Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Media Coverage

Trustwave Media Coverage chronicles news articles and TV spots featuring commentary and insights from our experienced experts and enlightening studies.

LockBit locked out: Cyber community reacts

Trustwave’s Ed Williams shares his reaction to the news that the prolific, dangerous and feared LockBit ransomware cartel has been significantly disrupted by the UK’s National Crime Agency (NCA), the FBI, and others.

Security Breach Podcast: The Hacker's Most Lucrative Attack

Trustwave’s Kory Daniels joins Security Breach podcast to discuss the myriad of threats facing the manufacturing industry.

Facebook ads push new Ov3r_Stealer password-stealing malware

Discovered by Trustwave SpiderLabs, a new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency.

Fake Facebook job ads are using malware to syphon off credit card data and passwords — don’t fall for this

According to a report from Trustwave SpiderLabs, a novel malware strain dubbed Ov3r_Stealer can collect a user’s location, hardware info, passwords, cookies, auto-fill data, a list of their browser extensions and antivirus software and even their credit card information.

Fake Facebook ad ‘siphons’ your credit card and passwords then shares them in ‘criminal’ chat

In early December, Trustwave SpiderLabs discovered a new malware named Ov3r_Stealer. The malware is designed to steal login information and access crypto wallets.

Aquion locks in more security offerings with A/NZ Trustwave deal

Through the deal, Aquion will provide a range of Trustwave solutions, including its security consulting, penetration testing, managed detection and response, co-managed security operations centre (SOC), threat hunting, digital forensics, incident response, database security and email security solutions.

Everyone has to be part of cybersecurity, not just IT

Trustwave’s Jason Whyte shares insights for cybersecurity in the healthcare sector.

Microsoft 365 users need to be on their guard — new phishing campaign

A new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost.

Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw

Trustwave SpiderLabs discovered that threat actors unleashed a fresh wave of cyberattacks targeting a critical remote code-execution (RCE) vulnerability in Apache ActiveMQ, for which the Apache Software Foundation (ASF) issued a patch back in October.

Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager

Trustwave SpiderLabs discovered a security flaw in Kyocera's Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems.

New phishing attack steals your Instagram backup codes to bypass 2FA

Discovered by Trustwave SpiderLabs, a new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on the account.

Only 19 percent of manufacturing leaders are confident of their cyber defenses

New research into the manufacturing threat landscape from Trustwave finds that just 19 percent of manufacturing industry leaders are confident in their cyber defense mechanisms.

Critical Cybersecurity Vulnerabilities Expose Manufacturers to Costly Attacks

From email-borne malware to the exploitation of SMB and DCOM protocols for lateral movement, these persistent threats pose significant risks to the manufacturing sector, according to new research from Trustwave.

Retailers brace for cyberthreat feast ahead of Thanksgiving shopping weekend

Trustwave finds a rise in social engineering and generative AI pose increased risks as phishing attacks and ransomware gain speed and grow more sophisticated.

Trustwave reveals retail sector's unique cybersecurity threats & solutions

Trustwavehas released comprehensive research shedding light on the distinctive cybersecurity risks facing retailers.

Generative AI Emerges as Top Cybersecurity Concern for Retailers: Report

Trustwave’s new report indicates generative AI, bot activity and the proliferation of third-party endpoints as top threats to the retail sector.

What companies with the happiest employees have in common?

Trustwave makes the list of the top 25 companies with the happiest workers.

Comprehensive Trustwave report shares threats to financial services

Trustwave, has revealed the biggest cyber threats facing financial services organizations after its latest research.

Trustwave Delivers Managed SIEM for Microsoft Sentinel

Trustwave has released the Trustwave Managed SIEM for Microsoft Sentinel. Managed SIEM for Microsoft Sentinel is available as part of Trustwave's Managed Security Services for Microsoft Sentinel and Microsoft XDR security products.

Microsoft, American Express most spoofed brands in financial services phishing emails

Trustwave SpiderLabs researchers discovered “interesting developments” in the delivery methods, techniques, themes, and targeted brands of email phishing against financial services.

Evolving conversations: Cybersecurity as a business risk

Trustwave’s Barry O’Connell examines the current relationship between the CISO and the rest of the board and best practices for navigating conversations with the board when discussing cybersecurity priorities.

Trustwave SpiderLabs Research: Cybersecurity in the Hospitality Industry

The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying how threat actors conduct attacks, methodologies used, and what organizations can do to protect themselves from specific types of attacks.

Generative AI, contactless tech make hotels vulnerable to cyberattacks: report

Guest and worker turnover also make the hospitality industry an appealing target for cybercriminals, according to Trustwave SpiderLabs.

It’s the summer of adversarial chatbots. Here’s how to defend against them

Generative artificial intelligence is quickly moving into both offensive and defensive positions, with many security providers calling out how they are using AI methods to augment their defensive tools. The AI security arms race has begun.

Stop trying to solve risk: how to get your risk appetite back

Trustwave’s Ed Williams shares why rather than looking at risk vs. no risk, organisations should assess their tolerance for it, establishing thresholds for comfortable levels of risk.


Trustwave expands Fusion offering into Pacific region

Trustwave, a global cybersecurity and managed security services provider, has announced the expansion of its globally federated, cloud-native Fusion platform into the Pacific region.


3 emerging threats to healthcare cybersecurity

Generative artificial intelligence and large language models topped the list of emerging and prominent threats to the healthcare industry, a new report from Trustwave SpiderLabs found.


Healthcare’s hacking problem is nearing a crisis: report

Cybersecurity threats to healthcare organizations have grown exponentially in the last few years, according a report published Thursday by Trustwave SpiderLabs.


Botnets responsible for over 95% malicious web traffic globally: Report

Botnets are globally responsible for over 95% of malicious web traffic, according to research conducted by managed cybersecurity provider Trustwave.

The risks and rewards of ChatGPT in the modern business environment

Trustwave’s Jason Whyte shares his thoughts on ChatGPT as it continues to lead the news cycle and increase in popularity, with new applications and uses seemingly uncovered each day for this innovative platform.

MSSQL makes up 93% of all activity on honeypots tracking 10 databases

In its research, Trustwave SpiderLabs found that honeypots focused on tracking activity on database servers based in Russia, Ukraine, Poland, the UK, China, and the U.S. found that Microsoft SQL (MSSQL) made up 93% of all attack activity.

Clop claims hundreds of MOVEit vulnerability victims

The prolific threat actor is responsible for two of the three high-profile, actively exploited vulnerabilities in file-transfer services so far this year.

More Microsoft 365 phishing attacks are using this dangerous new method - here's what you need to know

Trustwave SpiderLabs found a threat actor abusing Microsoft’s Rights Management Services (RMS) to deliver links to fake landing pages to their victims. The attacks are highly targeted and quite difficult to mitigate.

The Patent and Trademark Office wants to improve the security of its crown jewels

The U.S. Patent and Trademark Office (USPTO) recently expanded a contract with Trustwave to improve the cybersecurity of its main databases, as well as move the agency to that all-important zero-trust architecture.

Top browsers targeted by new malware to steal your sensitive data

Discovered by Trustwave SpiderLabs, Rilide, can do a variety of malicious actions, including monitoring browsing history, taking screenshots on people's devices, and stealing cryptocurrency using scripts injected into websites. 

Hackers use Rilide browser extension to bypass 2FA, steal crypto

Trustwave SpiderLabs researchers discovered a new malicious browser extension called Rilide, that targets Chromium-based products like Google Chrome, Brave, Opera, and Microsoft Edge.

How IT leaders can prepare organisations for penetration testing

To prevent cyber security breaches, leadership teams need to focus on how their organisations detect, manage, and recover from cyber attacks. The first and most crucial step is understanding where the organisation is vulnerable.

U.S. Patent and Trademark Office Adds Zero-Trust Capabilities

With Trustwave’s DbProtect, threat monitoring and advanced user rights review will lift the burden on USPTO security teams to prioritize issues with on-premises and cloud databases.

Trustwave Earns U.S. Government Contract for Database Security

The United States Patent and Trademark Office (USPTO) has awarded an expanded database security contract to the government solutions division of Trustwave, a Top 250 MSSP.

Trustwave Teams Up with Trellix for Better Managed Security

Cybersecurity companies Trustwave and Trellix say they want to help end users simplify their systems in the face of a complicated threat environment.

Why Data is the New Uranium

Trustwave’s Nick Ellsmore shares why thinking of data as being as valuable as uranium, not oil, requires a complete shift in mindset.

What Can Security Teams Learn From a Year of Cyber Warfare?

Trustwave security researcher Jeannette Dickens-Hale reflects on the ongoing cyber war and what security leaders can learn from the past 12 months.

Trustwave Government Solutions Brings Together PAN Cortex XDR Capabilities and MDR Expertise

Trustwave Government Solutions (TGS), a managed detection and response (MDR) provider and subsidiary of Trustwave Holdings, has announced its status as a Palo Alto Networks Cortex XMDR Specialization partner.

Money Lover breach shows the dangers of leaky APIs

Trustwave SpiderLabs discovered a data leakage vulnerability in a popular financial management application illustrates the danger of using application programming interfaces that are not watertight.

MDR Resonating as an Option with Both Channel and Customers

One area tipped for growth by analysts and vendors is managed detection and response – the challenge for partners is to keep on top of training and vendor relationships. Trustwave weighs in.

MSSP Trustwave Relaunches Advanced Continual Threat Hunting Platform

Trustwave, a Top 250 MSSP, has relaunched its Advanced Continual Threat Hunting platform to help organizations identify threats that evade many security tools.

Trustwave Relaunches Advanced Continual Threat Hunting with Human-Led Methodology

Trustwave launches enhancements that allow for increased human-led threat hunting to uncover more behavior-based findings associated with specific threat actors.

What is LockBit Ransomware and How Does it Operate?

Trustwave’s SpiderLabs how the LockBit group “dominates the ransomware space” and uses large payments to recruit experienced actors.

Health Tech Innovation: How to Advance Data Security To Support Healthcare Accessibility

Trustwave’s Kory Daniels shares the security measures that can help decrease an organization's attack surface, create accurate response automation and prevent compromise.

Phishing attack uses Facebook posts to evade email security

Trustwave SpiderLabs researchers highlight a new phishing campaign uses Facebook posts as part of its attack chain to trick users into giving away their account credentials and personally identifiable information (PII).

14 Lessons CISOs Learned in 2022

The coming new year is a good moment for chief information security officers to reflect upon what they've learned this year and how to apply this knowledge going forward – Trustwave’s Kory Daniels chimes in.

Business email compromise attacks going mobile via SMS and social media apps

A report from Trustwave SpiderLabs found the number of BEC attacks that leverage the Short Message Service (SMS) instead of email has been steadily increasing.

IDC MarketScape APAC assessment

The IDC MarketScape: Asia Pacific Professional Security Services Vendor Assessment has named Trustwave as a Major Player.

Lumen, CenturyLink Vet to Lead Trustwave Partners Globally

Trustwave partners have a new global leader. Garrett Gee, previously with Lumen Technologies/CenturyLink and previously Level 3, is Trustwave’s new global vice president of indirect channels and alliances.

This Zero-Day Twitter Hack Has Already Impacted 5.5 Million Users: Report

Trustwave’s Ed Williams outlines the impact of common security mistakes related to APIs and guidance for organizations.

IT Jams – Introducing Trustwave

Trustwave’s Craig Searle explains how Trustwave protects its clients from the devastating impact of cyberattacks and its unique penetration testing offering.

Shining a Light on the Dark Web

Trustwave’s Ziv Mador explains how Dark Web marketplaces sell a plethora of tools, stolen data, and forged documents, and why some of the things for sale are priced higher than the rest.

Journal of mHealth

Trustwave’s Ed Williams shares proactive guidelines on how healthcare organisations can bolster their security infrastructure and increase cyber resilience.

Top Tips for the Healthcare Industry to Protect against Cyberattacks

Trustwave’s Ed Williams shares proactive guidelines on how healthcare organisations can bolster their security infrastructure and increase cyber resilience.

New Trustwave solution designed to uncover complex vulnerabilities

Trustwave has announced its new Enterprise Pen Testing (EPT) offering, designed to meet the complex testing needs of large organisations with an extensive breadth and depth of vulnerability identification, ability to deliver scaled programs of work, and competitive pricing.

New Zip File Phishing Trend

A new report from Trustwave password-protected Zip files were the third most common format used by cybercriminals to conceal malware in the first half of this year.

MSSP Trustwave Launches Enterprise Pen Testing Services

Trustwave has released an Enterprise Pen Testing (EPT) service to help organizations identify known and unknown threats. EPT customers can receive pentesting performed by onshore, nearshore and offshore pentesters. They also can work with a local technical account manager who ensures that customers can get the most value from their pentesting investments.

Social Media Phishing Scams Use URL Redirectors to Bypass Security Controls

Researchers at Trustwave’s SpiderLabs discovered another flavor of “infringement” phishing scams. The latest case resides under the umbrella of Meta and this time the targets are Instagram users via another Meta property: WhatsApp.

Trustwave’s Enhanced Co-Managed SOC Capabilities Maximizes Value from SIEM Investments

Trustwave announced enhanced Co-Managed SOC capabilities designed to maximize the threat detection and response value of SIEM (Security Information and Event Management) deployments, avoid unnecessary costs, and reduce alert noise by up to 90 percent.

Trustwave Debuts Security Operations Center Threat Detection and Response Enhancements

Trustwave launched a new version of its Co-Managed SOC (security operations center) designed to maximize threat detection within security information and event management (SIEM) deployments.

Attackers Switch to Self-Extracting Password-Protected Archives to Distribute Email Malware

In recent spam campaigns observed by Trustwave, attackers distributed ZIP or ISO archives disguised as invoices. Both file types can be opened natively on Windows without the use of additional applications.

7 Critical Steps to Defend the Healthcare Sector Against Cyber Threats

As attackers continue to target the healthcare sector, Trustwave SpiderLabs’ Ed Williams shares how the same level of preparation as medical emergencies is increasingly essential for cyber threats.

Cybersecurity Penetration Testing

In an interview with TechStrong’s Mike Vizard, SpiderLabs Senior Security Research Manager Karl Sigler explains how penetration testing is being used for both good and bad.

XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data

Trustwave’s research and intelligence team SpiderLabs published research about bugs in Canon Medical's Virea View that could allow cyberattackers to access several sources of sensitive patient data.

Cybersecurity Professional Shortage Less About Numbers and More About

Trustwave shares how organizations are falling short when it comes to skilled cybersecurity professionals; however, the reason may be less about the number of professionals in the industry and more about the number of professionals with the right level of skills and training.

