Kernel Exploit Discovered in macOS Webroot SecureAnywhere Antivirus Software September 13, 2018 ZDNet A severe vulnerability discovered in the Webroot SecureAnywhere antivirus software allows attacks to take place at the kernel level. Researchers from Trustwave SpiderLabs team revealed the flaw, which impacts the macOS version of the software. Read More
How Trustwave Keeps an Eye on Hackers September 12, 2018 Crain’s Chicago Business Look inside the Loop command center where the information-security company is stepping up its cybersecurity game. Read More
Threat Hunters and Ethical Hackers: Trustwave’s Chicago Command Center Battles Cybercriminals September 12, 2018 Chicago Tribune Scrolling down a jumbo screen Trustwave’s Loop office is a list of personal information. There are emails, names, passwords, credit card numbers and expiration dates – a gold mine for anyone trying to steal someone’s identity. Read More
The Secrets of Social Engineering September 6, 2018 Transaction Trends We’ve all heard the stories in the news about cyberattacks enabled by unwitting consumers: fraudsters hacking into individuals’ email accounts and sending messages to their contacts requesting money; consumers providing payment information to phony websites; cybercriminals pretending to be relatives “in urgent needs of funds.” Read More
Unpicking the Cyber-Crime Economy August 26, 2018 BBC Turning virtual cash into real money without being caught is a big problem for successful cyber-criminals. They often have to get creative when “cashing out” or laundering the money they have stolen, according to a security expert. Read More
Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors August 24, 2018 Threatpost Researchers have found a cross-site scripting (XSS) flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites. Read More
Thought Leader – Chris Schueler August 23, 2018 SC Media At a time when cyberattacks and threats are on a sharp rise both in frequency and severity, Chris Schueler has been a driving force in shaping how large organizations incorporate the managed security model. Read More
Criminals Exclusively Target Bank Staff Credentials with RAT-Laced MS Publisher Email Attachments August 21, 2018 CSO Australia Cybercriminals have chosen one of Microsoft’s lesser known Office document creation apps Publisher (.pub) as the vehicle for distributing password stealing malware intended for employees at thousands of banks around the word. Read More
New Facial Recognition Tool Tracks Targets Across Different Social Networks August 8, 2018 The Verge Researchers at Trustwave released a new open-source tool called Social Mapper, which uses facial recognition to track subjects across social media networks. Read More
How Your LinkedIn Exposes You to Facial Recognition Hacks August 8, 2018 Forbes From Facebook overshares to accidental password posts on Twitter, there are many ways in which Web personas leak things of use to malicious hackers. Read More
MikroTik Routers Enslaved in Massive Coinhive Cryptojacking Campaign August 3, 2018 ZDNet According to Trustwave researcher Simon Kenin, on July 31, a surge in Coinhive activity was detected which indicated that a malicious cryptocurrency mining operation was underway. Read More
200,000 Routers Turned Into Mindless Crypto Coin Mining Zombies August 3, 2018 Forbes Somewhere out there a cybercriminal is lining his or her pockets with cryptocurrency. Whoever it is isn’t using powerful computer to do the mining. Instead, this individual is using an ever-growing army of enslaved routers to do the dirty work. Read More
Cryptojacker Campaign Hits MikroTik Routers August 2, 2018 Dark Reading More than 200,000 routers hit with a sophisticated cryptomining attack that appears to be spreading. Read More
Dust Yourself Off and Try Again: Ancient Solaris Patch Missed the Mark July 24, 2018 The Register A vulnerability first detected and “resolved” years ago in Oracle’s Unix OS, Solaris, has resurfaced, necessitating a fix in Big Red’s latest quarterly patch batch. Read More
Oracle Fixes Solaris Vulnerability that Could Allow Kernel Level Privilege Escalation July 24, 2018 ZDNet A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine. Read More
DanaBot Trojan Targets Bank Customers In Phishing Scam July 16, 2018 Threatpost The recently-discovered DataBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB. Read More
What Does the EU Cybersecurity Vote Mean for the Average Person? July 12, 2018 Siliconrepublic The European Parliament’s industry committee wants to give ENISA more power and create a rulebook for connected devices. Read More
Why Cryptocurrency Threats Aren’t Going Away Anytime Soon July 5, 2018 ThirtyK In the 2018 Trustwave Global Security Report, which looks at a wide range of computing and internet threats, risks and vulnerabilities across more than a dozen industries and 21 countries, cryptocurrency has a starring role. Read More
Linux Becomes Major Cryptomining Target July 4, 2018 SC Media Not only has cryptojacking hit the big time, but now attackers are moving to target Linux. Read More
Third-Party Cyber Security: Strengthening the Weak Link July 2, 2018 CSO Australia As companies adopt new technologies in short timeframes, they are increasingly turning to outsourcing resulting in third-party providers having access to sensitive data more than ever before. Read More