SpiderLabs Radio

Follow SpiderLabs Radio
Share on
Copy link to clipboard

SpiderLabs Radio brings you weekly updates to the most important story's in Information Security. From breaches to exploits to patches and interviews with some of the industries best researchers. Hosted by Space Rogue. Trustwave SpiderLabs is an advanced security team within Trustwave focused on f…

Trustwave SpiderLabs


    • Nov 8, 2015 LATEST EPISODE
    • infrequent NEW EPISODES
    • 9m AVG DURATION
    • 100 EPISODES


    Search for episodes from SpiderLabs Radio with a specific topic:

    Latest episodes from SpiderLabs Radio

    SpiderLabs Radio for the Week of November 2, 2015 - Final Episode

    Play Episode Listen Later Nov 8, 2015 7:33


    In this week’s episode: Carder Scams Zerodium and iOS 9 jailbreak So Long, and Thanks for All the Fish! This episode marks the last SpiderLabs Radio podcast so I can focus on other Trustwave projects like our popular SpiderLabs blog. Thanks to all of our loyal listeners and I hope to see you over on the blog!

    SpiderLabs Radio for the Week of October 19, 2015

    Play Episode Listen Later Oct 25, 2015 5:43


    Two separate SpiderLabs vulnerabilities released: Assi Barak Discovers Magmi Zero Day Asaf Orpani Discovers Critical Joomla SQL injection Also A New IoT Vulnerability In Your Connected Tea Kettle Links mentioned in the show: Assi Barak - Zero-day in Magmi database client for popular e-commerce platform Magento targeted in the wild Asaf Orpani - Joomla SQL Injection Vulnerability Exploit Results in Full Administrative Access

    magento spiderlabs spiderlabs radio
    SpiderLabs Radio for the Week of September 28, 2015

    Play Episode Listen Later Oct 4, 2015 8:50


    In this week’s episode: SpiderLab’s Rodel Mendrez dissects the Quaverse RAT Current state of medical device security from DerbyCon 2015 Links mentioned in the show:Rodel Mendrez - Quaverse RAT: Remote-Access-as-a-ServiceDerbyCon 2015 videos

    spiderlabs radio
    SpiderLabs Radio for the Week of September 14, 2015

    Play Episode Listen Later Sep 20, 2015 6:45


    In this week’s episode: SYNFul Knock compromised routers TSA Master keys leaked

    spiderlabs radio
    SpiderLabs Radio for the Week of August 31, 2015

    Play Episode Listen Later Sep 6, 2015 7:26


    In this week’s episode: 225K iPhones hacked Sleepy Puppy Chrome and Amazon blocks (some) Flash Carbanak comes back

    amazon spiderlabs radio
    SpiderLabs Radio for the Week of August 24, 2015

    Play Episode Listen Later Aug 30, 2015 6:46


    In this week’s episode: Android Certifi-gate vulnerability exploited in the wild Agora Dark Market shuts down New Crypto Snakeoil: 4YEO

    spiderlabs radio
    SpiderLabs Radio for the Week of August 17, 2015

    Play Episode Listen Later Aug 22, 2015 6:33


    In this week’s episode: What Ashley Madison got right New Internet Explorer Vuln patched out of band Study on Android Lock Patterns

    spiderlabs radio
    SpiderLabs Radio for the Week of July 27, 2015

    Play Episode Listen Later Aug 1, 2015 7:48


    In this week’s episode: Android Vulnerabilites: DoS and Stagefright New Attack on Tor

    tor spiderlabs radio
    SpiderLabs Radio for the Week of July 13, 2015

    Play Episode Listen Later Jul 17, 2015 6:56


    In this week’s episode: Microsoft’s July Patch Tuesday and Windows Server 2003 EOL Darkode gets taken down

    microsoft windows server spiderlabs radio
    SpiderLabs Radio for the Week of Jul 6, 2015

    Play Episode Listen Later Jul 12, 2015 5:40


    In this week’s episode we talk about the Hacking Team getting hacked.

    hacking team spiderlabs radio
    SpiderLabs Radio for the Week of June 15, 2015

    Play Episode Listen Later Jun 21, 2015 9:37


    In this week’s episode: SwiftKey Android and Apple zero days LastPass breach

    apple spiderlabs radio
    SpiderLabs Radio for the Week of June 1, 2015

    Play Episode Listen Later Jun 7, 2015 8:22


    In this week’s episode: OpenSesame: Hacking Garage Door Openers Two Ransomware Authors Get Out Of The Game

    spiderlabs radio
    SpiderLabs Radio for the Week of May 25, 2015

    Play Episode Listen Later May 29, 2015 12:02


    In this week’s episode: Tox: Ransomware Builder Bots outnumber humans LogJam Hacking Airplanes