The Number of CVEs Published This Year is on Track to Exceed 2021

Threat actors continuously scan the internet to gain the advantage of organizations with slow or outdated patching process. A new Trustwave report shares why having a proactive approach to identifying and patching vulnerabilities is incredibly important to having a good security posture.

Up to 35% More CVEs Published So Far This Year Compared to 2021

A new Trustwave report shows that significantly more CVEs will be published this year, and that some organizations are still vulnerable from older, unpatched CVEs.

Poor Healthcare Cybersecurity is a Thread to Public Health

Trustwave customer Children’s National Hospital shares how it’s improving its security posture in the growing threat environment with Trustwave. Breaches, hacks, and ransomware attacks are not only incredibly costly — they are ultimately a public health threat because they can compromise hospitals and healthcare workers’ abilities to provide care.

How Russia is Harnessing Cyber Warfare in its Conflict with Ukraine

A new report from Trustwave shows that Ukraine is fighting a battle with Russia in cyber space, as well as a physical war. Russia has been using 'cyber warfare' on Ukraine since the physical invasion started in late February.

Russian Use of Cyberweapons in Ukraine and the Growing Threat to the West

A study from Trustwave looks at the many Russian state cyberweapons subsequently unleashed against Ukraine. There is one common factor: they are all targeted specifically at and within Ukraine.

Thinking Holistically: Rethinking OT Security Strategy

Trustwave’s Cyber Advisory Practice Lead Darren Van Booven shares why OT security needs to be a primary concern and organizations must urgently re-evaluate their security strategy.

A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

Trustwave's SpiderLabs, which keeps tabs on prices for various products and services on the Dark Web, describes VPN credentials as the most expensive records in underground forums. According to Trustwave, prices for VPN access can go as high as $5,000 — and even higher — depending on the kind of organization and access it provides.

How Cybercriminals Sell Credit Card and VPN Data on the Dark Web

Stolen credit card data, VPN access credentials and other confidential info can be bought for as little as $8 on dark corners of the web. That’s according to researchers at SpiderLabs, the hacking and investigation team of cybersecurity company Trustwave, who conducted an extensive study into what cybercriminals charge for stolen data on the dark web.

IPFS Sites Increasingly Used for Phishing Attack

Over 3,000 emails had phishing URLs using IPFS during the last 90 days, indicating the growing popularity of IPFS for phishing sites, a study from Trustwave revealed.

1,000s of Phishing Attacks Blast Off from InterPlanetary File System

The distributed, peer-to-peer (P2P) InterPlanetary File System (IPFS) has become a hotbed of phishing-site storage: Thousands of emails containing phishing URLs utilizing IPFS are showing up in corporate inboxes. According to a report from Trustwave SpiderLabs, the company found more than 3,000 of these emails within its customer telemetry in the last three months.

Four Smart Cybersecurity Investments for CISOs to Bridge the Talent Shortage

Trustwave CISO Kory Daniels shares the ways to be most effective at addressing the cybersecurity talent shortage by maximizing investments in talent, technologies, and services.

The Decade in Vulnerabilities and Why They Persist

Trustwave’s research and intelligence team SpiderLabs published research on the most egregious network security flaws of the past decade - from 2011 to 2021.

Top 10 Cybersecurity Attacks of Last Decade Show What is to Come: Report

Overview: With a backdrop of the number of security incidents and vulnerabilities increasing in volume and sophistication, Trustwave shares the top 10 network vulnerabilities in no particular order that defined the decade and “won’t be forgotten.”

Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign

A social-engineering campaign bent on stealing Facebook account credentials and victim phone numbers is targeting business pages via a savvy campaign that incorporates Facebook's Messenger chatbot feature.

Apparent hacktivism in Iran and Lithuanian. Bumblebee's rise to prominence. CISA adds to its Catalog. A look at DCRat.

A cyberattack has struck one of Iran’s major steel companies on Monday, forcing it to halt production, SecurityWeek reports. The attack struck the state-owned Khuzestan Steel Co. and two other major steel producers.

Malicious Messenger chatbots used to steal Facebook accounts

A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages.

New phishing technique lures users with fake chatbot

A new Trustwave report details phishing techniques cybercriminals use to trick users into providing their credit card data through fake chatbots. The phishing email appears to originate from DHL, stating there was a package delivery problem.

What We've Learned in the 12 Months Since the Colonial Pipeline Attack

Darren Van Booven, Lead Principal Consultant at Trustwave explains why the demand for operational technology security services demand has doubled since Colonial Pipeline as leaders call for security system audits and assessments, ransomware protection strategies, and detection and response capabilities for advanced threats, such as cybergangs.

Watch Out For This Chameleon Phishing Scheme

Trustwave SpiderLabs encountered a phishing scheme that tricks victims into giving away their email credentials. The scheme acts like a chameleon by changing and blending its color based on its environment.

The Danger to the Digital Supply Chain from Lapsus$ Doesn’t End with Lapsus$

Karl Sigler, Senior Security Research Manager, Trustwave SpiderLabs, shares his insights on how threats like the hacker gang Laspsus$ could continue to pose a big risk to organizations.

Five Key Steps for Database Security in the Cloud Age

Mark Trinidad, Senior Manager of Database Security at Trustwave, covers the steps to mitigating security risks in complex cloud environments and leads discussion on how are organizations shifting to more data-centric security approaches that protect valuable data no matter where it is.

Vidar spyware is now hidden in Microsoft Help files

Cybersecurity researches at Trustwave SpiderLabs discovered the spyware, which is concealed in Microsoft Compiled HTML Help (CHM) files to avoid detection in email spam campaigns

Microsoft Help Files Disguise Vidar Malware

Cyber attackers are hiding malware in places you may not look. The new phishing attack, revealed by Trustwave SpiderLabs, is designed to plant Vidar infostealer on target machines. Trustwave reported that there was a notable uptick in this strategy dating back to 2019.

New Vidar Infostealer Campaign Hidden in Help File

Researchers at Trustwave SpiderLabs discovered an email malware campaign that demonstrates the complexity attackers are introducing to the delivery mechanism in order to avoid detection. The new campaign delivers an old but frequently updated infostealer: Vidar

White House Turns Heads With Critical Infrastructure Hack Warning

As President Biden and the White House warned of potential Russian cyberattacks on U.S. critical infrastructure, Bill Rucker, president of cybersecurity services firm Trustwave Government Solutions, says the alert from the White House is not surprising. “The data [from the White House] wasn’t very detailed, but obviously there’s a credible threat about preparatory activity that they’ve seen,” Rucker said.

How to spot scams pretending to raise money for Ukraine during war with Russia

In the wake of the Russia-Ukraine conflict, Chicago cybersecurity experts at Trustwave have raised awareness of phishing emails pretending to raise money for displaced people in Ukraine. Kory Daniels, Chief Information Security Officer at Trustwave, says “If you look at the maximum upside of damage, yeah, so it opens up a lot of different variables in terms of what they do. You know, leveraging this messaging of preying upon individuals' empathy and support of what we see for fundraising in Ukraine.”

Chameleon phishing attack brings bad karma to email users

New research by Trustwave SpiderLabs has uncovered a phishing attack that is able to adapt itself to the user's email service in order to trick them into revealing their login credentials

FBI: BlackByte ransomware breached US critical infrastructure

Following the BlackByte attack on the San Francisco 49ers, it was reported that data from the football organizations servers was stolen and almost 300MB worth of files were leaked. Trustwave created and released a free BlackByte decryptor that enables victims to restore their files after the ransomware gang used the same decryption/encryption key in multiple attacks.

Researchers find new way to neutralize side-channel memory attacks

When it comes to side-channel memory attacks, "these kinds of attacks are very uncommon," says Karl Sigler, manager of SpiderLabs Threat Intelligence at Trustwave. Sigler reports there haven’t been records of public exploitation of these types of vulnerabilities.

Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks

Russian government released thousands of IP addresses and domains behind a series of DDoS attacks aimed at Ukraine’s domestic infrastructure. Trustwave SpiderLabs researchers stated “lone-wolf and organized threats actors who possess the proper cyber skills may directly attack their nation's enemy or recruit others to join in a coordinated attack”

Hacker Recruitment Campaigns

In a Dark Web Insights report from Trustwave SpiderLabs, Ukraine and Russia have been using different strategies to recruit hackers to work for them. Trustwave noted that people advocating for Russia have appeared to be lone operatives and those for Ukraine have utilized Facebook and other large social media platforms.

Hacktivists Stoke Pandemonium Amid Russia’s War in Ukraine

Stemming from Trustwave’s Dark Web Insights blog, security researchers at SpideLabs released findings on a pro-Russia entity (JokerDNR) that has been posting blogs to embarrass Ukrainian officials, claiming to dox government workers and military members.

The Art of Non-boring Cybersec Training–Podcast

Darren Van Booven, Lead Principal Consultant at Trustwave visited the Threatpost podcast with Lisa Vaas to talk about how the right cybersecurity awareness program should be conducted at the right pace by well-informed instructors.

Hacking group is on a tear, hitting US critical infrastructure and SF 49ers

Servers belonging to the San Francisco 49ers were hacked from BlackByte a few days after the FBI warned of critical infrastructure being compromised in the US. BlackByte’s early ransomware had a flaw the allowed Trustwave to release a free decryptor tool to recover data

FBI warns BlackByte ransomware is targeting US critical infrastructure

As the BlackByte ransomware gang has made a comeback, three U.S. critical infrastructure sectors were targeted, according to the FBI. As the gang hit a rough patch, Trustwave helped BlackByte victims recover their files by releasing a free decryption tool.

Cybercriminals Hunt For Medical Data. Zero Trust As The Only Good Option To Keep The Healthcare System Secure

Healthcare institutions are becoming the main vector of cybercriminal attacks as medical data is extremely attractive and intruders know very well how to cash them. Trustwave’s 2019 Trustwave Global Security Report reveals medical data may cost up to $250 per record on the black market, while stolen payment card data is sold for $5.40. The best place to defend attacks are from the most crowded areas such as employees of clinics or hospitals.

Flaw in Polkit's pkexec Puts Linux Users at Risk

Reegun Jayapaul, Lead Threat Architect at Trustwave SpiderLabs, provides pertinent information and a threat hunting guide for the security community during the PwnKit vulnerability.

Data Privacy: Experts Share How Far We’ve Come and How Far We Have to Go - Part 4

Luke Kenny, Lead Security Principal at Trustwave, covers the essence of data privacy and how it’s not solely based on day-to-day protection and compliance.

Outlook Security Feature Bypass Allowed Sending Malicious Links

Trustwave SpiderLabs researcher Reegun Richard Jayapaul has discovered a new technique to completely bypass a security feature of Microsoft Outlook and deliver a malicious link to the recipient.

Microsoft patches Outlook URL formatting bypass

Microsoft has patched an Outlook vulnerability discovered by Trustwave SpiderLabs researcher Reegun Richard Jayapaul. The vulnerability and associated bypass allowed malicious emails to get through to Microsoft Outlook users.

Experts Urge Firms to Patch Trivial-to-Exploit Flaw in Linux PolicyKit

Karl Sigler, Senior Security Research Manager, Trustwave, shares his insights on the widespread PwnKit vulnerability affecting Linux distributions.

Best Practices for Manufacturers During the Cybersecurity Era

Darren Van Booven, Lead Principal Consultant at Trustwave, discusses the proper security fundamentals and best practices for the manufacturing industry to take on during a time of heightened attacks.

REvil gang member arrests strike fear among cybercriminals on the Dark Web

Through Dark Web forums, Trustwave has uncovered conversation between cybercriminals reacting to the FSB arrests revealing that cybercriminals seem worried about being arrested, while those in Russia are concerned that their home country is no longer a safe haven.

After ransomware arrests, some dark web criminals are getting worried

According to analysis of chatter on Dark Web forums by cybersecurity researches at Trustwave SpiderLabs, the recent arrests, particularly those by Russia, appear to have scared cyber criminals, some of whom appear to be worried that they might be next.

Russia Takes Down REvil Ransomware Operation, Arrests Key Members

Russia has taken down REvil ransomware members at the request of the United States government. Chatter on the forums that Trustwave monitored showed a level of apprehension from Russian threat actors about law enforcement in the country tracking them down.

Trustwave releases tool to aid financial institutions with resurgent QakBot malware

Within the past year, Qakbot malware has made an aggressive return as Karl Sigler, Trustwave SpiderLabs senior security research manager points out, Qakbot is the Swiss Army Knife of financial malware. Trustwave SpiderLabs released a new decryption tool in efforts to aid financial services institutions and root out Qakbot Trojan.

FIN7 Mails Malicious USB Sticks to Drop Ransomware

As malicious USB drives are circulating from ransomware gangs, the FBI points fingers towards FIN7. Karl Sigler, Trustwave SpiderLabs senior security research manager, says ongoing security-awareness training “should include this type of attack and warn against connecting any strange device to your computer.”

Why the Zero-Trust Journey Requires Strong Database Security

As the threat landscape continues to evolve, the government is finalizing zero-trust adoption guidance adhering to the cybersecurity executive order to advance toward zero trust architecture. Bill Rucker, President of Trustwave Government Solutions, highlights the zero-trust journey and the need for strong database security.

Taking a Data-Centric Security Approach to Accommodate Cloud Misconfigurations

Experts at Trustwave outline a data-centric security approach to reducing cloud misconfigurations and protecting organizations.

Security implications in 2022 of the exponential increase in ransomware

Ed Williams, EMEA Director of Trustwave SpiderLabs discusses the security implications in 2022 of the exponential increase in ransomware.

Predictions for 2022 by cybersecurity vendors

This time of year, CISOs want to have an understanding of what’s to come. Ziv Mador, vice-president of security research at Trustwave SpiderLabs, predicts “the advent and increasing frequency of attacks that use a ransomware-as-a-service (RaaS) offering indicate that such attacks will not slack off during the coming year.”

Do these four things for a cybersafe summer holiday break this year

Trustwave GM of Pacific Jason Whyte outlines the top cybersecurity tips for keeping things safe at the office during Australia/New Zealand’s long holiday break.

What you should do after a ransomware rampage

As the saying goes, hope for the best and plan for the worst. In the aftermath of a ransomware attack, it’s easy to get caught up in the immediate challenge of getting the business beck on its feet. However, response plans need to include long term actions to mitigate the risk of a delayed or repeat attack.

US Cyber Command Goes on the Offensive

Trustwave’s SpiderLabs shared commentary from cybercriminals that was collected from dark web forums. The communication revealed the criminals believe there are “secret negotiations on cybercrime between the Russian Federation and the United States.”

