Collaborate Disseminate
Drupal, the popular Content Management System, (might) have seen better days. There’s been a lot of attention to it lately in regards to a nasty Remote Code Execution (RCE) vulnerability. In particular a number of builds in the 7.x and…
Continue reading “Drupalgeddon2” Recent Developments
Western Digital’s My Cloud is a popular storage/backup device that lets users backup and store important documents, photos and media files. Unfortunately the default configuration of a new My Cloud EX2 drive allows any unauthenticated local network use… Continue reading WD My Cloud EX2 Serves Your Files to Anyone
Introduction All too often when we conduct pen tests against organizations we find a robust security posture against their Iv4 infrastructure. They lock down services, use a host-based firewall and generally follow best practice security guidelines. Ho… Continue reading Using IPv6 to Bypass Security
I recently encountered an interesting phishing scheme when reviewing telemetry of incidents blocked by Trustwave Secure Web Gateway (SWG). My investigation into the scheme uncovered some interesting points and led me here: Figure 1: Phishing content on… Continue reading All Your Base64 Are Belong To Us – Dynamic vs. Static Analysis of Web Content
April’s Patch Tuesday didn’t let up much compared to March. Overall April brings with it patches for 70 vulnerabilities including 27 rated as “Critical”, 42 rated as “Important” and 1 rated as “Moderate”. Along with most of our “usual suspects”,…
Continue reading Patch Tuesday, April 2018
(Contributor: Dr. Fahim Abbasi and Phil Hay) In this blog, we provide an analysis of a Java-based malware sample circulated via spam, that leverages Crypter services hosted on the dark web to create mutations to evade detection. We observed a…
Continue reading Crypter-as-a-Service Helps jRAT Fly Under The Radar
March is coming in like a lion with this Patch Tuesday. The release patches 73 CVEs and includes the perennial rollup advisory for Adobe Flash. Fifteen of the 73 patched CVEs are rated as “Critical”, 56 of the CVEs are…
Continue reading Patch Tuesday, March 2018
Trustwave Spiderlabs is pleased to announce the release of CorSigs version 4.52 for Trustwave Web Application Firewall (WAF) versions 8.5 and 9.0. These rules are written to detect attacks or classes of attacks on web applications and their components…. Continue reading Trustwave Web Application Firewall Signature Update 4.52 Now Available
The Australian Securities and Investment Commission (ASIC) is an independent government agency that is Australia’s corporate, market and financial services regulator. ASIC provides several services including registration services for Australian compani… Continue reading Fake ASIC Renewal Spam Delivers Malware to Australian Companies
Malware authors often distribute malware through code macros in Microsoft Office documents such as Word, Excel, or PowerPoint. Regardless of the particular Office version, macros can be executed whenever the user opens the file. By default users get wa… Continue reading Multi-Stage Email Word Attack without Macros