Author Archives: SpiderLabs Blog from Trustwave

Introduction A long time ago, in a blog far, far away (August 1, 2016: Slinging Hash: Speeding Cyber Threat Hunting Methodologies via Hash-Based Searching) I presented how I used hash algorithms to speed up searching large DNS log files. The…
Continue reading Hey Buddy, Can You Spare a Log? Adventures in Log-Based Threat Hunting→

This month’s update for Database Security Knowledgebase is now available. Knowledgebase version 5.12 includes new and updated checks for Oracle and Sybase ASE. New Vulnerability and Configuration Check Highlights Oracle SQL Injection in CDBView package… Continue reading Database Security Knowledgebase Update 5.12→

We knew that the Microsoft’s Valentine’s gift to cancel Patch Tuesday on February 14th was only going to be a temporary stay and, sure enough, Patch Tuesday is back and bigger than ever for March. Over all there are 18…
Continue reading Microsoft Patch Tuesday, March 2017→

Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor… Continue reading Undocumented Backdoor Account in DBLTek GoIP→

We have just released Corsigs version 4.46 for users of Trustwave Web Application Firewall (WAF) versions 7.0 and 8.0. These new rules help protect users’ Web applications against malicious traffic. Release Summary Cross-Site Scripting (XSS) Detection … Continue reading Trustwave Web Application Firewall Signature Update 4.46 Now Available→

Why would i entitle a blog post with the name ‘Hanz Ostmaster’? Don’t worry, it’s not some new named vulnerability, but it turns out this name has some significance. Do you see it? It requires a bit of imagination -…
Continue reading Hanz Ostmaster’s revenge: An SSL Validation issue→

Why would I title a blog post with the name ‘Hanz Ostmaster’? Don’t worry, it’s not some new named vulnerability, but it turns out this name has some significance. Do you see it? It requires a bit of imagination -…
Continue reading Hanz Ostmaster’s revenge: An SSL Validation issue→

The default configuration of the Unanet web application has a backdoor that can allow unauthenticated users to login and manipulate the user accounts and the roles they maintain. This vulnerability is due to a code branch that exists within the…
Continue reading Unauthenticated Backdoor Access in Unanet→

This month’s update for Database Security Knowledgebase is now available. Knowledgebase version 5.11 includes new checks for MySQL, SQL Server and Oracle as well as updated checks for SQL Server and MySQL. New Vulnerability and Configuration Check High… Continue reading Database Security Knowledgebase Update 5.11→

Shortly after publishing our post about Terror EK, “King Cobra” (a Twitter account that we mentioned at the end of that blog post), tweeted a note to us: Figure 1: King Cobra’s tweet to Trustwave This, along with other feedback…
Continue reading Underground Scams: Cutting the Head Off a Snake→