With Trustwave’s DbProtect, threat monitoring and advanced user rights review will lift the burden on USPTO security teams to prioritize issues with on-premises and cloud databases.
Media Coverage
Trustwave Media Coverage chronicles news articles and TV spots featuring commentary and insights from our experienced experts and enlightening studies.
U.S. Patent and Trademark Office Adds Zero-Trust Capabilities
Trustwave Earns U.S. Government Contract for Database Security
The United States Patent and Trademark Office (USPTO) has awarded an expanded database security contract to the government solutions division of Trustwave, a Top 250 MSSP.
Trustwave Teams Up with Trellix for Better Managed Security
Cybersecurity companies Trustwave and Trellix say they want to help end users simplify their systems in the face of a complicated threat environment.
Why Data is the New Uranium
Trustwave’s Nick Ellsmore shares why thinking of data as being as valuable as uranium, not oil, requires a complete shift in mindset.
What Can Security Teams Learn From a Year of Cyber Warfare?
Trustwave security researcher Jeannette Dickens-Hale reflects on the ongoing cyber war and what security leaders can learn from the past 12 months.
Trustwave Government Solutions Brings Together PAN Cortex XDR Capabilities and MDR Expertise
Trustwave Government Solutions (TGS), a managed detection and response (MDR) provider and subsidiary of Trustwave Holdings, has announced its status as a Palo Alto Networks Cortex XMDR Specialization partner.
Money Lover breach shows the dangers of leaky APIs
Trustwave SpiderLabs discovered a data leakage vulnerability in a popular financial management application illustrates the danger of using application programming interfaces that are not watertight.
MDR Resonating as an Option with Both Channel and Customers
One area tipped for growth by analysts and vendors is managed detection and response – the challenge for partners is to keep on top of training and vendor relationships. Trustwave weighs in.
MSSP Trustwave Relaunches Advanced Continual Threat Hunting Platform
Trustwave, a Top 250 MSSP, has relaunched its Advanced Continual Threat Hunting platform to help organizations identify threats that evade many security tools.
Trustwave Relaunches Advanced Continual Threat Hunting with Human-Led Methodology
Trustwave launches enhancements that allow for increased human-led threat hunting to uncover more behavior-based findings associated with specific threat actors.
What is LockBit Ransomware and How Does it Operate?
Trustwave’s SpiderLabs how the LockBit group “dominates the ransomware space” and uses large payments to recruit experienced actors.
Health Tech Innovation: How to Advance Data Security To Support Healthcare Accessibility
Trustwave’s Kory Daniels shares the security measures that can help decrease an organization's attack surface, create accurate response automation and prevent compromise.
Phishing attack uses Facebook posts to evade email security
Trustwave SpiderLabs researchers highlight a new phishing campaign uses Facebook posts as part of its attack chain to trick users into giving away their account credentials and personally identifiable information (PII).
14 Lessons CISOs Learned in 2022
The coming new year is a good moment for chief information security officers to reflect upon what they've learned this year and how to apply this knowledge going forward – Trustwave’s Kory Daniels chimes in.
Business email compromise attacks going mobile via SMS and social media apps
A report from Trustwave SpiderLabs found the number of BEC attacks that leverage the Short Message Service (SMS) instead of email has been steadily increasing.
IDC MarketScape APAC assessment
The IDC MarketScape: Asia Pacific Professional Security Services Vendor Assessment has named Trustwave as a Major Player.
Lumen, CenturyLink Vet to Lead Trustwave Partners Globally
Trustwave partners have a new global leader. Garrett Gee, previously with Lumen Technologies/CenturyLink and previously Level 3, is Trustwave’s new global vice president of indirect channels and alliances.
This Zero-Day Twitter Hack Has Already Impacted 5.5 Million Users: Report
Trustwave’s Ed Williams outlines the impact of common security mistakes related to APIs and guidance for organizations.
IT Jams – Introducing Trustwave
Trustwave’s Craig Searle explains how Trustwave protects its clients from the devastating impact of cyberattacks and its unique penetration testing offering.
Shining a Light on the Dark Web
Trustwave’s Ziv Mador explains how Dark Web marketplaces sell a plethora of tools, stolen data, and forged documents, and why some of the things for sale are priced higher than the rest.
Journal of mHealth
Trustwave’s Ed Williams shares proactive guidelines on how healthcare organisations can bolster their security infrastructure and increase cyber resilience.