The Log4j vulnerability is bad. Here’s the good news

A vulnerability has been discovered in Log4j, an open-source Apache logging library. The threat from this vulnerability can enable attackers to access and control devices remotely. Karl Sigler, senior security research manager at Trustwave SpiderLabs explains, “Since this vulnerability is a component of dozens if not hundreds of software packages, it could be hiding anywhere in an organization’s network, especially enterprises with massive environments and systems.”

What to Do While Waiting for the Log4J Updates

Researchers are warning that attackers are actively exploiting the newly publicized unauthenticated remote code execution vulnerability in Log4j, the Java-based logging tool from Apache. Karl Sigler, Senior Security Research Manager, Trustwave SpiderLabs comments: “Any java application using the affected log4j versions and accessible over the network can be exploited, and many of those applications are likely third-party and out of the user's hands administratively.”

Trustwave Rolls Out New Cyber Supply Chain Risk Assessment Solution

Trustwave unveiled its new Managed Vendor Risk Assessment (MVRA), which is a cyber supply chain risk assessment solution for enterprises and SMBs. It’s now available globally and encompasses automated and specialist-led assessments. Nick Ellsmore, Trustwave’s global head of strategy, consulting and professional services commented: “MVRA is addressing one of the biggest issues across the cybersecurity environment right now: supply chain risk management.”

Russia may be collaborating with US to bring cyber criminals to heel

Trustwave’s SpiderLabs says its analysis of chatter on underground dark web forums suggest cyber criminals are starting to panic that formerly ‘friendly’ governments are on their case.

Four common shortcomings in cyber threat response

Through cybersecurity crisis simulation exercises, Trustwave’s Darren Van Booven identifies a series of common security shortfalls and steps organizations need to take to prepare for the next security crisis.

How to Outplay the Ransomware Playbook

Many organizations are increasingly concerned with their own cybersecurity models and ransomware preparedness as there’s been a 64% increase in attacks from 2019 to 2020 (304 million attacks worldwide in 2020). Darren Van Booven, Trustwave’s global director, cyber defense consultant highlights how organizations can create a ransomware response plan for the full life cycle of an attack.

Four Best Practices for Advancing Bank Cybersecurity Programs for the Cloud Age

Cyber defense programs are having difficulty evolving against constant threats trying to enter organizations. Trustwave’s global director, cyber defense consultant, Kory Daniels covers the four best practices for advancing bank cyber programs for the cloud: develop a cloud-specific security strategy, test, security processes, leverage AI with a human-centric approach, and take a holistic approach.

New Ransomware Variant Could Become Next Big Threat

Security teams will need to look out for Yanluowang, a ransomware threat that has been mounting attacks against US organizations. Just this week, Red Canary researchers reported observing a threat actor exploiting the ProxyShell set of vulnerabilities in Microsoft Exchange to deploy a new ransomware variant called BlackByte, which TrustWave's SpiderLabs recently warned about as well.

Prepare, defend, recover, repeat – The vicious cybersecurity cycle in 2021

It’s fair to say that 2021 has been one of the most challenging years on record for business leaders and organisations. Ed Williams, EMEA Director of SpiderLabs, Trustwave, reflects on the past 12 months and suggests how we can move forward with strong cyber hygiene in place.

Phishing in the Iranian diaspora. Not your grandma and grandpa’s crytper. Malware-as-a-service. Proofs-of-concept (one is a zero-day). Apple sues NSO Group.

The CyberWire’s guest is Karl Sigler from Trustwave, who covers the results of the 2021 Trustwave SpiderLabs Telemetry Report.

Breaking news: GoDaddy’s managed WorldPress service hacked

Users of WordPress through GoDaddy are vulnerable after it’s been reported that phishing attacks have been successfully carried out through compromised emails and passwords. Ed Williams, director of Trustwave SpiderLabs comments: “A breach of this size is particularly dangerous around the holidays…Hackers try to take advantage of every new email address and password exposed in an attempt to launch phishing attacks and social engineering schemes. Enterprises, SMBs, and individuals using frequently targeted platforms like WordPress should ensure they are following strong password best practices: complexity, frequent password changes, not sharing passwords between applications, and multi-factor authentication. If possible, utilize an authenticator app to secure your account instead of traditional two-factor authentication via SMS, as hackers have recently been targeting users with specialized SMS phishing.”

GoDaddy WordPress data breach: A timeline

Ed Williams, EMEA Director of SpiderLabs, Trustwave, comments on the data breach: “Hackers try to take advantage of every new email address and password exposed in an attempt to try and launch phishing attacks and social engineering schemes.”

Cyber insurance expands in preparation of breaches, fallout

The collaboration of the public and private sector could stem the growing tide of high-pact breaches. Kevin Kerr, lead security principal consultant for Trustwave, comments on the impact of multi-party breaches: “The financial impact to SolarWinds was significant, but who knows the actual financial impact…Right now, there is no centralized way to measure multi-party breach impact in costs, reputations, contracts. And each affected organization would measure that impact differently.”

Breach ripple effect leads to exponentially greater financial damage

SolarWinds is an example of ripple breaches, which are increasing 20% per year. Lead security principal consultant, Kevin Kerr, points to a recent attack to a central bank in Denmark where a trusted entity passed malware on to unsuspecting users.

The urgent need for the healthcare industry to develop cyber-resiliency

The black market value of healthcare records has shot up, according to a Trustwave report. Healthcare data records may now be valued up to $250 per record.

Secure your databases against opportunistic attackers

Findings from Radoslaw Zdonczyk at Trustwave have shown there will be login attempts to databases and internet servers before IP addresses are listed by scanners similar to Shodan, leading to an increase in vulnerabilities.

Security Expert Warns Windows 11 Could Yet Become Vista 2.0

Trustwave SpiderLabs’ Ed Williams shared his insights on how secure Windows 11 is for a feature article from UK journalist Davey Winder for Forbes

'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks

Trustwave SpiderLabs’ latest research blog detailing the researchers’ findings on the BlackByte ransomware strain as well providing the decryptor so that victims might be able to use it to reverse the malware's damage

BlackByte: Free Decryptor Released for Ransomware Strain

A free decryptor for BlackByte ransomware was released by Trustwave SpiderLabs researchers after they cracked the crypto-locking malware's encryption

This is what happens when you’re hit by a ransomware attack

Trustwave SpiderLabs’ Ed Williams participates in a video interview with Danny Palmer at ZDNet discussing the ins and outs of a ransomware attack, how cyber criminals get into networks and what they actually do once inside

Ransomware: dealing with the aftermath

In this episode Trustwave’s Ed Williams and journalist Stephen Pritchard look at the 30 days after a ransomware attack, the impact of ransomware attacks on operations and reputation, and how businesses can recover

Telemetry Report Shows Patch Status of High-Profile Vulnerabilities

Twenty percent of this year’s new vulnerabilities were given a ‘high severity’ scoring by the NVD and given the speed with which malicious actors can start exploiting these vulnerabilities, researchers at Trustwave investigated and reported on how quickly industry patches them.

Why organizations are slow to patch even high-profile vulnerabilities

To help organizations get a better handle on their patch management, Trustwave says organizations should assign an individual or a team to design a security program that covers risk management and policy, provide training, and implement an effective incident response plan.

50% of Servers Have Weak Security Long After Patches Are Released

Karl Sigler, senior security research manager at Trustwave SpiderLabs, points to reasons why the number of disclosed vulnerabilities is trending upward.

The network effect and the search for resilient email security

Graeme Slogrove on how the ubiquity and resilience of email poses a cybersecurity threat many aren't paying attention to.

Manufacturers are too vulnerable to cyber attacks: bigger steps are needed

Trustwave provides insight into the two main drivers behind recent cyber attacks on manufacturing companies.

The Great Data E-Scrape

Eric Pinkerton explains how to safeguard personal data on social media platforms, in light of multiple data scrapes in 2021 alone.

Microsoft Azure Cosmos DB Incident Underscores the Need to Closely Watch Cloud Data

Following the significant vulnerability found in Microsoft’s Azure Cosmos DB service, companies are reminded that even the Big Three cloud providers can make mistakes and that organizations have to still worry about cloud database security.

A five-point strategy for taking on ransomware

Grayson Lenik of Trustwave Government Solutions shares how organizations can defend themselves against growing ransomware threats by training employees in security best practices, vetting the supply chain, implementing layers of defense and hacking their own organization in a byline article for SC Magazine.

Global MDR and MSS Leader Trustwave Sees 2x Demand In Ransomware Preparedness Services

With the surge in ransomware over the past year, Trustwave has seen a 2x demand for its ransomware preparedness services. The increase in demand has been driven by CEO and board-level interest in cyber resilience and preparedness, according to Darren Van Booven, Lead Principal Consultant at Trustwave and former CISO of the U.S. House of Representatives.

Six steps to stop manufacturers becoming the next ransomware headline

Trustwave’s lead principal consultant, Darren Van Booven, shares advice for the manufacturing industry on how to protect against ransomware attacks in a byline article for Information Age

Trustwave Launches New Cyber Risk Assessment Tool

Trustwave launched a first-of-its-kind cyber supply chain assessment solution for enterprises and SMBs in the Pacific region.

MacOS Flaw in Telegram Retrieves Deleted Messages

Reegun Richard Jayapaul, Trustwave SpiderLabs Lead Threat Architect, discovered the flaw in the Self-Destruct feature of Telegram MacOS, which is part of the Secret-Chats aspect of the messaging app that uses end-to-end encryption.

Telegram for Mac bug lets you save self-destructing messages forever

New bugs discovered by Reegun Richard Jayapaul, Trustwave SpiderLabs' Lead Threat Architect, allow Telegram for Mac users to save self-destructing messages and attachments forever.

Warning: Telegram Self-Destruct Messages Don’t Always Destroy Everything

Researchers with Trustwave SpiderLabs warn Telegram users of two privacy flaws found in the Self-Destruct feature of Telegram MacOS.

14 Top Cybersecurity Trends To Expect At Black Hat Conference

Bill Rucker, president at Trustwave Government Solutions discusses why a zero-trust approach is vital to ensure that sensitive data doesn’t become vulnerable.

Trustwave Joins CISA’s Cyber Information Sharing and Collaboration Program

Trustwave Government Solutions, the wholly-owned subsidiary of Trustwave Holdings, Inc., joined the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP).

What To Do After a Ransomware Attack [Q&A]

Ed Williams, EMEA director of Trustwave SpiderLabs, discusses how organizations should respond after the aftermath of a ransomware attack.

Top Enterprises are Normalising Data Leaks

In this podcast, Derek Taylor, Vice President, EMEA Head of Consulting & Professional Services, discusses the danger of the normalisation of data leaks.

Rising Email Threats Require an Evolution in Business Defences

Ziv Mador, VP of Security Research at Trustwave SpiderLabs, explores the changing nature of email threats and outlines some of the best ways of combating them.

Why It’s So Difficult To Bring Ransomware Attackers to Justice

Trustwave SpiderLabs research on the Kaseya ransomware attack was featured by CNN.

Code in Huge Ransomware Attack Written To Avoid Computers That Use Russian, Says New Report

Trustwave SpiderLabs released a new threat analysis blog on the Kaseya ransomware attack, which was featured by NBC.

Phishing attack's unusual file attachment is a double-edged sword

In a new report by Trustwave, researchers explain how a threat actor has begun to utilize WIM (Windows Imaging Format) attachments to distribute the Agent Tesla remote access trojan.

VPN exploitation rose in 2020, organizations slow to patch critical flaws

Remote access made business continuity possible throughout the pandemic. But according to Trustwave's 2021 Network Security Report, VPN exploitation rose as hackers scanned for unpatched VPNs, including easily exploitable vulnerabilities.

Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched

Trustwave have warned that thousands of internet-facing VMWare vCenter servers still harbor critical vulnerabilities weeks after patches were released.

Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet

Trustwave researchers discovered thousands of instances of VMware vCenter Servers with two recently disclosed vulnerabilities that remained publicly accessible on the Internet three weeks after the company urged organizations to immediately patch the flaws.

Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws

Trustwave researchers found that thousands of VMWare vCenter servers that are reachable from the internet remained vulnerable to attacks, even after VMware released patches for this critical vulnerability.

REvil Hits US Nuclear Weapons Contractor: Report

David Bishop, CISO at Trustwave, explains the need for more serious repercussions for attacks like the recent REvil attack on Sol Oriens, a government contractor that works for the DOE on nuclear weapons issues.

Bad building blocks: a new and unusual phishing campaign

Karl Sigler of Trustwave's SpiderLabs joins host Dave Bittner to talk about Trustwave’s research: "Hidden Phishing at Free JavaScript Site," which details an email phishing campaign containing malicious attachments.

Huawei fixes serious LTE USB stick security flaw

Trustwave have discovered a code execution vulnerability in one of Huawei’s LTE USB dongles.

The normalization of data leaks and the privacy paradox [Q&A]

Derek Taylor, Lead Principal Security Consultant at Trustwave, explains why we shouldn't accept data breaches as the norm and how the user’s privacy calculus around data disclosure decisions can easily be manipulated.

The pen testing guide you never thought you needed, until now…

Ed Williams, Director EMEA of SpiderLabs, Trustwave, shares his essential guide to penetration testing, helping businesses invest in the right security strategy.

New Pingback Malware Using ICMP Tunneling to Evade C&C Detection

Trustwave SpiderLabs discovered a novel malware that uses a variety of tricks to stay under the radar and evade detection while stealthily capable of executing arbitrary commands on infected systems.

Tax email, text scams to watch out for

Ziv Mador, VP of Security Research, Trustwave SpiderLabs, encourages taxpayers to be wary of email phishing tax scams, showing examples of how fraudsters can lure victims into sharing personal information.

Fraudsters Use HTML Legos to Evade Detection in Phishing Attack

Trustwave SpiderLabs researchers warn Microsoft 365 users of a phishing campaign that employs "HTML Lego" to deliver a fake login page.

Hafnium’s China Chopper: a ‘slick’ and tiny web shell for creating server backdoors

Trustwave SpiderLabs provides insight into China Chopper, a web shell used by the state-sponsored Hafnium hacking group.

This crafty email scam smuggles malware behind .zipx files

Trustwave SpiderLabs researchers identify a new email scam that applies a number of crafty techniques to bypass security filters and infect victims with NanoCore malware.

‘Severe’ SolarWinds Vulnerabilities Allow Hackers To Take Over Servers

Forbes details the latest SolarWinds product vulnerabilities discovered by Trustwave and protection recommendations.

More exploitable flaws found in SolarWinds software, says cybersecurity firm

Ziv Mador, VP of Security Research, discusses the importance of the three new and severe vulnerabilities in SolarWinds products found by Trustwave and the need for organizations to implement a strong penetration testing strategy.

