CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Wherever you come from, you can meet BeEF

This year I've been very busy in terms of conferences, and developing/coordinating new features for BeEF.

The move to GitHub has been successful: we are receiving many pull requests from our users, and we encourage everyone to do it. If you have something cool you are doing with BeEF, or just ideas, send us your code or let us know!

Conferences are always a great moment to socialize, drink and speak about hacking, without mentioning traveling the world basically for free.

If you want to fall in love with BeEF, and you like application security, you should attend at least one of the following events in the near future.

Are you from Australia/APAC? Then join us at RuxCon, Saturday 20th October 2012:

http://www.ruxcon.org.au/speakers/#Ty Miller & Michele Orru

Are you based in USA? Then join us at OWASP AppSec USA, 25th October 2012:

http://appsecusa2012.sched.org/event/3139be68e0a3a0fd8382389deeee3922?iframe=no&w=998&sidebar=yes&bg=no#.UFxz8GlYs-0

Finally, if you're from Russia or just EMEA, don't miss the first BeEF Workshop at ZeroNights, 19/20th November 2012:

http://2012.zeronights.org/workshop#antisnatchor

I will release some new cool research that brings internal network exploitation via Javascript to the next level, combining InterProtocol Exploitation.

The research has been done together with Ty Miller (PureHacking). He will be speaking with me at RuxCon, where the research will be released.

Hope to see many of you during my talk, and later at the bar for drinks! :D

Latest SpiderLabs Blogs

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway

Overview A command injection vulnerability has been discovered in the GlobalProtect feature within Palo Alto Networks PAN-OS software for specific versions that have distinct feature configurations...

Read More

CNAPP, CSPM, CIEM, CWPP – Oh My!

We all know the cybersecurity industry loves its acronyms, but just because this fact is widely known doesn’t mean everyone knows the story behind the alphabet soup groups of letters, we must deal...

Read More

Phishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region

Recently, we observed a phishing campaign targeting the Latin American region. The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious...

Read More