2022 Year in Review: Ransomware
January 05, 2023 | Greg Monson
With 2022 having just ended, let's take a look back at the year in ransomware. ...
Malicious Macros Adapt to Use Microsoft Publisher to Push Ekipa RAT
December 21, 2022 | Wojciech Cieslak
After Microsoft announced this year that macros from the Internet will be ...
ChatGPT: Emerging AI Threat Landscape
December 20, 2022 | Damian Archer
ChatGPT has been available to the public since November 30, 2022. Since then, ...
Trustwave Action Response: Zero-Day Vulnerability in Citrix ADC (CVE-2022-27518)
December 15, 2022 | SpiderLabs Researcher
On Tuesday, December 13, a joint announcement from the United States NSA and ...
Meta-Phish: Facebook Infrastructure Used in Phishing Attack Chain
December 15, 2022 | Karla Agregado, Michael Casayuran
Meta has two of the largest social media platforms today, Facebook and ...
Trojanized OneNote Document Leads to Formbook Malware
December 08, 2022 | Rodel Mendrez, Phil Hay, Diana Lopera
Cybercriminals have long used Microsoft documents to pass along malware and ...
Going Mobile: BEC Attacks Are Moving Beyond Email
December 07, 2022 | Maria Katrina Udquin
Recently, we’ve noticed an increase in user reports of SMS-based Business Email ...
Bypassing 2FA Authentication with Evilginx2
December 01, 2022 | Shrijin Srinivasan
Due to the increasing number of cyberattacks, particularly zero days, ...
‘Tis the Season for Online Shopping and Phishing Scams
December 01, 2022 | SpiderLabs Researcher
The 2022 holiday shopping season is here. Retailers’ discounts are kicking off ...
Killnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites
November 23, 2022 | SpiderLabs Researcher
Pro-Russian threat actor group Killnet claims to have launched DDoS attacks ...
Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program
November 22, 2022 | Kory Daniels
Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an ...
Automating RDS Security Via Boto3 (AWS API)
November 18, 2022 | Selam Gebreananeya
When it comes to security in AWS, there is the shared responsibility model for ...
Development of the Ukrainian Cyber Counter-Offensive
November 10, 2022 | SpiderLabs Researcher
Overview Russia’s military incursion against Ukraine began on February 24, ...
Denial of Service and RCE in OpenSSL 3.0 (CVE-2022-3786 and CVE-2022-3602)
November 04, 2022 | Karl Sigler
Overview On November 1 the OpenSSL Project released patches addressing the ...
Insta-Phish-A-Gram
October 27, 2022 | Homer Pacag
Following Trustwave SpiderLabs’ blog on social media-themed phishing on ...
Archive Sidestepping Self-Unlocking Password-Protected RAR
October 20, 2022 | Bernard Bautista, Diana Lopera
Trustwave SpiderLabs’ spam traps have identified an increase in threats ...
ModSecurity Request Body Parsing: Recent Bypass Issues
October 13, 2022 | Trustwave SpiderLabs
Overview ModSecurity is an open-source web application firewall (WAF) engine ...
HTML File Attachments: Still A Threat
October 06, 2022 | Rodel Mendrez
Introduction This past month, Trustwave SpiderLabs observed that HTML ...
Post-Exploitation Persistent Email Forwarder in Outlook Desktop
October 05, 2022 | Abi Waddell
There is an exploitation method that can automatically forward emails CC’d to ...
Trustwave Action Response: Zero Day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019
October 02, 2022 | SpiderLabs Researcher
Update Oct. 4: Microsoft released Security Update Guides for these two ...
CVE-2022-37461: Two Reflected XSS Vulnerabilities in Canon Medical’s Vitrea View
September 29, 2022 | Jordan Hedges, Avery Warddhana
Overview During a penetration test, Trustwave Spiderlabs’ researchers, Jordan ...
Retaliation by the Pro-Russian Group KillNet
September 14, 2022 | SpiderLabs Researcher
At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang ...
2022 Trustwave SpiderLabs Telemetry Report
August 25, 2022 | Jason Villaluna
As organizations go about their regular routine of finding and adding new ...
Oracle SBC: Multiple Security Vulnerabilities Leading to Unauthorized Access and Denial of Service
August 23, 2022 | Harold Zang
Oracle Communications Session Border Controller (SBC) is one of the most ...
Overview of the Cyber Weapons Used in the Ukraine - Russia War
August 18, 2022 | Pawel Knapczyk
Observing the ongoing conflict between Russia and Ukraine, we can clearly see ...
The Price Cybercriminals Charge for Stolen Data
August 03, 2022 | Trustwave SpiderLabs
For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, ...
IPFS: The New Hotbed of Phishing
July 28, 2022 | Karla Agregado, Katrina Udquin
A few months ago, we reported on an interesting site called the Chameleon ...
Want To Become A Red Teamer? This Is What You Need To Know
July 25, 2022 | Idan Ron
Everyone loves buzz words, no? Red team is the newest (well... not that new) ...