4 ways to minimize the risk of IT supply chain attacks

Mark Whitehead, Global Vice President, SpiderLabs Consulting at Trustwave breaks down the importance of taking a zero-trust cybersecurity approach when it comes to protecting networks and data accessible by third-party partners.

This new phishing attack uses an odd lure to deliver Windows trojan malware

Trustwave discovered a new phishing campaign that attempts to lure victims into downloading malware that gives cybercriminals full control over infected Microsoft Windows machines.

Multiple security flaws let hackers infiltrate D-Link routers

Five major vulnerabilities have been discovered affecting D-Link routers by cybersecurity researchers working as part of Trustwave’s SpiderLabs team.

Security Automation: Time for a new playbook

Jesse Emerson, VP of Managed Security Services at Trustwave talks security automation in the cloud and IoT era.

Trustwave’s Bill Rucker: Agencies Need Unified Platform to Ensure Security of Mission-Critical Data

Bill Rucker, president of Trustwave Government Solutions discusses security in cloud and on-prem environments and the importance of unified platforms.

Hackers can use WinZip insecure server connection to drop malware

Trustwave SpiderLabs discovers a security vulnerability in WinZip 24 that could lead to a malware infection.

What's in Store for Privacy in 2021

Changes are coming to the privacy landscape, including more regulations and technologies.

This messaging app uploads every file you send to the internet, which is bad

Messaging app Go SMS Pro, which has over 100 million installs from the Google Play store, has a massive security flaw that potentially allows people to access the sensitive content you’ve sent using the app.

Messaging app Go SMS Pro exposed millions of users’ private photos and files

Go SMS Pro, one of the most popular messaging apps for Android, is exposing photos, videos and other files sent privately by its users.

Encryption Vulnerabilities Allow Hackers to Take Control of Schneider Electric PLCs

A total of four vulnerabilities were discovered in Modicon M221 PLCs by researchers at industrial cybersecurity firm Claroty. Three of them were identified independently by employees of cybersecurity company Trustwave.

Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope

Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.

Hybrid Cloud is Driving Digital Transformation

The hybrid cloud model is increasingly used in digital transformation and data storage according to a new report from Trustwave. Of over 950 IT professionals surveyed, 55 percent use both on-premises and public cloud to store data with 17 percent using public cloud only.

Iran and Russia Seek to Influence Election in Final Days, U.S Officials Warn

Iran and Russia have both obtained American voter registration data, top national security officials announced late on Wednesday, providing the first concrete evidence that the two countries are stepping in to try to influence the presidential election as it enters its final two weeks.

Cybersecurity Company Finds Hacker Selling Info on 186 Million U.S. Voters

A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million.

Open Source Threat Intelligence Searches for Sustainable Communities

As long as a community is strong, so will be the intelligence it shares on open source feeds. But if that community breaks down ...

Spammers Add Random Text to Shortened Links to Evade Detection

Spammers are using a new technique of generating URLs to evade detection by humans and spam filters alike. This technique comprises adding random, unused text bits to shortened links, to disguise them as full-sized URLs and bypass the scrutiny of email gateways.

Spammers Use Hexadecimal IP Addresses To Evade Detection

A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk in RFC791 — a standard that describes the Internet Protocol (IP).

Trustwave Fusion Platform Launches on AWS GovCloud

Threat detection and response services provider Trustwave has launched its Trustwave Fusion platform on Amazon Web Services GovCloud – letting Federal agencies and government contractors take advantage of the cloud-native cybersecurity platform to combat ever-changing security threats.

How a CISO’s Approach To Security Strategy Can Be Shaped by Philosophy

“Philosophy?” the conversation usually begins – “that’s an odd background for cybersecurity, isn’t it?” “Funnily enough,” comes my well-rehearsed reply, “not at all”. I have been surprised how often the skills of one field can be easily applied to the other.

Contactless Credit Card Popularity Soars During Pandemic, but Stay Vigilant for Scammers

Contactless credit cards have become an extremely popular way to pay during the COVID-19 pandemic, according to industry experts. The technology allows you to wave your credit and debit cards over a device and pay without touching anything at the register. But consumers should still be vigilant for scammers.

Shared Memory Vulnerability in IBM's Db2 Database Could Let Nefarious Insiders Wreak Havoc

A bug-hunter has uncovered a vulnerability in IBM's popular enterprise database which, if left unpatched, could allow a local user to access data and kick off a denial-of-service attack.

Businesses Opt to Outsource Cybersecurity Services

According to research, there is a lack of in-house expertise in the area of digital risk protection – the ability to monitor risks, threats and breaches outside the network. The research found 80% of respondents stated their teams lack skills and knowledge in this area.

Experts Reported Security Bug in IBM's Db2 Data Management Software

Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks.

Microsoft Teams Vulnerable to Patch Workaround, Researchers Report

Security researchers have discovered a way to use the Microsoft Teams Updater to download malware, bypassing a patch released earlier this year and flying under security teams' radar.

Hackers Can Abuse Microsoft Teams Updater to Install Malware

Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.

Chinese Tax Software Hides Nasty Spyware

The cybersecurity firm Trustwave has released a new report detailing its discovery of a new type of malware hidden inside Chinese tax software.

Malware Stashed in China-Mandated Software is More Extensive Than Thought

Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there’s evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China.

Cybersecurity Firm Finds More Malware Hidden in Chinese Tax Software

Analysts at cybersecurity firm Trustwave say they have discovered a new type of malware they say was embedded in sales tax software — a different, older malicious tool than the previous one they found.

Trustwave Allows Partners To Resell Services For The First Time

Trustwave is for the first time allowing VARs, MSPs and agent partners to directly resell the company’s managed threat detection and response and professional services.

Malware found in Chinese tax program may have been targeting Ministry of Defence

A US cyber security firm has discovered a new form of malware potentially targeting foreign companies operating in China, which has been embedded in compulsory tax software and installs a hidden backdoor to allow remote access to computer systems.

Hidden Back Door Embedded in Chinese Tax Software, Firm Says

When a U.K.-based technology vendor started doing business in China, it hired a cybersecurity firm to proactively hunt for any digital threats that could arise as part of doing business in the country. The firm discovered a problem, one with such major implications that it alerted the FBI.

Spyware Hidden in Chinese Tax Software Was Probably Planted by a Nation-State, Say Experts

The tax software was legitimate, but embedded inside it was a nasty surprise, according to a new report by a private security firm: A sophisticated piece of malware that gave attackers complete access to the company's network.

How to Shop Online Safely During the Pandemic

Even as stores reopen in many parts of the country, people are still shopping online more than ever. And that includes using new sites set up by their favorite small businesses attempting to stay afloat through perilous economic times.

Sextortion is evolving during the coronavirus pandemic, report says

Sextortion is evolving into nastier ways to try to extort people. To date, the basic template for this cybercrime has been to claim people's accounts have been hacked, with the criminals saying they have video proof – usually via webcam – of a person watching sexual content. The criminals demand immediate payment in Bitcoin – which gives the extortionist anonymity – or they will release the video to the public.

Crooks Tap Google Firebase in Fresh Phishing Tactic

A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways.

How the Dark Web is Handling the Coronavirus Pandemic

Many on the dark web are expressing the same thoughts and fears about COVID-19 as everyone else, while others are looking for ways to profit from it, says Trustwave.

Another Stuxnet-Style Vulnerability Found in Schneider Electric Software

Researchers have found another vulnerability in software made by Schneider Electric that is similar to the one exploited by the notorious Stuxnet malware.

Vulnerabilities in Two Schneider Electric ICS Products Reminiscent of Stuxnet

Trustwave’s Global OT/IoT security research team uncovered the flaws in Schneider’s SoMachine Basic v1.6 and Schneider Electric M221, firmware version, Programmable Logic Controller (PLC).

4 Tips for Protecting Users From COVID-19-Targeted Attacks

Attackers are using this time of crisis to go after victims with targeted campaigns. The biggest threats are phishing attacks related to COVID-19.

Ransomware Is Now the Biggest Online Menace You Need to Worry About - Here's Why

Analysis of more than a trillion security events over the past year and hundreds of breach investigations by researchers at cybersecurity company Trustwave found that ransomware attacks have become the most common security incident.

How to Better Protect Your Organization Against Email Threats

As most generic spam now gets blocked, attackers have turned to more targeted, personalized phishing emails to reel in their victims, according to security firm Trustwave.

Coronavirus Worries Allow New Scams to Take Hold

Cyber criminals are taking advantage of the worldwide level of concern surrounding the COVID-19 coronavirus to launch an insidious new round of attacks that are much more effective than previous cyber-attacks.

Hackers Update Age-Old Excel 4.0 Macro Attack

Researchers from security firm Trustwave said they discovered a new malspam campaign that sends Excel 4.0 xls 97-2003 files with a compromised macro in email messages. The ploy is predictable and attempt to dupe users with themes ranging from fake invoices to COVID-19 related lures.

How Cybercriminals are Exploiting the Coronavirus Outbreak

Hackers are exploiting vulnerabilities stemming from the global coronavirus pandemic, including distracted workers and stretched-thin IT staff, as cybersecurity attorneys say the spread of COVID-19 has also brought with it a spike in data security incidents.

Chicago Companies Beef Up Videoconferencing, Cybersecurity as Coronavirus Prompts Race to Work from Home

Businesses often have a contingency plan — a Plan B — in case workers can’t get to the office when there’s a power outage, natural disaster or extraordinary circumstances, like in Chicago last winter when a polar vortex plunged temperatures far below zero. But few companies expected their backup plans to be deployed for a worldwide pandemic.

As Turla Attacks Evolve, Do Enterprise Security Teams Need to Defend Differently?

Turla, the highly-sophisticated and long established cyber espionage threat actor, shows no sign of slowing down.

Popular Tax Return Software Company Used in Tax Season Scam

An email campaign that purports to be a popular tax return software provider is the latest scam to make the rounds. The corrupted email is quickly spreading, in an effort to catch people who use the tax program.

Trustwave Launches Palo Alto Prisma Cloud Services

Trustwave, a managed security services provider based in Chicago, took the wraps off a new line of consulting and security services for Palo Alto Networks Prisma Cloud.

Telco Security Alliance Ramps up Threat Detection Capabilities with Global Intel-Sharing Initiative

Telco Security Alliance members AT&T, Singtel, and Telefónica are now sharing threat intelligence and indicators of compromise (IoCs) to help fight global attack campaigns that are launched against their customers.

Hackers Are Using the Coronavirus Panic to Spread Malware

Hackers are using the public’s fear of the coronavirus to steal passwords and spread malware, according to multiple cybersecurity firms and computer security experts.

Email Scammers are Taking Advantage of Coronavirus Fears

As the death toll from the coronavirus outbreak continues to rise, online scammers are using email phishing schemes in an attempt to profit on people's confusion and fear surrounding the virus.

Iran’s ‘Critical’ Cyberattack Threat – This Is What Is Really Happening Right Now

A week on from the U.S. killing of Iran’s Qasem Soleimani on January 3, media warnings around the cyber threat now facing the U.S. and its allies show no signs of diminishing.

Internet of Things Predictions for 2020

Smart cities, connected cars and other emerging technology trends fueled by IoT-enabled devices are likely to further gain pace from 2020 onwards – so here are some of the major IoT trends today and what to expect in the year ahead.

Travelex Refuses to Say if it Paid $6m Ransom to Hackers

Hackers behind the ransomware attack on New Year's Eve claimed to have stolen customer data including credit card information, and threatened to publish it online if they weren’t paid the money within seven days.

Iranian Hackers are Likely Planning Social Engineering and Phishing Attacks

Iranian hackers are likely planning social engineering and phishing efforts as retaliation for the U.S. military’s killing of Iranian military chief Qasem Soleimani, according to security experts in government and the private sector.

How to Keep Your Devices Secure When You Travel

If you’re anything like me, you’ll be traveling with all of your devices this holiday season. But according to Trustwave, you need to do a quick security check-up.

Why Enterprises Buy Cybersecurity ‘Ferraris’

You wouldn’t purchase an expensive sports car if you couldn’t use it properly. So, why make a pricey security investment before knowing it fits into your ecosystem?

Top Gun 51 Profile: Trustwave’s Suzanne Swanson on Growing Partner Relationships to Build Success

With 30 years of work experience in the channel, Trustwave’s Suzanne Swanson says her biggest business strength today continues to be her hands-on involvement working with partners.

CrackQ Tool Adds Analysis and Reports to Password Cracking

There is a new tool offensive security teams can use for their password cracking needs. CrackQ is open-source and can provide metrics on the current jobs, queuing and re-queuing tasks.

SatLink VSAT Modem Vulnerabilities Open Door to Cross-site Scripting Attacks

Security researchers have divulged two vulnerabilities in the SatLink 2000 VSAT modem that could enable hackers to carry out cross-site scripting attacks and sniff sensitive data traversing the modem.

Fake Windows 10 ‘Update’ Is Actually Just Filled With Ransomware

It’s no secret that Microsoft’s Windows 10 updates have been controversial as of late. They’ve been filled with patches fixing previous updates’ bugs only to create more issues. Now, there’s a whole new problem altogether: Fake ransomware-filled updates.

Windows Users, Beware: This Fake Update Could Lock Up Your PC

With the end of support for Windows 7 coming in January, many users are looking to update to Windows 10 to continue getting security updates and support from Microsoft. According to a report from security firm Trustwave, attackers are well aware of this and targeting Microsoft users with fake update emails.

Trustwave Launches Advanced Threat Detection for Azure

For Microsoft Azure users, Trustwave is launching new services to bolster threat monitoring, detection and response natively on the platform.

To Secure Multicloud Environments, First Acknowledge You Have a Problem

Multicloud environments change rapidly. Organizations need a security framework that is purpose-built for the cloud and that aligns with their digital transformation strategy.

Ransomware First Responder: ‘The Bad Guys are Getting Smarter’

Trustwave’s Shawn Kanady on the evolution of ransomware attacks, why the public sector appears to be taking the biggest hit, and whether organizations should pay the ransom.

Many Passwords Not Strong Enough, Allowing Hackers to Access Your Accounts

You might think your password is strong but think again. Your passwords are at risk, even if they have special characters and numbers.

Microsoft Patch Tuesday Fixes 59 Flaws

Microsoft has issued its monthly security (Patch Tuesday) update, to fix a total of 59 vulnerabilities in its operating systems and products.

Experts Expect Hospital Ransomware Attacks to Continue

One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.

Singtel’s Trustwave Sharpens Cloud Security Platform in Singapore

Trustwave has unveiled a new cloud native platform designed to offer enhanced cyber security products and managed services to Singaporean customers.

‘Chameleon’ Spam Campaign Employs Randomized Email Headers

A large number of spam messages recently sent from the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing, Trustwave reports.