    spiderlabs radio
    SpiderLabs Radio for the Week of May 11, 2015

    Play Episode Listen Later May 15, 2015 7:24


    In this week’s episode: May’s Patch Tuesday VENOM VM escape vulnerability

    spiderlabs radio
    SpiderLabs Radio for the Week of April 27, 2015

    Play Episode Listen Later May 1, 2015 9:22


    In this week`s episode: Wordpress Zero Day BACKRONYM: SSL vulnerability in MySQL Angler EK and Bedep campaign used for political hacktivism Links mentioned in the show: BACKRONYMBedep trojan malware spread by the Angler exploit kit gets political

    angler spiderlabs radio
    SpiderLabs Radio for the Week of April 20, 2015

    Play Episode Listen Later Apr 26, 2015 8:09


    In this week’s episode it’s all things RSA Conference. I’ll be discussing two talks put on by Trustwave SpiderLabs researchers; one on PoS security and one on hacking SAP ASE databases. I’ll also talk about our password cracking rig and how it stood up against attendee provided passwords.   Links mentioned in the show: Building a Password Cracking Rig  David Byrne and Charles Henderson “That Point of Sale Is a PoS” Martin Rakhmanov: “Owning SAP ASE: Chained Database Attack”  CVE-2014-6284 - "Probe" login access vulnerability in SAP ASE  Custom ASE “probe” account client 

    SpiderLabs Radio for the Week of April 13, 2015

    Play Episode Listen Later Apr 17, 2015 7:44


    In this week’s episode: Rootpipe finally fixed for some Microsoft Patch Tuesday Punkey PoS Malware Links mentioned in the show: New POS Malware Emerges - Punkey

    rootpipe spiderlabs radio
    SpiderLabs Radio for the Week of March 30, 2015

    Play Episode Listen Later Apr 5, 2015 6:58


    In this week’s episode: TrueCrypt audit Silk Road back in the news once more, again DDoS on GitHub SSLv3 and PCI Links mentioned in the show: Bring Out Your Dead: An Update on the PCI relevance of SSLv3  

    pci spiderlabs radio
    SpiderLabs Radio for the Week of March 23, 2015

    Play Episode Listen Later Mar 29, 2015 6:45


    In this week’s episode: Root Certificate Used to Spoof TLS POSeidon Point of Sale Malware Flaw in Hotel WiFi Routers Allows Remote Control Bar-Mitzvah attack against RC4/SSL

    spiderlabs radio
    SpiderLabs Radio for the Week of March 16, 2015

    Play Episode Listen Later Mar 21, 2015 8:04


    In this week’s episode: The not-so-bad New Vuln in OpenSSL How to Infect a BIOS The Pwn2Own Results Darkmarket Evo Shuts Down

    infect spiderlabs radio
    SpiderLabs Radio for the Week of March 9, 2015

    Play Episode Listen Later Mar 15, 2015 5:30


    In this week’s episode: Microsoft’s March Patch Tuesday and the Return of Stuxnet The Row Hammer Physical Memory Attack

    microsoft spiderlabs radio
    SpiderLabs Radio for the Week of March 2, 2015

    Play Episode Listen Later Mar 8, 2015 7:17


    In this week’s episode: The Angler Exploit Kit and Domain Shadowing FREAK is the new POODLE

    poodles spiderlabs radio
    SpiderLabs Radio for the Week of February 23, 2015

    Play Episode Listen Later Feb 28, 2015 9:23


    In this week’s episode: Superfish and HTTPS MITM attacks SpiderLabs Honeypots and DDoS Malware SpiderLabs teardown of the RIG EK Links mentioned in this podcast: [Honeypot Alert] FHS Null Byte Attack (CVE-2014-6287) Attempts to Install DDoS Malware (Iptablex)RIG Exploit Kit Source Code Leak - The End or Just the Beginning of RIG?RIG Exploit Kit – Diving Deeper into the Infrastructure

    infrastructure superfish spiderlabs radio
    SpiderLabs Radio for the Week of February 9, 2015

    Play Episode Listen Later Feb 13, 2015 8:34


    In this week’s episode: Microsoft Patch Tuesday and Zero Days Ten Million Passwords Publicly Released New Anti-Forensic Technique: HARES

    microsoft patch tuesday spiderlabs radio
    SpiderLabs Radio for the Week of February 2, 2015

    Play Episode Listen Later Feb 7, 2015 7:52


    In this week’s episode: 2015 Changes to the Google Bug Bounty CTB-Locker ransomware Yet Another Flash Zero Day Links mentioned in this podcast: Kafiene’s Breakdown of CTB-LockerBen Hayak: A New Zero-Day of Adobe Flash CVE-2015-0313 Exploited in the Wild

    wild breakdown exploited spiderlabs radio
    SpiderLabs Radio for the Week of January 26, 2015

