Hacker News
- CrypKey License Service Allows Privilege Escalation https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/crypkey-license-service-allows-privilege-escalation/ 2 comments
- Full System Control with New SolarWinds Orion and Serv-U FTP Vulnerabilities https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/ 48 comments
- Electron Bug - NodeIntegration Bypass https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-1000136---Electron-nodeIntegration-Bypass/ 13 comments
- A Backdoor in Skype for Mac OS X https://www.trustwave.com/Resources/SpiderLabs-Blog/A-Backdoor-in-Skype-for-Mac-OS-X/ 107 comments
- How I Cracked a Keylogger and Ended Up in Someone's Inbox https://www.trustwave.com/Resources/SpiderLabs-Blog/How-I-Cracked-a-Keylogger-and-Ended-Up-in-Someone-s-Inbox/ 103 comments
- Security disclosure about a Bluetooth toilet https://www.trustwave.com/spiderlabs/advisories/TWSL2013-020.txt 28 comments
- 3 new SolarWinds vulnerabilities including RCE in Orion platform https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/ 47 comments netsec
- Database of 186 Million US Voters For Sale in Underground Markets https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/massive-us-voters-and-consumers-databases-circulate-among-hackers/ 9 comments netsec
- Trustwave write-up on the GoldenSpy and GoldenHelper malware in state-mandated VAT software for companies operating in China https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/goldenspy-chapter-4-goldenhelper-malware-embedded-in-official-golden-tax-software/ 3 comments netsec
- Trustwave discovers new malware family in tax software major Chinese bank requires corporations to install to do business in China http://trustwave.com/en-us/resources/blogs/spiderlabs-blog/golden-tax-department-and-the-emergence-of-goldenspy-malware/ 60 comments netsec
- Multiple Vulnerabilities in Grandstream Products https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920 3 comments netsec
- Firework - Leveraging Microsoft Workspaces in a Penetration Test https://www.trustwave.com/resources/spiderlabs-blog/firework--leveraging-microsoft-workspaces-in-a-penetration-test/ 4 comments netsec
- massive cryptojacking campaign targeting tens of thousands of MikroTik routers https://www.trustwave.com/resources/spiderlabs-blog/mass-mikrotik-router-infection-%E2%80%93-first-we-cryptojack-brazil,-then-we-take-the-world-/ 7 comments netsec
- potentially new evidence in the SingHealth breach https://www.trustwave.com/resources/spiderlabs-blog/new-indicators-suggest-penetration-vectors-and-earlier-dates-for-the-singhealth-breach/ 7 comments netsec
- CVE-2018-1000136 - Electron nodeIntegration Bypass (RCE) https://www.trustwave.com/resources/spiderlabs-blog/cve-2018-1000136---electron-nodeintegration-bypass/ 15 comments netsec
- Elephone P9000 Lock Screen Lockout Bypass (With Video Demo!) https://www.trustwave.com/resources/spiderlabs-blog/elephone-p9000-lock-screen-lockout-bypass/ 7 comments netsec
- Burp Extender for Web Cache Deception Attack! Very useful! https://www.trustwave.com/resources/spiderlabs-blog/airachnid--web-cache-deception-burp-extender/ 3 comments netsec
- CVE-2017-5521: Bypassing Authentication on NETGEAR Routers https://www.trustwave.com/resources/spiderlabs-blog/cve-2017-5521--bypassing-authentication-on-netgear-routers/ 22 comments netsec
- How I Cracked a Keylogger and Ended Up in Someone's Inbox https://www.trustwave.com/resources/spiderlabs-blog/how-i-cracked-a-keylogger-and-ended-up-in-someone-s-inbox/ 176 comments programming
- How I Cracked a Keylogger and Ended Up in Someone's Inbox https://www.trustwave.com/resources/spiderlabs-blog/how-i-cracked-a-keylogger-and-ended-up-in-someone-s-inbox/ 40 comments netsec
- Massive Volume of Ransomware Downloaders being Spammed https://www.trustwave.com/resources/spiderlabs-blog/massive-volume-of-ransomware-downloaders-being-spammed 6 comments netsec
- Critical Joomla SQL injection vuln that results in full admin access https://www.trustwave.com/resources/spiderlabs-blog/joomla-sql-injection-vulnerability-exploit-results-in-full-administrative-access/ 53 comments netsec
- Username enumeration against OpenSSH+SELinux with CVE-2015-3238 https://www.trustwave.com/resources/spiderlabs-blog/username-enumeration-against-openssh-selinux-with-cve-2015-3238/ 4 comments netsec
- Brute forcing keyfob systems with Proxmark3 and ProxBrute. https://www.trustwave.com/resources/spiderlabs-blog/getting-in-with-the-proxmark-3-and-proxbrute/ 5 comments netsec
- New POS Malware Emerges - Punkey (X-post from /r/malware) https://www.trustwave.com/resources/spiderlabs-blog/new-pos-malware-emerges---punkey/?page=1&year=0&month=0 5 comments netsec
- RIG exploit kit deep analysis https://www.trustwave.com/resources/spiderlabs-blog/rig-exploit-kit-%E2%80%93-diving-deeper-into-the-infrastructure/ 3 comments netsec
- "Many general users and some IT administrators incorrectly assume that using various uppercase letters, lowercase letters, numbers and special characters in a password will make it more secure. " https://trustwave.com/resources/trustwave-blog/yes,-your-password-is-easy-to-crack/ 3 comments technology
- Hard-Coded Bluetooth PIN Vulnerability in LIXIL Satis Toilet https://www.trustwave.com/spiderlabs/advisories/twsl2013-020.txt 42 comments netsec
- Security disclosure about a bluetooth enabled toilet. https://www.trustwave.com/spiderlabs/advisories/twsl2013-020.txt 12 comments programming
- Is this Spam Statistic for india true ? https://www.trustwave.com/support/labs/spam_statistics.asp 7 comments india