The Secret to Total Cyber Security

Good cyber-defense requires total visibility of the network to understand what could be a potential vulnerability. In cybersecurity, a network is only as strong as its weakest point. Chris Schueler, Trustwave’s Senior Vice President of Managed Security Services, shares more in an exclusive interview with GovInsider.

17 Cybersecurity Products the Cyber Insurance Industry Says Are Worthwhile

Insurance broker Marsh has unveiled the inaugural class of cybersecurity products and services receiving a Cyber Catalyst designation that is part of an evaluation program its backers hope will bring greater clarity in the crowded cybersecurity marketplace.

The Saudi Oil Attacks Could be a Precursor to Widespread Cyberwarfare for Companies in the Region

The Kingdom and oil and gas industry have been slow to shore up defenses, raising red flags about the possibility of longer term fallout in the region, experts said, including those who have responded to incidents in the region.

Think Outside the Box to Close the Skills Gap

The right people are out there. It’s just a matter of finding them. I talked to Chris Schueler, SVP of Managed Security Services at Trustwave, for advice on how companies can start thinking outside the box about hiring cybersecurity staff and how to best identify potential candidates who may not meet your current criteria but could end up being the right person for the job.

Top Wi-Fi Routers Have Major Security Flaws

A security researcher from Trustwave has discovered vulnerabilities in several D-Link and Comba routers which could make it easy for cybercriminals to see usernames and passwords stored on the devices.

D-Link Wireless Modems Found to Leak Passwords

Trustwave's Spiderlabs has uncovered credential leaking vulnerabilities in D-Link wireless ADSL2+ modem routers that are widely available in Australia.

Automation: Friend of the SOC Analyst

Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs. Automation, artificial intelligence (AI), and machine learning (ML) are rapidly transforming nearly every industry, and cybersecurity is no exception.

Cybersecurity Readiness: A Must-Have For Digital Transformation Success

Enterprises today are facing challenges that are forcing them to embrace new technologies and applications that drive decision-making strategies based on hard data and real-time situational analysis and rely less on pure gut instincts.

Grupo Tecno Strengthens its Offer with Trustwave Managed Security Services

Trustwave, provider of cybersecurity services, and Grupo Tecno, integrator of Information Technology, signed an agreement that aims to provide managed cybersecurity services to both private and public companies in Mexico and Latin America.

Moving on Up: Ready for Your Apps to Live in the Cloud?

As the digital landscape changes, organizations are doing some purging of their own as they move to the cloud. But that transition isn't as easy as packing up dishes and linens, putting boxes on a truck, and heading off to a new destination.

AttackSurfaceMapper Automates the Reconnaissance Process

AttackSurfaceMapper, a new open source OSINT tool created by Andreas Georgiou and Jacob Wilkin, security consultants at Trustwave SpiderLabs, automates the process of collecting data that can help pentesters find a way into targets’ systems and networks.

#BHUSA: Increase Social Media Awareness with Active and Passive Testing

Speaking on “Testing Your Organization's Social Media Awareness” at Black Hat USA, Jacob Wilkin, network penetration tester and application security consultant, Trustwave SpiderLabs, said that social media phishing is on the rise and is now the “preferred vector for attackers” who now spread more malware via social media than on email.

Cybersecurity Staffers Needed, No Experience Required

The industry-wide shortage of trained cybersecurity personnel is not a new story, but Trustwave has begun to take a new approach to find not only trained cybersecurity staffers, but also those with no training or computer skills at all.

SanDisk’s SDD Dashboard Used Hardcoded Password, Lacks Encrypted Updates

Lackadaisical security practices in proprietary management software from a hardware vendor underscore the need for a vendor-agnostic solution.

Crain’s Hosts Tech 50 Event

Crain’s Chicago Business hosted its Tech 50 event honoring its annual list of headliners, behind-the-scenes heroes, new faces and emerging stars of Chicago tech. More than 100 people attended the event at cybersecurity company Trustwave’s office in the loop.

Snake Bites and Data Breaches

Why is treating a snake bite like responding to a data breach? It might sound like the beginning of a cheesy joke, but the two can have more in common that you might expect.

Cybersecurity Skills Shortage Prompts New Hiring Approach

Hiring managers are widening the pool of candidates in response to the cybersecurity skills shortage. Learn how a parks and recreation background can be an asset in threat hunting.

Hotel Kiosks Could Be Unsafe Due to Exposed Keys in Tech Tool

Researchers found that an application available on an unsecured website included credentials that could have allowed compromising consumer-facing Uniguest kiosks used by businesses in various activity sectors.

The Financial Implications of Cyber Crime

The modern-day robbery is no longer about criminals storming a bank wearing ski masks, brandishing firearms and filling bags with stolen cash. Instead, criminals now relay on more clandestine yet equally effective methods of stealing from financial institutions.

Wave and Pay: Cardless Card Make a Comeback Despite Previous Security Concerns

The convenient technology known as "wave and pay" available with some credit cards is making a comeback after serious security concerns. The technology is a debit or credit card with a wireless symbol where all you have to do is just wave it in front of a payment terminal and your transaction is done in seconds.

The Hotel Hackers Are Hiding in the Remote Control Curtains

Three men dressed for business travel in jeans and dress shirts loaded backpacks into the trunk of a black coupe and wound their way through the center of a major European city. When they arrived at their hotel, they unloaded their luggage and waited giddily to pass through the revolving doors. They were checking into the hotel to hack it.

Why Upskilling with Practical Experience Can Close the Cyber Skills Gap

As it becomes increasingly challenging and expensive to recruit new team members, one of the most effective approaches to improving security capabilities is to focus on upskilling your existing team instead.

Tomorrow’s Cybersecurity Analyst Is Not Who You Think

Organizations can’t just rely on diverse and cutting-edge technologies to fight adversaries. They will also need people with diverse expertise and backgrounds.

Sure Links Up With Cyber Experts

Telecoms company Sure has joined forces with a firm fighting the threat from cybercrime. The company is called Trustwave.

How to Stay Secure While Shopping Online

Hackers are targeting credit cards online more, a new report found. The number of cards being targeted went up by 7 percent, according to Trustwave’s global security report.

Trustwave Report: Threat Containment Getting Better

Given much of the publicity that is routinely attached to every breach disclosure these days, it’s easy to be pessimistic about the overall state of cybersecurity.

Gartner Magic Quadrant for Managed Security Services 2019: Analysis

Gartner’s Magic Quadrant 2019 for managed security services providers (MSSPs) has surfaced. Here’s a look at each MSSP featured in the report, along with our perspectives on each cybersecurity business.

Enterprises Not Doing So Well on Net Protections

You may have business relationships with an internationally located vendor, supplier, provider, contractor, employee, or customer. You may have boosted cybersecurity in your network. Be vigilant, attackers can use your business relationships as stepping-stones into your network.

Industry Reactions to Cybersecurity Workforce Executive Order

The White House says there are over 300,000 cybersecurity job vacancies in the United States and believes it’s crucial for the country’s economy and security that these jobs are filled.

Trustwave Releases New Database Security Updates

Trustwave is introducing a new database security scanning and testing software that helps organizations better protect critical data assets hosted on-site or by major cloud service providers.

Data: E-Retail Hacks More Lucrative Than Ever

This in-depth report from Trustwave contains a number of useful suggestions that sites can consider for a defense-in-depth approach to combating an increasingly crowded field of criminal groups turning more of their attention toward stealing CVV data.

MSSP Trustwave Unveils Database Security Scanning, Testing Software

Trustwave, a Top 100 MSSP, has introduced the DbProtect database security scanning and testing software. DbProtect provides data visibility and protection and compliance management capabilities, according to Trustwave.

Cyber-security Is Improving, Though Risk Continues to Grow

The 2019 Trustwave Global Security Report, released on April 25, has its fair share of bad news as it has found that multiple types of attacks have grown and attackers have continued to increase levels of sophistication.

Piracy Apps Surf for Vulnerabilities

Cyber criminals are attacking more accounts in the Asia Pacific region than North America, representing 35 percent of investigated data compromises, according to the annual report out today by Trustwave.

The Pulse of Risk Detection and Response at RSA 2019

Trustwave, which offers Managed Detection and Response (MDR) services, has taken a number of steps to build stronger context into their operations. They are feeding data about known bad actors into their intel fusion platform (IFP).

LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files

A spam campaign pushing the info-stealing LokiBot trojan leverages a novel technique to avoid detection. According to researchers, the spam messages include malicious .zipx attachment hidden inside a .PNG file that can slip past some email security gateways.

CIA Extortion Scams Using SatoshiBox to Sell Alleged Proof for $500

The CIA extortion scams continue to evolve in order to squeeze as much money out of a victim as they can. In a new variant discovered by researchers, the extortion emails are now selling alleged proof on Satoshi Box for $500 that show you are part of the CIA investigation.

Attitude Is More Important Than Your Current Skill Set

Lawrence Munro, worldwide vice president of Trustwave SpiderLabs, on active threat hunting and what it takes to become a red teamer.

Hackers Use Pakistani Passport Website to Spy on Visitors

Hackers modified a Pakistani government website where citizens can request passports to spy on its visitors, according to researchers at Trustwave.

How to Break into Penetration Testing – an Expert’s Guide

In his role leading penetration testing services at Trustwave, Lawrence Munro, VP SpiderLabs, has pulled together the attributes, experience and qualifications he considers necessary to crack a career in this challenging space.

Pen Testing Takes Center Stage at RSA

It’s more important than ever for cybersecurity professional to understand how attackers can gain access to sensitive company or customer data. While it’s still important to examine vulnerabilities in isolation, the ability to understand attack paths and how attackers can gain access to data.

The Winners of the 2019 SC Awards Honored in the U.S.

Trustwave Managed Security Services’ elite team of 250 ethical hackers isn’t just protecting some of the world’s largest enterprises and government agencies. It’s actually reimagining ways that entire industries can protect their assets.

Why Cybersecurity Burnout Is Real (and What to Do About It)

The constant stresses from advanced malware to zero-day vulnerabilities can easily turn into employee overload with potentially dangerous consequences. Here’s how to turn down the pressure.

Trustwave Embraces Cybereason MDR for Endpoints

Trustwave, a Top 100 MSSP, has integrated the Cybereason Defense Platform into its Managed Detection and Response (MDR) for Endpoints service.

A Guide to Choosing a Cloud-Based Security Services

Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security.

Why Are You Looking at Me? I See You Watching Me.

Arjun and Jessica Sud routinely use a baby monitor to keep tabs on their 7-month-old’s bedroom. Last month, they heard something chilling through the monitor: A deep male voice was speaking to their child.

How Criminals Use Uber and Airbnb to Launder Money Stolen from Your Credit Card

Cybercriminals are turning to new technologies to launder their ill-gotten gains, including recruiting fake Uber drivers, shady Airbnb hosts and crypto conversion specialists via underground dark web, experts say.

Security Bugs in Video Chat Tools Enable Remote Attackers

Newly discovered security bugs in Lifesize videoconferencing products can be remotely exploited, giving attackers the ability to spy on a target organization or attack other devices.

Trustwave Secure Email Gateway Now Supports Microsoft Azure RMS

Today’s topics include Trustwave improving its Secure Email Gateway to reduce email threats.

Trustwave Improves Secure Email Gateway to Reduce Email Threats

Trustwave announced the latest iteration of its email security platform with the unveiling of Secure Email Gateway (SEG) 8.2. Among the highlights is support for the Microsoft Azure Rights Management System (RMS), which is used to protect against data loss and unauthorized access.

Why Good Database Security Planning is Essential for Protecting a Company’s Most Important Assets

Attackers know that shutting companies out of their own data can quickly cripple an organization and put the pressure on to consider paying the ransom.

The Year Cryptojacking Ate The Web

Cybersecurity can feel like a chaotic free-for-all sometimes, but it’s not every day that a whole new conceptual type of attack crops up. Over the last 15 months, though, cryptojacking has been exactly that. It’s officially everywhere, and it’s not going away.

Gartner Magic Quadrant for Managed Security Services 2018: Analysis

So what’s new for 2018? Trustwave moved into the enviable Leaders Quadrant, while Capgemini, DXC Technology and Fujitsu were added to the overall rankings.

Gift Cards Make Popular Gifts, Targets for Scammers

Gift cards are popular gifts this time of year, but they’re also big targets for theft. Americans have spent almost $30 billion on gift cards this holiday season but have also lost more than $50 million so far this year in gift card-related scams, according to the Federal Trade Commission.

Unpatched Kernel-Level Vuln in IBM Security Tool for Apple MacOS Revealed

Researchers disclose signedness bug in driver used by IBM Trusteer Rapport endpoint security tool after IBM fails to deliver timely patch.

Dark Web Recruitment: In the Web’s Lawless Underbelly, There are Still Rules

What we see when we browse the web is just the tip of the iceberg. Hidden below the surface, accessible only by the Tor browser, exists a marketplace in which criminals can sell drugs, weapons and stolen data with relatively little surveillance.

60 Cybersecurity Predictions for 2019

Just like last year, this year’s 60 predictions reveal the state-of-mind of key participants in the cybersecurity industry (on the defense team, of course) and cover all that’s hot today.

The SOC Essentials for 2019

What are the key differences between building a SOC for a large enterprise vs. for a small to midsized organization? Trustwave's Kory Daniels explains the distinction and outlines the must-have skills.

Hackers Infect Make-A-Wish Foundation Website With Code That Generates Cryptocurrency

Hackers successfully broke into the international website of the Make-A-Wish Foundation and inserted malicious computer code which used the computers of people visiting the site to generate cryptocurrency.

Hacker Brief: Criminals With No Shame Hit Make-A-Wish Website

Over the last year or so, cryptojacking—which forces your computer to mine cryptocurrency for bad guys when you visit an infected site—has become one of the internet’s most pervasive scourges.

How to Train Your Team (and Organization) to Effectively Use Threat Intelligence

Threat intelligence has transformed the information security world for the better but it’s not always leveraged in the best way possible by organizations and departments. The sheer amount of information, providers, platforms, and types of threat intelligence and data available, make it difficult to confidently ensure an organization is making the most of their threat intelligence.

Ransomware Infection? Here’s How You Control the Damage

Eighteen months ago, ransomware hit headlines around the world with the WannaCry and Petya outbreaks which spread across 150 countries. While lower attack volume may suggest that file-encrypting ransomware is no longer a risk, that’s not the case.

Five Key Considerations when Developing a Security Operations Center

Ensuring access to a reliable feed of threat intelligence through a security operations center (SOC) is an essential element of many organization’s security strategy today. However, establishing a SOC is a complicated endeavor, particularly when it comes to balancing budget and resource limitations in an increasingly complex security landscape.