    Play Episode Listen Later Feb 1, 2015 8:03


    In this week’s episode: Critical Vulnerability Discovered in BlackPhone Google Zero Days hit OS X Facebook Magnet Malware The GHOST Vulnerability   Links mentioned in this article:GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)

    ghosts cve spiderlabs radio
    SpiderLabs Radio for the Week of January 19, 2015

    Play Episode Listen Later Jan 25, 2015 7:58


    In this week’s episode: Two Flash 0-Days Cause Confusion The trials of Ross Ulbricht and Barrett Brown

    SpiderLabs Radio for the Week of January 12, 2015

    Play Episode Listen Later Jan 18, 2015 8:15


    In this week’s episode we discuss Responsible Vulnerability Disclosure in the wake of Google’s release of Microsoft zero days. Links mentioned in this article: Microsoft: A Call for Better Coordinated Vulnerability Disclosure Intro to HDMoore’s Law The Speed is from the Devil – Some Thoughts about Google’s New Disclosure Policy

    google microsoft spiderlabs radio
    SpiderLabs Radio for the Week of January 5, 2015

    Play Episode Listen Later Jan 10, 2015 10:44


    In this week’s episode: Welcome back and Happy 2015! The Return of the Malicious Macro New Apple Exploits: iDict and Thunderstrike One Final Microsoft Zero Day for 2014 Links mentioned in this podcast: Deobfuscating Malicious Macros Using Python Thunderstrike 31c3

    spiderlabs radio
    SpiderLabs Radio for the week of December 8, 2014

    Play Episode Listen Later Dec 14, 2014 6:39


    In this week's episode: Last Patch Tuesday of 2014 New POODLEv2 Malware signed with Sony certificate Happy Holidays and Farewell until 2015

    farewell spiderlabs radio
    SpiderLabs Radio for the week of December 1, 2014

    Play Episode Listen Later Dec 7, 2014 9:34


    In this week's episode: The Sony Breach Operation Cleaver

    spiderlabs radio
    SpiderLabs Radio for the week of November 17, 2014

    Play Episode Listen Later Nov 22, 2014 7:54


    In this week's episode: The Out of Band Microsoft Kerberos Vulnerability Popular Messaging App WhatsApp Adds End-to-End Encryption  Tech Collective to Offer Free Certificate Authority ATT Stops SuperCookie Injection An Update on Tor added Malware: OnionDuke

    tor spiderlabs radio
    SpiderLabs Radio for the week of November 10, 2014

    Play Episode Listen Later Nov 15, 2014 8:22


    In this week's episode: Microsoft Patch Tuesday discloses critical vulnerabilities DarkHotel targets high level executives The Wirelurker campaign unleashes the Masque attack

    SpiderLabs Radio for the week of November 3, 2014

    Play Episode Listen Later Nov 9, 2014 8:53


    In this episode: The mysterious Rootpipe vuln affecting OS X The not so mysterious Wirelurker targeting Apple devices The arrest of Silkroad 2.0 operator, Defcon New Backoff PoS malware variants

    silk road wirelurker rootpipe spiderlabs radio
    SpiderLabs Radio for the week of October 27, 2014

    Play Episode Listen Later Nov 1, 2014 7:55


    In this episode: Drupalocalypse Spotting fake data dumps Tor exit node adds malware New Web Attack: Reflected File Download (RFD) Here are some of the links discussed in this weeks show: Allison Nixon's Spotting Fake Data Dumps Download The Backdoor Factory (BDF)Watch Joshua Pitts Talk on BDFAnalysis of Malicious Tor Exit Node  Oren Hafif's Reflected File Download Technique  

    spiderlabs radio
    SpiderLabs Radio: October 22, 2014

    Play Episode Listen Later Oct 25, 2014 5:35


    In this episode: Google offering Security Key for 2FA New Microsoft OLE vulnerability Ebola Phishing Campaign   Here are some of the links discussed in this weeks show: SpiderLabs writeup of CVE-2014-4114Microsoft advisory for CVE-2014-6352  

    SpiderLabs Radio: October 16, 2014

    Play Episode Listen Later Oct 18, 2014 7:48


    In this episode we'll be talking about the zero days patched by Microsoft's Patch Tuesday as well as all things POODLE.

