use (TOCTOU) Race Condition Vulnerabilities in Games, Harry Potter Style
May 16, 2023 | Tom Neaves
I feel I need to clarify, for legal reasons, that this is nothing to do with ...
Rendezvous with a Chatbot: Chaining Contextual Risk Vulnerabilities
May 11, 2023 | Abeer Banerjee
Ignoring the little stuff is never a good idea. Anyone who has pretended that ...
Why It’s Important to Change Default Credentials
May 03, 2023 | Dhervesh Singh
Security best practice guidelines always call for changing default passwords as ...
Dissecting Buffer Overflow Attacks in MongoDB
April 19, 2023 | Bilal Siddiqui
Towards the end of 2020, a new vulnerability in MongoDB was found and ...
CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd
April 13, 2023 | Tom Neaves
A little bit of background for those not familiar with chfn…
Deobfuscating the Recent Emotet Epoch 4 Macro
April 04, 2023 | Rodel Mendrez, Joshua Deacon
In early March, one of the notorious botnets, Emotet, resumed its spamming ...
Rilide: A New Malicious Browser Extension for Stealing Cryptocurrencies
April 04, 2023 | Pawel Knapczyk, Wojciech Cieslak
Trustwave SpiderLabs uncovered a new strain of malware that it dubbed Rilide, ...
Trustwave Action Response: Supply Chain Attack Using 3CX PABX Software
March 31, 2023 | Karl Sigler
Overview On March 29, a massive supply chain compromise in 3CX software ...
Anonymous Sudan: Religious Hacktivists or Russian Front Group?
March 30, 2023 | SpiderLabs Researcher
The Trustwave SpiderLabs research team has been tracking a new threat group ...
2023 Tax Scam Emails Exposed: Unmasking Deceptive Trends
March 29, 2023
Tax season is a busy time of year for taxpayers and threat actors. Consumers ...
ChatGPT: The Right Tool for the Job?
March 23, 2023 | Dustin Dugal Jose Tozo
Since it was first released to the public late last year, ChatGPT has ...
OneNote Spear-Phishing Campaign
March 09, 2023 | Reegun Jayapaul
Trustwave SpiderLabs “noted” in Part 1 and Part 2 of our OneNote research that ...
A Noteworthy Threat: How Cybercriminals are Abusing OneNote – Part 1
March 08, 2023 | Bernard Bautista
Introduction Threat actors are taking advantage of Microsoft OneNote's ability ...
A Noteworthy Threat: How Cybercriminals are Abusing OneNote – Part 2
March 08, 2023 | Bernard Bautista
In part one, we examined how threat actors abuse a OneNote document to install ...
Network Map NMAP Meets ChatGPT
February 16, 2023 | Dhervesh Singh
We’ve now seen a number of different use cases for ChatGPT from marketing, ...
HTML Smuggling: The Hidden Threat in Your Inbox
February 09, 2023 | Bernard Bautista, Diana Lopera
Last October, Trustwave SpiderLabs blogged about the use and prevalence of HTML ...
Money Lover App Vulnerability Exposes Personal Info
February 07, 2023 | Troy Driver
An information disclosure vulnerability has been identified in Money Lover, a ...
Vulnerability Causing Deletion of All Users in CrushFTP Admin Area
February 02, 2023 | Jean Calvin Mugabo
During a recent penetration test, Trustwave SpiderLabs researchers discovered a ...
CVE-2022-43704 - Capture-Replay Vulnerability in Sinilink XY-WFT1 Thermostat
January 12, 2023 | Victor Hanna
Trustwave SpiderLabs has found a vulnerability in the Sinilink XY-WFT1 Remote ...