Why is Burnout so Prevalent in the Cybersecurity Industry?

A role in cybersecurity, while rewarding, can also be extremely taxing psychologically. We spoke to Chris Schueler from Trustwave about why burnout is so prevalent and how it can be addressed.

Red Alert Android Trojan for Rent at $500 Per Month

The Red Alert 2.0 Android Trojan first detailed in September last year is currently available for rent on underground forums at $500 per month, Trustwave reports.

Virtual Case Notes: 10 Years After Fighting Conficker Exploit, Security Researcher Reflects

As the last full week of the 15th National Cybersecurity Awareness Month comes to a close, security experts are reflecting on the 10-year anniversary of one of the most significant computer vulnerabilities and cyberattacks of the time.

Like it or not, Business Must Swallow TLS Deprecation Medicine

In coordinated statements, the big four in the browser application world have finally announced the deprecation of Transport Layer Security (TLS) protocol v1.0 and v1.1.

Top Cybersecurity Facts, Figures and Statistics for 2018

Looking for hard numbers to back up your sense of what’s happening in the cybersecurity world? We dug into studies and surveys of the industry’s landscape to get a sense of the lay of the land – both in terms of what’s happening and how your fellow IT pros are reacting to it.

Singtel to Buy Australian Cyber Security Firm for A$23.3 Million

Singtel’s Australian subsidiary has inked a deal to buy a privately held cyber security firm incorporated in Victoria state, which will be integrated into the group’s Trustwave cyber security arm.

AVANT, Trustwave Partner to Increase Security Sales in The Channel

AVANT Communications has forged an alliance with Trustwave, an MSSP that helps businesses fight cybercrime, protect data and reduce risk. The alliance gives AVANT’s thousands of channel sales professionals access to Trustwave’s portfolio of managed security services covering threats, vulnerabilities and compliance.

Inside the Dark Web’s ‘Help Wanted’ Ads

How cybercriminals recruit everyone from car drivers to corporate insiders and pay them according to the risk they assume.

Signed Check Used to Take $4,500 from Couple’s Account

A year ago, one couple wrote a check for $625. Then, someone tried to deposit more than a dozen other checks worth around $20,000 using that original signed check as their counterfeit canvas. CBS 2’s Dorothy Tucker investigates how that can happen.

How to Defend Enterprise Apps with Threat Modeling: 4 Lessons Learned

Security experts have long recommended that security teams incorporate threat modeling into their process of analyzing their corporate assets. Taking a structured approach to analyzing risks to information infrastructure can reveal new threats that aren’t contained in compliance requirements or industry standards.

PureVPN Windows Client Leaked Passwords

PureVPN has had two vulnerabilities which would allow hackers to retrieve stored passwords through the VPN client. This was confirmed by Trustwave’s research and the VPN provider itself.

There’s a Booming Job Market for Corporate Insiders Willing to Share Secret Info with Cyber Criminals

Many companies, especially in big technology, banking and telecom, face heavy incentives overseas for employees to sell internal information or access. The problem is so common that in some jurisdictions, criminal enterprises post “job ads” looking for specific insiders to aid in targeted schemes.

A Look at the Windy City’s Newest Cyber Command Center

Ask anyone what a quintessential cybersecurity command center looks like, and they’ll likely launch into a description that includes a dark room with vibrant accent lighting and a collection of screens displaying an array of information from global news to maps highlighting real-time cyberattacks.

Threat Hunters and Ethical Hackers: Trustwave’s Chicago Command Center Battles Cybercriminals

Scrolling down a jumbo screen Trustwave’s Loop office is a list of personal information. There are emails, names, passwords, credit card numbers and expiration dates – a gold mine for anyone trying to steal someone’s identity.

How Trustwave Keeps an Eye on Hackers

Look inside the Loop command center where the information-security company is stepping up its cybersecurity game.

The Secrets of Social Engineering

We’ve all heard the stories in the news about cyberattacks enabled by unwitting consumers: fraudsters hacking into individuals’ email accounts and sending messages to their contacts requesting money; consumers providing payment information to phony websites; cybercriminals pretending to be relatives “in urgent needs of funds.”

Unpicking the Cyber-Crime Economy

Turning virtual cash into real money without being caught is a big problem for successful cyber-criminals. They often have to get creative when “cashing out” or laundering the money they have stolen, according to a security expert.

Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors

Researchers have found a cross-site scripting (XSS) flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites.

Thought Leader – Chris Schueler

At a time when cyberattacks and threats are on a sharp rise both in frequency and severity, Chris Schueler has been a driving force in shaping how large organizations incorporate the managed security model.

Criminals Exclusively Target Bank Staff Credentials with RAT-Laced MS Publisher Email Attachments

Cybercriminals have chosen one of Microsoft’s lesser known Office document creation apps Publisher (.pub) as the vehicle for distributing password stealing malware intended for employees at thousands of banks around the word.

New Facial Recognition Tool Tracks Targets Across Different Social Networks

Researchers at Trustwave released a new open-source tool called Social Mapper, which uses facial recognition to track subjects across social media networks.

How Your LinkedIn Exposes You to Facial Recognition Hacks

From Facebook overshares to accidental password posts on Twitter, there are many ways in which Web personas leak things of use to malicious hackers.

MikroTik Routers Enslaved in Massive Coinhive Cryptojacking Campaign

According to Trustwave researcher Simon Kenin, on July 31, a surge in Coinhive activity was detected which indicated that a malicious cryptocurrency mining operation was underway.

200,000 Routers Turned Into Mindless Crypto Coin Mining Zombies

Somewhere out there a cybercriminal is lining his or her pockets with cryptocurrency. Whoever it is isn’t using powerful computer to do the mining. Instead, this individual is using an ever-growing army of enslaved routers to do the dirty work.

Cryptojacker Campaign Hits MikroTik Routers

More than 200,000 routers hit with a sophisticated cryptomining attack that appears to be spreading.

Oracle Fixes Solaris Vulnerability that Could Allow Kernel Level Privilege Escalation

A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.

Dust Yourself Off and Try Again: Ancient Solaris Patch Missed the Mark

A vulnerability first detected and “resolved” years ago in Oracle’s Unix OS, Solaris, has resurfaced, necessitating a fix in Big Red’s latest quarterly patch batch.

A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.

A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.

DanaBot Trojan Targets Bank Customers In Phishing Scam

The recently-discovered DataBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB.

What Does the EU Cybersecurity Vote Mean for the Average Person?

The European Parliament’s industry committee wants to give ENISA more power and create a rulebook for connected devices.

Why Cryptocurrency Threats Aren’t Going Away Anytime Soon

In the 2018 Trustwave Global Security Report, which looks at a wide range of computing and internet threats, risks and vulnerabilities across more than a dozen industries and 21 countries, cryptocurrency has a starring role.

Linux Becomes Major Cryptomining Target

Not only has cryptojacking hit the big time, but now attackers are moving to target Linux.

Third-Party Cyber Security: Strengthening the Weak Link

As companies adopt new technologies in short timeframes, they are increasingly turning to outsourcing resulting in third-party providers having access to sensitive data more than ever before.

EFF’s STARTTLS Everywhere Aims to Protect Email in Transit

The EFF’s new STARTTLS Everywhere initiative aims to secure email as it transits the internet between mail servers to prevent mass surveillance, as well as email spoofing.

Why Cybercriminals are Turning to Cryptojacking for Easy Money

The cryptocurrency market has seen an incredible amount of attention and hype over the last year, culminating with Bitcoin values soaring by more than 1,300 percent in 2017.

Cover Your Bases: Areas to Focus on in Your Information Security Strategy

From connected devices to insider threats, the modern-day cybersecurity professionals has their hands full when it comes to ensuring their organization measurably reduces risk.

Weaponizing IPv6 to Bypass IPv4 Security

Just because you’re not yet using IPv6 doesn’t mean you’re safe from the protocol’s attack vectors.

These Terrifying Ads Selling Violent Services Don’t Show the True Secret of the ‘Dark Web’ – That Criminals Behave a lot like Regular Companies

What you can’t see is that these cyber criminals behave among one another in much the same way legit businesses behave to legit customers, a security researcher tells Business Insider.

Don’t expect your bank’s virtual cards to be the ultimate security solution

Finding out you’re a data breach victim is bad enough. But the process of canceling credit cards and checking statements for suspicious activity will likely be an even bigger headache.

What’s the Biggest Security Threat for 2018? Malware

What will be the most significant threat to cybersecurity teams in 2018? According to a May 2018 survey from information security company Trustwave, 22 percent of full-time information technology (IT) professionals said preventing malware, including ransomware, was their biggest obligation for 2018.

GDPR is on the books, Google, Facebook face lawsuits, others scramble to comply

GDPR has been in play for less than 24 hours and several lawsuits have already been filed in the EU against Facebook and Google claiming each in not abiding by the new privacy regulations.

Pressures impacting security pros are up, threats are turing up the heat

Trustwave released the 2018 Security Pressures Report based on a global survey of 1,600 full-time IT professionals who are security decision makers or security influencers within their organization.

Growing Job Pressures Increase Risk of Burnout for Cybersecurity Professionals

A new Trustwave survey shows information security executives and practitioners are under increasing pressure from trying to keep up with threats and compliance mandates.

Not so Safe in the Cloud – a Quarter of Enterprises Hit by Cryptojackers

Newly published research reveals the poor state of enterprise cloud security, as evidenced by the advance of cryptojacking within these environments.

IPV6 and IoT Security: What Should you Know?

IPv4 is stretched to breaking point and IPv6 migration is an inevitability as IoT devices multiply.

Cyberthreats: A 10-Year Perspective

This year marks a historic decade-long milestone of the Trustwave Global Security Report (GSR), an annual report that touches on the current state of cybersecurity and the evolving threat landscape.

Have you updated your Electron app?

Electron – the widely used desktop application framework that renders top programs – suffered from a security vulnerability that potentially allows miscreants to execute evil code on victims’ computers.

Exploit puts popular web and mobile apps at risk

A new exploit could allow users to bypass security checks in Electron, a popular cross-platform development framework.

Internet security: A power user’s guide to staying safe online

There are lots of straightforward steps you can take to protect your privacy online. Spend a couple of minutes now to get yourself set up, and you’ll never worry about it again.

Microsoft Patches Two Zero-Day Flaws this Month

Microsoft has patched over 60 vulnerabilities in this month’s security update round including two being actively exploited in the wild.

Wither Spam?

The internet has never been an especially safe place, but at least one small corner of it – email – was less perilous for most users in 2017.

Survey Roundup: Regulatory Inconsistencies Take Toll on Companies

Cost of Divergence: Inconsistencies in regulation among various jurisdictions – regulatory divergence – cost financial institutions between 5% and 10% of their annual revenue.

MSSP Trustwave Launches Enterprise Cybersecurity Consulting Practice

Trustwave, a Top 100 MSSP and compliance, threat and vulnerability management services provider, has launched a Detection, Analytics and Response Consulting (DARC) practice for enterprises.

Trustwave Helps Financial Service Providers Fight Back Against the Cybercriminals Who Want Your Data

Cybercrime and information security breaches are increasing at alarming rates, and the FBI estimates losses each year run into the trillions of dollars.

Research Reports Reveal Web Application, Patching Worries

Security vulnerabilities are rampant, while software patching remains a key challenge. These are a few of the high-level findings from research reports released the week of April 2-6.

Cybercriminals are Increasingly Targeting Online Retailers. Here’s How to Protect Yourself

Cybersecurity can be a cat-and-mouse game. Fix one weakness, and the criminals find another target. It’s a lesson industries from retail to restaurants to airlines are learning as consumers’ data increasingly draws the attention of online thieves.

All Web Applications Studied Had at Least One Vulnerability, Says Trustwave Report

Web developers are still not closing all the security holes in their applications, a new vendor study suggests.

100% of Web Applications Vulnerable to Attack, Despite Billions Spent on Security Efforts

Vulnerabilities and attacks on networked devices have surged in the past decade, while spam emails have dropped, according to a Trustwave report.

Retail Sector Leads in Data Breaches as Criminals Target Corporate Networks

The retail sector suffered the most breaches in 2017, accounting for 16.7 percent followed by the finance and insurance industry at 13.1 percent and hospitality at 11.9 percent.

Gosh, These ‘Hacker’ Nerds are Only Getting More Sophisticated

An annual report from security firm Trustwave highlighted increased sophistication of web app hacking and social engineering tactics on the part of miscreants.

Despite Risks, A Majority of Firms are Allowing the use of Wi-Fi Hotspots

While experts have warned about the perils of connecting to unsecured public Wi-Fi hotspots in the past, new research has revealed that organisations are suffering more from security issues than in the past.

jRAT Leverages Crypter Service to Stay Undetected

In recently observed attacks, the jRAT backdoor was using crypter services hosted on the dark web to evade detection, Trustwave security researchers have discovered.

Leader of Cybercrime APT Behind $1.2 Billion in Bank Heists Arrested

In a big victory for international law enforcement, Spanish police have arrested the alleged leader of Carbanak, a cybercrime group believed responsible for stealing over $1.2 billion from more than 100 banks in 40 countries.

Trustwave Goes Threat Hunting

Trustwave Government Solutions is debuting its new Threat Hunting service for forward-leaning government agencies that are tired of having they cyber clocks cleaned.

GDPR: Is Your Company Ready?

In May, the European Union (EU) will begin enforcing the most stringent regulations to date on how EU citizens’ personal data is lawfully collected, processed and stored.

Top Five Ways Security Vulnerabilities Hide in Your IT Systems

Despite the known risks of software vulnerabilities, most companies have unpatched security flaws in their infrastructure.

Trustwave Launches Proactive Threat Hunting Service

Trustwave, a Chicago-based cybersecurity company that has specialized in cyberattack response, has launched Threat Hunting for Government, a service designed to proactively and continuously search federal networks for intruders and malware.

Government Steps Up to One New Technology, Risks Another Over Inaction

As the Defense Department beefs up its cyber threat hunting capabilities, it’s taken a slower approach toward modernizing GPS.

New Word Malware Attacks Systems Without Using Macros

Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.

Cryptomining Can Slow Down Devices, Run up Electric Bill

Could your computer or device be running slower on certain websites? The I-Team is investigating cryptomining and how it can affect you – and even your electric bill.

Trustwave, Uniserve Partner to Deliver Managed Security Services in Canada

Trustwave, a Top 100 MSSP that provides compliance, threat and vulnerability management services, has added Canadian voice, data and media services company Uniserve Communications to its customers across Canada.

Wish You Could Log into Someone’s Netgear Box Without a Password?

If you’re using a Netgear router at home, it’s time to get patching. The networking hardware maker has just released a tsunami of patches for a couple of dozen models of its kit.

The 20 Coolest Cloud Security Vendors of the 2018 Cloud 100

Soaring demand for cloud security is being fueled by everything from increased adoption of bring-your-own devices and connected devices to smart cities and government mandates around cloud adoption.

Spectre Shenanigans, Nork Hackers Upgrade, Bad WD Drives and More

Your Weekly Dose of Infosec Odds’n’sods.

New Western Digital My Cloud Bugs Give Local Attackers Root on NAS Devices

Researchers disclosed two new vulnerabilities in Western Digital My Cloud network storage devices on Thursday that could allow a local attacker to delete files stored on devices or allow them to execute shell commands as root.

OnePlus Attackers Steal Credit Card Data From 40,000 Customers

Days after receiving initial reports about fraudulent activity, the mobile phone vendor reveals that attackers could get a malicious script onto its website that stole user credit card information.

Australian Companies Lag World In Evaluating Business Risk of Data Compromise

Despite tighter privacy controls and a looming disclosure regime, Australian companies are less vigilant about data risk than their counterparts in other advanced economies, according to research that found protection of critical data varied with dramatic differences in the perceived value of that data.

How Secure Is Your Hotel’s Mobile Room Key?

By the time you get to your hotel, you’ve waited at the airport, on the plane and in transit. Checking into your room may also mean a wait — but not if your hotel offers mobile check-in and a digital room key.

The CEO’s Critical Role In Driving Cybersecurity Readiness

Cybercrime’s cost to businesses continues to grow exponentially. In 2015, Juniper Research predicted that the continued reliance on digitization in our lives will be the catalyst for a $2.1 trillion criminally driven industry by 2019.

Trustwave’s Value of Data Study Finds Major Variances on the Black Market Value of Critical Financial Information

Most consumers think of credit card information as the most valuable personal data to cyber thieves. But strategies put in place by card issuers to lock a credit card the instant fraud is suspected makes it a valuable commodity for only a brief period of time.

Why Retail Is The Hottest Target For Hackers

Five trillion dollars in U.S. retail spending is very attractive to cybercriminals. The large volumes of financial data continuously processed by payment and retail vendors is highly valued and can provide criminals with easy payouts.

Examining Attitudes Towards Confidential Data

Industry analyst firm Quocirca surveyed 500 IT decision makers in the United States, Canada, United Kingdom, Australia and Japan, examining attitudes towards the value of confidential data including: personally identifiable information, payment card data, intellectual property and email.

The Value of Personal Data to Companies and Cyber Criminals

Businesses rely more and more on data, but a new study shows up significant differences in the value that is placed on confidential data around the world and in different industries.

From Porn Sites to Starbucks Wi-Fi, CPUs Are Getting Hijacked to Mine Cryptocoins

It’s one things to wake up and discover that you missed the boat on a cryptocurrency boom that’s making a handful of people very wealthy. It’s another thing to find out that your computer is making someone else rich while it gives you poor performance and jacks up your electricity bill.

East European Banks Cyber Robbed: How Did They Do It?

Earlier this year Trustwave was called to investigate several security breaches which had affected banks in Post-Soviet countries.

Trustwave: A Managed Security Provider on the Front Lines of the Fight Against Damaging Data Breaches in Retail

Hackers routinely target vulnerable retailers of all sizes, stealing credit card data and other sensitive financial information in the process. Trustwave helps those businesses protect their data and mitigate risks through cloud and managed security services — and by enlisting a team of cybersecurity experts.

Why Hackers Love Cryptocurrency Miner Coinhive

A brilliant idea to monetize internet traffic appears to be running amok.

Just Don’t Call Them Ethical Hackers

The field of cyber security has a couple of problems. First, the media insists on using headline-friendly terms like "ethical hacker" for roles that are done not by loners in hoodies, but professionals in corporate cubicles.

Trustwave Shakes up Global Channel Program as Aussie Security Demand Increases

Trustwave has announced a revamped global partner program in the channel, with updates including a new online learning system and partner portal.

Trustwave Adds Online Learning, Self-Service Portal to Partner Program

Cybersecurity firm Trustwave has a new online learning system and streamlined partner portal designed to give partners a complete understanding of customer security and compliance issues.

Wired Away: Couple Loses Life Savings During Home Purchase

The I-Team has a warning after a local couple's life savings vanished. They lost more than $300,000 during the purchase of their dream home in a scam that could happen to anyone.

Risk Assessment: The First Step in Improving Cyber Security

Despite the proliferation of high profile cyber-attacks over the last 18 months, many organisations are still too disorganised in their approach to security.

Cryptojacking Craze That Drains Your CPU Now Done by 2,500 Sites

A researcher has documented almost 2,500 sites that are actively running cryptocurrency mining code in the browsers of unsuspecting visitors, a finding that suggests the unethical and possibly illegal practice has only picked up steam since it came to light a few weeks ago.

Oh Brother: Hackers Can Crash Your Unpatched Printers – Researchers

Security company Trustwave says it has found a flaw in the web server used by Brother printers which could lead to a denial of service.

Brother Printers Susceptible to Remote Denial of Service Attacks

Networked consumer and business printers manufactured and sold by Brother contain an unpatched vulnerability that can be abused by a remote attacker to cause a denial-of-service condition on the device.

How Devs at 7 Chicago Companies Keep Their Skills Cutting Edge

Companies are constantly evaluating and implementing new technologies, which requires engineers to stay on top of the industry’s latest developments.

10 Scariest Ransomware Attacks of 2017

Who needs a horror movie when you have the 2017 ransomware news cycle? There has been a constant stream of increasingly destructive attacks hitting victims around the world.

A Lack of Cybersecurity Talent is Driving Companies to Use AI against Online Attacks

A shortage of humans to fight cybersecurity battles is causing companies to turn to machines.

For Cybersecurity, AI Helps Alleviate Shortage of Human Experts

Tighter cybersecurity is a priority for most companies. But good help is so hard to find.

Hacking as a Matter of Life or Death, Trustwave

Hacking as a Matter of Life or Death, Trustwave

Why Cryptojacking Is the Next Big Cybersecurity Threat

Meet the Internet’s latest menace. Hackers and penny-pinching website hosts are hijacking people’s computers to “min” cryptocurrency. And we’re not talking about coal and canaries.

Your Browser Could Be Mining Cryptocurrency for a Stranger

Wired There’s something new to add to your fun mental list of invisible internet dangers. Joining classic favorites like adware and spyware comes a new, tricky threat called “cryptojacking,” which secretly uses your laptop or mobile device to mine cryptocurrency when you visit an infected site.

Taxpayers Targeted by Spam Emails Posing as HMRC to Take Control of Computers

UK taxpayers have been warned to be on high alert after a wave of booby-trapped emails was recently caught posing as tax return messages from Her Majesty's Revenue & Customs (HMRC).

New Cybercrime Campaign a ‘Clear and Imminent’ Threat to Banks Worldwide

Hundreds of millions of dollars stolen from banks via an sophisticated attack that blended cyber and physical elements.

Ykcol and Asasin Ransomware Locky Variants Released Within Short Time Frame

At least two new Locky ransomware variants have been released within less than a month of each other although one of the variants is broken for the time being due to a malformed spam campaign.

Trustwave Smart Security on Demand

Data is the lifeblood of business, and it is increasingly being jeopardized as the businesses are facing an onslaught of financially motivated hackers, corporate data breaches, and frequent compliance changes.

Overdraft-fiddling Hackers Cost Bank in Eastern Europe $100m

Hybrid cyberattacks on banks in former Soviet states has already resulted in estimated losses of $100m.

Digital Bank Heist Spree has Totaled at Least $40 Million since March

An international organized crime syndicate has stolen at least $40 million from banks since March using a hacking scheme, according to a report released Tuesday, and has likely stolen substantially more.

Criminals Stole Millions from E. Europe Banks with ATM “Overdraft” Hack

Crime ring opened minimal accounts with banks, then boosted their withdrawal limits.

Inmarsat Launches Fleet Secure

Inmarsat has officially launched its Fleet Secure cyber security service, which has been constructed and delivered in partnership with Singtel and Trustwave, at its UK headquarters as part of London International Shipping Week.

Beyond Open Floor Plans: Check Out 5 of Chicago’s Coolest Tech Offices

Kegs and ping pong tables won’t cut it anymore if you’re looking to wow prospective employees with your office.

New Dridex Phishing Campaign Delivers Fake Accounting Invoices

A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero.

Threat Seeker – Ziv Mador

For his work with the SpiderLabs Security Research team and previously as a member of Microsoft's response team where he helped formalize the incident response program and the malware protection center.

Chips Can Fall Out of Chip Credit Cards, Leaving Consumers Vulnerable

A new wrinkle in smart technology serves as a reminder for consumers to be cautious, as the tiny chip in your credit card can fall out and then be used by someone else to access your credit card information.

How to Make Sure Your Tech Business Keeps up with Cyber Attackers

Brian Hussey, VP of cyber threat detection and response for SpiderLabs at Trustwave, explains what elements firms need to have in place if they are to detect, contain and survive a cyber-attack.

This is Where You Will Find Your Next New Employee

If you’re looking to expand your team, chances are one of your current employees knows just the right person.

Phones May Be Joining Unsecure Wi-Fi Networks Automatically, Experts Say

Free Wi-Fi is a great way to save on data, but the I-Team has learned your phone could be taken over automatically by Wi-Fi, signing on to unsecure networks and putting your information at risk.

Rising Information Security Threats, and What to do About Them

The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to every CISO.

It costs just $5 to infect 1,000 computers with malvertisements

Even though malware detection and containment have improved a lot since 2015, malvertisement are still a lot cheaper and difficult to contain, says a report from security firm Trustwave.

Fight against cybercrime shows wins and losses in 2017 Trustwave global security report

Trustwave has released the 2017 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2016.

PoS Attacks on the Rise and Spam Rebounds, Trustwave Reports

Security services firm Trustwave released its 92-page 2017 Global Security Report on June 20, providing insight into security trends observed by the firm from data breach investigations conducted around the world. One trend was a growing volume of point-of-sale (PoS) system breaches, which grew to 31 percent of breached environments analyzed by Trustwave in 2016, up from 22 percent in 2015. "Cybersecurity in 2016 had both highlights and lowlights," Trustwave CEO and President Robert J. McCullen said in a statement. In this slide show, eWEEK looks at both the highlights and the lowlights of the 2017 Trustwave Global Security Report.

Nearly half of compromises due to insecure remote-access software and policies: report

Metrics are vital for CISOs to do their job effectively. Unfortunately the numbers included in the latest Trustwave global survey show that infosec pros and software developers around the world still have a long way to go. Read more: or visit for more Canadian IT News

Cybersecurity trends: Fight against cybercrime shows both improvements and downsides

Trustwave released the 2017 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2016. The report demonstrates both good and bad news in the world of cybersecurity as intrusion detection and breach containment times were relatively better, but other threats like malvertisements became cheaper and malicious spam saw increases.

Median Dwell Time for Hackers Drops to 49 Days

The dwell time for hackers inside victim networks fell by nearly half over the past year, although the time from intrusion to containment of such threats remained virtually the same, according to Trustwave.

It's cheaper to infect 1,000 computers with malvertising than to buy a beer six-packv

The state of global cybersecurity is a mixed bag at the moment, according to a new report by Trustwave. The company's 2017 Trustwave Global Security Report says intrusion detection is faster, as well as containment times. However, malvertisement is cheaper, and spam has picked up the pace.

Time to Detect Compromise Improves, While Detection to Containment Worsens: Report

Throughout 2016, Trustwave investigated hundreds of data breaches in 21 different countries, and conducted thousands of penetration tests across databases, networks and applications. An analysis of key findings from this activity is presented in the 2017 Trustwave Global Security Report published Tuesday (PDF).

Cybercrime evolving into more of a genuine business, Trustwave report

The "2017 Trustwave Global Security Report" [registration required] examines trends over 2016 in the areas of cybercrime, data breaches and security. The era of acting defensively is over. It is time to approach cybersecurity proactively, the report stated.

Organizations Are Protecting Intrusions More Quickly

More organizations appear to be heeding the advice to implement capabilities for detecting intrusions sooner, at least based on an analysis of data from breach investigations that security vendor Trustwave conducted for clients last year.

Gains, losses in efforts to combat cyber crime in 2016: Trustwave

The fight against cyber crime showed both advances and retreats in 2016, with improvements on the intrusion detection and breach containment fronts matched by cyber crime increasingly being treated as a business, suggests a Trustwave report released Tuesday.

Report: 99.7% of web apps have at least one vulnerability

Nearly every web application has at least one vulnerability, according to the 2017 Trustwave Global Security Report, released Tuesday. Of the apps scanned by Trustwave for the report, 99.7% included at least one vulnerability, with the mean number of vulnerabilities in web apps being 11.

Payment Card Data Still Hackers’ Most Frequent Target

Yesterday, news broke that a file containing detailed personal information on 200 million Americans was stored on an unprotected server by a political contractor. The travails of Yahoo and its half a billion stolen records have been well documented. Breaches like these, focused on personal information, recently have shifted the focus of card-not-present fraud professionals toward new kinds of fraud based on personal information: account takeover, account creation and synthetic fraud.

Trustwave: 63 percent of breaches observed targeted payment card data

Security firm Trustwave has released its 2017 Global Security Report which contains some bleak findings relating to the rise of payment card data thefts and incidents involving point-of-sale breaches in the hospitality, retail and food and beverage industries.

Retail industry leads the way in data breaches

The largest share of data breach incidents involved the retail industry, closely followed by food and beverages, according to a new report. The 2017 Global Security Report from Trustwave shows that 22 percent of incidents involved the retail industry, followed by food and beverages at 20 percent.

US is Number One! In sales register hacking attacks, at least

Hacking attacks against sales terminals have risen by nearly a third last year, and the US is still leading the way in being insecure. Incidents affecting sales tills and payment systems increased to 31 per cent in 2016, according to research by security firm Trustwave, while incidents affecting e-commerce environments fell to 26 per cent from 38 per cent. Incidents involving sales registers were most common in the US, thanks to its tardy adoption of EMV chip technology and a reliance on chip and signature rather than chip and PIN payment.

Trustwave Global Security Report: Cyber Intrusion Detection Improving

Many organizations are getting better at cyber intrusion detection, according to a new report from Trustwave, the Chicago-based MSSP. The “2017 Trustwave Global Security Report” of cybercrime, data breach and security threat trends from 2016 indicated the median number of days from cyber intrusion to detection of a compromise fell from 80.5 in 2015 to 49 last year. In addition, the median number of days from cyber intrusion detection to containment was 2.5 in 2016, according to the report.

Minimizing Risk: Five Ways Payment Facilitators Can Stay Secure and Keep Merchant Risk at Bay

Attackers are developing new methods of stealing sensitive information every day, making retail breaches an all-too-common occurrence. But an important line of defense for merchants are their payment facilitators, which, when armed with the right knowledge, can act as digital bodyguards for these brands.

What Happens When Your Small Business Is Hacked

News headlines continue to call our attention to the latest cyber attacks -- something that provides IT and security professionals with the daunting task of remaining steadfast on the unpredictable security battlefield. In fact, 53 percent of IT professionals felt more pressure to secure their organization last year, compared to 2015, according to the 2017 Security Pressures Report from Trustwave. However, contrary to what you would expect, the pressures are not just coming from the C-suite.

Interview with Mayor Emanuel and Trustwave CEO Bob McCullen

Chicago Mayor Rahm Emanuel joins Trustwave to open the company's new and expanded headquarters, plus helps to mark the start of the City Colleges of Chicago's (CCC) inaugural Cyber Security Boot Camp.

Trustwave Says it’s Hiring Hundred to Grow its Cybersecurity Business in Chicago

Trustwave, the Chicago-based information security firm that helps businesses protect against cyberattacks, unveiled its expanded headquarters and announced an internship program with the City Colleges of Chicago Monday at an event with Mayor Rahm Emanuel.

Trustwave signs up e92plus for push into security channel

Trustwave looks to put more business through the channel as it broadens out from traditional compliance business

4 Reasons the Vulnerability Disclosure Process Stalls

The relationship between a manufacturer or vendor and security researchers can be filled with tension and unease, and it's most often put to the test during the vulnerability disclosure process. Although their intentions are pure, researchers often feel they are being shut out of the process, while vendors may see disclosure deadlines as a threat from researchers looking to produce headlines.

Security Issues Place More Pressure on IT Pros

As organizations wade deeper into digital technology, the pressure grows on IT and security professionals to keep systems up and running. What's more, as budgets shrink and the time required to manage and maintain security systems swells, the stress levels keep rising. A recent report from Trustwave, "2017 Security Pressures Report," offers some perspective on how organizations are addressing these issues, and how IT and security teams are faring.

Security experts find clues to ransomware worm's lingering risks(1)

Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.

Security experts find clues to ransomware worm's lingering risks

FRANKFURT (Reuters) - Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.

Outsourcing security: Would You Turn Over the Keys to a Third Party?

Tom Bain, vice president of marketing at CounterTack, believes organizations want to "collapse the stack" and move to fewer providers and platform offerings. They want less agents and ultimately not as many providers under the hood. “Taking technologies into a managed deployment gives an enormous advantage to MSSPs who can remove the burden from operators, monitoring and responding to threats on their behalf,” he said.

Trustwave adds space and employees at new Loop HQ

In the past year, Trustwave has hired 160 people in Chicago, increasing headcount here about 30 percent to more than 500 people. Worldwide, Trustwave is up to 1,650 employees. It's a workforce heavy on engineering talent. McCullen doesn't expect the growth to slow down. The company has 50 open positions in Chicago. There isn't enough talent anywhere in tech, but the challenge is particularly steep in cybersecurity. "We need really skilled people," he said. "Even our customers can't find them."

Secure IT: Profile of a White Hat hacker

Ever wondered who these ‘hush-hush’ people are that help to keep our networks safe? Here we talk to Lawrence Munro, director of SpiderLabs EMEA for Trustwave, about the role of the ‘White Hat hacker’.

Carbanak Hackers Refine Intrusion Tactics

The Carbanak group, also known as Anunak, was exposed in 2015 after it managed to steal an estimated $1 billion from more than 100 banks across 30 countries. In early 2016, the group continued to target banks, mainly in the Middle East and U.S.

Tech-Savvy Innovative Hotels Are More Vulnerable to Data Breaches

The race to become the most innovated and tech-savvy hotel is on. Hotels have increasingly begun working with technology companies to offer more innovative and enhanced guest experiences. Guests at many hotels can now bypass the need to go to the front desk by using their mobile devices to select a room, check-in, receive texts when their room is ready, and even unlock the door to their room. Guests can also customize their stay by requesting items, ordering room service, planning activities, or purchasing upgrades. Everything a guest may want is only a few clicks or taps away, and soon, the data collected by these programs will allow hotel operators to anticipate guests’ requests and needs.

This elite cybercrime group is wreaking havoc on the U.S. restaurant industry

A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent brand-name restaurants in the U.S.

What to look for when evaluating an Incident Response Services Provider

With Australia’s mandatory data breach notification laws set to take effect by 23 February 2018, protecting sensitive information and data privacy has moved up the burgeoning list of an organisation’s IT security priorities.

Behold, the spear phish that just might be good enough to hook you

To understand why Carbanak is one of the Internet's most skilled and successful criminal groups, consider the recent spear-phishing campaign it used to infect computers in the hospitality and restaurant industries with malware that steals banking credentials.

Pressure is on Australian CSOs as cybersecurity breaches are found to be near-ubiquitous

The risk of cybersecurity compromise has become ubiquitous across business and government sectors, with new figures suggesting that nine out of every 10 Australian organisations dealt with an attempted or successful cybersecurity breach during fiscal 2015-16 – and that 58 percent had been successfully compromised.

IT Professionals Feel Security Pressure From Cloud, Others’ Breaches

IT Professionals Feel Security Pressure From Cloud, Others’ Breaches

Software often launched without security checks, survey finds

Cybersecurity company Trustwave, which has its Canadian headquarters in Waterloo, released the results of its fourth annual Security Pressures Report on Wednesday. The survey is based on interviews with 1,600 IT and cybersecurity professionals around the world.

Security Professionals Feel More Pressure to Deliver Cybersecurity

According to Trustwave’s 2017 Security Pressures Report, the answer is yes, a shift is happening, especially in who is putting the pressure on staff for improving cybersecurity efforts. Security is becoming more personal, the report said, with 24 percent of respondents citing pressure exerted by oneself to deal with cybersecurity, which is up 13 percent over last year’s report. Nearly half of the respondents did admit that they feel the pressure from executives and boards of directors, but that number is down 13 percent from last year.

InfoSec pros feel less external pressure, take security more personally

Security professionals are feeling less pressure from management, less pressure to approve IT projects early, and are less worried about emerging technologies, according to a report released this morning. But they are also putting more pressures on themselves.

Tech workers are routinely pressured to roll out products that aren’t secure, report says

The majority of tech professionals are pressured to roll out projects before they’ve undergone necessary security audits and hardening, according to a new security pressures survey from the security firm Trustwave.

The Evolving Role of the Managed Security Service Providers

This issue includes: Identity and access management strategy: Time to modernize? Strong authentication methods: Are you behind the curve? Start redrawing your identity and access management roadmap

How to respond to device and software backdoors inserted or left by Vendors

It’s bad enough when black hat hackers insert malicious backdoors into systems and software after vendors/makers have sold these into the marketplace. It is another matter when the vendors who create these devices and programs unwittingly or purposely leave backdoors inside their products.

Shut The Backdoor! More IoT Cybersecurity Problems

We all know that what we mean by hacker around here and what the world at large thinks of as a hacker are often two different things. But as our systems get more and more connected to each other and the public Internet, you can’t afford to ignore the other hackers — the black-hats and the criminals. Even if you think your data isn’t valuable, sometimes your computing resources are, as evidenced by the recent attack launched from unprotected cameras connected to the Internet.

Chinese IoT devices containing a hidden backdoor – Trustwave

The built-in backdoor discovered by Trustwave in IoT devices enables access by the manufacturer and leaves the devices open to exploitation by others, which despite Trustwave following the responsible disclosure process, has repeatedly been left exposed by the vendor.

We found a hidden backdoor in Chinese Internet of Things devices – researchers

IoT devices from a Chinese vendor contain a weird backdoor that the vendor is refusing to fix, we're told. The vulnerability was discovered in almost all devices produced by VoIP specialist dbltek, and appears to have been purposely built in as a debugging aid, according to researchers at TrustWave. The infosec biz says that it followed a responsible disclosure process, but claims the manufacturer responded only with modifications to its firmware that leave access open

The rise of the chief digital officer and six other takeaways from RSA 2017

The cybersecurity industry wrestles with why the Internet isn’t safer after $75 billion in annual spending and how to handle ransomware at one of its marquee annual events.

I-Team Investigation on Phishing (features Trustwave's Shawn Kanady)

Millions use Amazon to shop, and many are used to receiving emails from the company. But the ABC 7 I-Team investigated emails that look like they could be from Amazon but are not.

Trustwave introduces proactive threat hunting service

Trustwave announced at RSA Conference 2017 new and enhanced managed security and professional services designed to help short-circuit an attacker’s activities by detecting cybersecurity threats much earlier and shutting them down before real damage is done.

Disclosure floodgates set to open as Australian breach notification passes Parliament after years of waiting

It took years of discussion and several revisions, but experts believe the long-awaited passage of Australia’s breach notification legislation will kick off a new era of transparency that will rapidly improve understanding of the country’s real cybersecurity threat climate. The enabling legislation – contained within the Privacy Amendment (Notifiable Data Breaches) Bill 2016 – passed both houses of Parliament after a series of readings since it was first formally introduced to Parliament last October. But the process of authoring, revising and discussing the legislation stretches back several years, with one security executive after another warning that continued inaction was hobbling Australia’s ability to improve its overall cybersecurity posture.

Incident Response and the role of Penetration Testing

Rapid7 and Trustwave in their articles will explain how crucial the connection between Incident Response and Penetration Testing is, while Kroll will show you practical examples of attack response. We hope you will enjoy these contributions , prepared for you by world-wide corporations.

He’s a super-sleuth on your side at Trustwave’s SpiderLabs

Trustwave does everything I can think of for security. The team that I’m a part of is the incident response team, and we’re within a bigger team called SpiderLabs. I tell my kids, “I work at SpiderLabs and I fight cybercrime, the bad guys.” And they absolutely love it.

Your Netgear router may expose your password if you don't update its firmware

The security of internet infrastructure devices like routers and wireless access points, along with all kinds of devices that connect through them, has been of particular concern lately. Recent distributed denial of service (DDoS) attacks have originated in Internet of Things (IoT) devices, for example, and a slowdown in such issues doesn’t seem imminent.

Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done. The vulnerability was discovered by Simon Kenin, a security researcher at Trustwave, and stems from a faulty password recovery implementation in the firmware of many Netgear routers. It is a variation of an older vulnerability that has been publicly known since 2014, but this new version is actually easier to exploit.

Dozens of Netgear products vulnerable to authentication bypass flaws

Simon Kenin, a security researcher at Trustwave, was – by his own admission – being lazy the day he discovered an authentication vulnerability in his Netgear router. Instead of getting up out of bed to address a connection problem, he started fuzzing the web interface and discovered a serious issue. Kenin had hit upon unauth.cgi, code that was previously tied to two different exploits in 2014 for unauthenticated password disclosure flaws.

Compliance Failures, Breaches Top ‘Fireable’ IT Issues: Survey

The Trump administration’s proposed clampdown on foreign-worker visas is expected to boost demand for tech professionals at home, as The Wall Street Journal reported this week.

Businesses hobbled by deficiencies in security resourcing as IoT-driven DDoS volumes surge

Distributed denial of service (DDoS) attacks are increasingly being used to distract businesses and insecure Internet of Things (IoT) devices became the favoured mechanism for launching the attacks during 2016, according to a new analysis of the past year’s DDoS attack trends.

Trustwave: Russian Cybercrime Group Targets Hospitality Industry

According to Trustwave, a well-known Russian cybercrime group called Carbanak has been targeting the hospitality and retail industry in Europe and North America. The group is said to be specifically targeting internal corporate secrets and payment card data.

Addressing the IT Security Skills Gap

Today's cyber-threats present challenges for even the most tech-savvy IT executives in the most tech-savvy organizations. It's not news that the volume and velocity of threats continue to grow. At the center of the problem? Recruiting and retaining the security talent necessary to mitigate and minimize cyber-risks.

Trustwave Report Shows Enterprises Can't Hire Enough Security Staff

While security challenges often seem limitless, the resources that organizations have on hand to combat them are not. Security firm Trustwave issued a new report on Jan. 18 looking at the state of IT resources and staffing challenges titled, "Money, Minds and the Masses."

Carbanak gang using Google services for command and control

The infamous Carbanak gang may have been using Google cloud services as command and control infrastructure for malware embedded in malicious Office documents.

The Changing Face of Carbanak

Months of ramped up Carbanak activity that includes a new host of targets and new command and control strategy has reinvigorated attention on a criminal outfit that may have at one time stolen up to $1 billion from banks worldwide.

Canadian enterprise among victims of macro-based malware attacks

A major Canadian corporation is among those in the hospitality industry in several countries whose financial activities have been compromised by a Microsoft Word-based macro attack that appears to be orchestrated by criminal groups working together, according to a security vendor. Read more: or visit for more Canadian IT News

Beeeellion-dollar' mastercrooks in hotel, restaurant blitzkrieg

The Carbanak cyber criminal gang is abusing Google’s infrastructure as a conduit for botnet control. The gang became notorious when it was blamed for the theft of one billion dollars from more than 100 banks across 30 countries back in 2015. Fast-forward two years and Carbanak is now infecting users via a script that will send and receive commands to and from Google Apps and Google Forms services.

Carbanak gang using Google for malware command and control

The Carbanak cybergang has been spotted using Google for its malware command-and-control channel. Forcepoint Security Labs researchers said the group is hiding in plain site by is using Google as an independent command and control channel since Google is likely to be more successful than using newly created domains or domains with no reputation.

How to get fired in 2017: Have a security breach

There are many reasons why IT professionals can be fired, but six out of the top nine are related to security, said a survey released this morning. For example, having a tech investment that leads to a security breach was considered a fireable offense by 39 percent of organizations, according to Osterman Research, which conducted the survey.

Money Launderers Meet Their Match

As Deep Throat said to Woodward and Bernstein, “follow the money,” and you will see who is doing what, when, how and maybe even why. In the old days, that was walking on foot to the laundromats that were literally and figuratively serving as fronts to launder money obtained from illicit activities. In a digital world, it’s not that easy. “Laundromats” can take any digital form, and following the money is a web of digital phony storefronts — and more — that engage in transaction laundering activities.

Transaction laundering attracts more scrutiny as fraudsters dodge PCI

Fraudsters, aware of the scope of the Payment Card Industry data security standards, increasingly deploy fraud methods that fall outside of PCI safety.

Stay Connected


Sign up to receive the latest security news and trends from Trustwave.