    poodles spiderlabs radio
    SpiderLabs Radio: October 9, 2014

    Play Episode Listen Later Oct 11, 2014 10:19


    In this episode: BadUSB iWorm OS X botnet Tyupkin ATM malware links from the show notes:  BadAndroid v0.1Phison BadUSB code    

    spiderlabs radio
    SpiderLabs Radio: October 2, 2014

    Play Episode Listen Later Oct 3, 2014 10:23


    In this episode: All things Shellshock DerbyCon was GREAT, thanks for asking Get well soon, Cap'n Crunch Links mentioned in this weeks show: Mubix's existing shellshock attack vectors and PoCsSpiderLabs: Shellshock a Week Later: What We Have SeenDerbycon 2014 VideosHelp John Draper (Cap'n Crunch)

    mubix spiderlabs radio
    SpiderLabs Radio: September 18, 2014

    Play Episode Listen Later Sep 19, 2014 7:10


    In this episode: Apple new security features iOS8 XSS bug reintroduced in Kindle Bleep, a new secure messaging app Android Browser Privacy Bug Updates for Adobe Reader/Acrobat

    apple spiderlabs radio
    SpiderLabs Radio: September 11, 2014

    Play Episode Listen Later Sep 13, 2014 6:38


    In this episode I talk about the non-existent massive leak of 5 million Google email credentials and discuss the security aspects of Apple's newly announced Apple Pay payment system.

    SpiderLabs Radio: September 4, 2014

    Play Episode Listen Later Sep 5, 2014 7:04


    In this episode: All things iCloud and Naked Celebrity Leaks Plus tracking Criminals with VirusTotal

    SpiderLabs Radio: August 28, 2014

    Play Episode Listen Later Aug 30, 2014 8:04


    In this episode: Synolocker cure from F-Secure Windows Update re-released Android App hack Sony PSN DDoS, bomb threat Backoff update Beeswarm New Netflix tools

    spiderlabs radio
    SpiderLabs Radio: August 21, 2014

    Play Episode Listen Later Aug 22, 2014 8:27


    In this episode: New Gameover Zeus Variant Synolocker Gang Calls It Quits Microsoft Pulls a Patch Hacking Traffic Lights Grabbing Audio From a Phone's Gyroscope Stealing GPG Keys By Touch

    spiderlabs radio
    SpiderLabs Radio: August 14, 2014

    Play Episode Listen Later Aug 15, 2014 10:22


    In this episode: Trustwave's new live Global Security Report New Backoff PoS malware family The Magnitude Exploit Kit How hard is it to crack 625,000 passwords? Historical security trends

    historical trustwave spiderlabs radio
    SpiderLabs Radio: July 31, 2014

    Play Episode Listen Later Aug 1, 2014 0:36


    Hello loyal listeners. I just wanted to let you know that this is not the podcast you were looking for. With all of the preparations being done to get ready for BlackHat and DefCon I'm forced to delay the podcast this week. But stay tuned, because with convention season upon us, all the news that researchers have been holding on to all year is starting to see the light of day. I'll be discussing a new PoS malware family dubbed Backoff that my colleagues here at SpiderLabs recently discovered and we'll probably have a couple of surprises up our sleeve then. I'll catch you next week in Vegas, so until then, stay safe! 

    SpiderLabs Radio: July 17, 2014

    Play Episode Listen Later Jul 18, 2014 5:59


    In this episode: Vulnerabilites in password managers New Gameover Zeus Malware Kronos Malware Tesla Model S Vulnerabilities Google's Project Zero Network Attacks during World Cup

    world cup spiderlabs radio
    SpiderLabs Radio: July 10, 2014

    Play Episode Listen Later Jul 11, 2014 8:37


    In this episode: Rosetta Flash vulnerability BrutPoS Track2, a Russian PoS criminal, is arrested  Smart Lightbulbs leak wifi passwords Office macro malware makes a comeback Fraudulent SSL certificates found impersonating Google, Yahoo Data farmed from used cellphones

    google spiderlabs radio
    SpiderLabs Radio: July 3, 2014

    Play Episode Listen Later Jul 4, 2014 6:38


    In this episode: Apple ships patches for all the things 20 year old LZO bug resurrected New Zeus variant Lite Zeus Dragonfly campaign targets US Energy Microsoft seizes No-IP

    apple lzo spiderlabs radio
    SpiderLabs Radio: June 26, 2014

    Play Episode Listen Later Jun 27, 2014 8:35


    In this episode: PayPal 2FA in mobile bypassed Android update for OpenSSL vuln Reuters compromised by SEA through 3rd party TimThumb Webshot RCE vulnerability DDoS used as a distraction NTP patches stem DDoS flood

    sea ddos spiderlabs radio
    SpiderLabs Radio: June 19, 2014

    Play Episode Listen Later Jun 20, 2014 8:01


    In this episode: Tweetdeck suffers from an XSS worm Even Hackers pick bad password MS releases an Emergency Patch  SimpLocker Android Ransomware encryption bypassed Researchers find vulnerabilties in both Google Play and thousands of Apps New towelroot root exploit for Android     

    Claim SpiderLabs Radio

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel