Author Archives: SpiderLabs Blog from Trustwave

Trustwave recently reported a locally exploitable issue in the Skype Desktop API Mac OS-X which provides an API to local programs/plugins executing on the local machine. The API is formally known as the Desktop API (previously known as the Skype…
Continue reading A Backdoor in Skype for Mac OS X→

Trustwave recently reported a locally exploitable issue in the Skype Desktop API Mac OS-X which provides an API to local programs/plugins executing on the local machine. The API is formally known as the Desktop API (previously known as the Skype…
Continue reading A Backdoor in Skype for Mac OS X→

In the last month Trustwave was engaged by multiple hospitality businesses for investigations by an unknown attacker or attackers. The modus operandi for all three investigations were very similar and appear to be a new Carbanak gang attack methodology… Continue reading New Carbanak / Anunak Attack Methodology→

In the last month Trustwave was engaged by two separate hospitality clients, and one restaurant chain for investigations by an unknown attacker or attackers. The modus operandi for all three investigations were very similar and appear to be a new…
Continue reading New Carbanak / Anunak Attack Methodology→

In the last month Trustwave was engaged by two separate hospitality clients, and one restaurant chain for investigations by an unknown attacker or attackers. The modus operandi for all three investigations were very similar and appear to be a new…
Continue reading New Carbanak / Anunak Attack Methodology→

In the last month Trustwave was engaged by two separate hospitality clients, and one restaurant chain for investigations by an unknown attacker or attackers. The modus operandi for all three investigations were very similar and appear to be a new…
Continue reading New Carbanak / Anunak Attack Methodology→

The OWASP Core Rule Set (CRS) team is excited to announce the immediate availability of the OWASP Core Rule Set Version 3.0.0 stable release. This release represents over two and a half years of effort with nearly 1000 commits and…
Continue reading OWASP Core Rule Set 3.0.0 (Final) release→

The OWASP Core Rule Set (CRS) team is excited to announce the immediate availability of the OWASP Core Rule Set Version 3.0.0 stable release. This release represents over two and a half years of effort with nearly 1000 commits and…
Continue reading OWASP Core Rule Set 3.0.0 (Final) release→

The November Patch Tuesday is here and it’s a big one with 14 bulletins covering 68 unique CVEs. Despite the large volume of patches, this patch cycle still promises to be less painful than Election Day here in the USA….
Continue reading Microsoft Patch Tuesday, November 2016→

Summary The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy! New Vulnerability Test Highlights Some of the mor… Continue reading TrustKeeper Scan Engine Update for November 02, 2016→