Top Tips for the Healthcare Industry to Protect against Cyberattacks
Trustwave’s Ed Williams shares proactive guidelines on how healthcare organisations can bolster their security infrastructure and increase cyber resilience.
New Trustwave solution designed to uncover complex vulnerabilities
Trustwave has announced its new Enterprise Pen Testing (EPT) offering, designed to meet the complex testing needs of large organisations with an extensive breadth and depth of vulnerability identification, ability to deliver scaled programs of work, and competitive pricing.
New Zip File Phishing Trend
A new report from Trustwave password-protected Zip files were the third most common format used by cybercriminals to conceal malware in the first half of this year.
MSSP Trustwave Launches Enterprise Pen Testing Services
Trustwave has released an Enterprise Pen Testing (EPT) service to help organizations identify known and unknown threats. EPT customers can receive pentesting performed by onshore, nearshore and offshore pentesters. They also can work with a local technical account manager who ensures that customers can get the most value from their pentesting investments.
Social Media Phishing Scams Use URL Redirectors to Bypass Security Controls
Researchers at Trustwave’s SpiderLabs discovered another flavor of “infringement” phishing scams. The latest case resides under the umbrella of Meta and this time the targets are Instagram users via another Meta property: WhatsApp.
Trustwave’s Enhanced Co-Managed SOC Capabilities Maximizes Value from SIEM Investments
Trustwave announced enhanced Co-Managed SOC capabilities designed to maximize the threat detection and response value of SIEM (Security Information and Event Management) deployments, avoid unnecessary costs, and reduce alert noise by up to 90 percent.
Trustwave Debuts Security Operations Center Threat Detection and Response Enhancements
Trustwave launched a new version of its Co-Managed SOC (security operations center) designed to maximize threat detection within security information and event management (SIEM) deployments.
Attackers Switch to Self-Extracting Password-Protected Archives to Distribute Email Malware
In recent spam campaigns observed by Trustwave, attackers distributed ZIP or ISO archives disguised as invoices. Both file types can be opened natively on Windows without the use of additional applications.
7 Critical Steps to Defend the Healthcare Sector Against Cyber Threats
As attackers continue to target the healthcare sector, Trustwave SpiderLabs’ Ed Williams shares how the same level of preparation as medical emergencies is increasingly essential for cyber threats.
Cybersecurity Penetration Testing
In an interview with TechStrong’s Mike Vizard, SpiderLabs Senior Security Research Manager Karl Sigler explains how penetration testing is being used for both good and bad.
XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data
Trustwave’s research and intelligence team SpiderLabs published research about bugs in Canon Medical's Virea View that could allow cyberattackers to access several sources of sensitive patient data.
Cybersecurity Professional Shortage Less About Numbers and More About
Trustwave shares how organizations are falling short when it comes to skilled cybersecurity professionals; however, the reason may be less about the number of professionals in the industry and more about the number of professionals with the right level of skills and training.
The Number of CVEs Published This Year is on Track to Exceed 2021
Threat actors continuously scan the internet to gain the advantage of organizations with slow or outdated patching process. A new Trustwave report shares why having a proactive approach to identifying and patching vulnerabilities is incredibly important to having a good security posture.
Up to 35% More CVEs Published So Far This Year Compared to 2021
A new Trustwave report shows that significantly more CVEs will be published this year, and that some organizations are still vulnerable from older, unpatched CVEs.
Poor Healthcare Cybersecurity is a Thread to Public Health
Trustwave customer Children’s National Hospital shares how it’s improving its security posture in the growing threat environment with Trustwave. Breaches, hacks, and ransomware attacks are not only incredibly costly — they are ultimately a public health threat because they can compromise hospitals and healthcare workers’ abilities to provide care.
How Russia is Harnessing Cyber Warfare in its Conflict with Ukraine
A new report from Trustwave shows that Ukraine is fighting a battle with Russia in cyber space, as well as a physical war. Russia has been using 'cyber warfare' on Ukraine since the physical invasion started in late February.
Russian Use of Cyberweapons in Ukraine and the Growing Threat to the West
A study from Trustwave looks at the many Russian state cyberweapons subsequently unleashed against Ukraine. There is one common factor: they are all targeted specifically at and within Ukraine.
Thinking Holistically: Rethinking OT Security Strategy
Trustwave’s Cyber Advisory Practice Lead Darren Van Booven shares why OT security needs to be a primary concern and organizations must urgently re-evaluate their security strategy.
A Ransomware Explosion Fosters Thriving Dark Web Ecosystem
Trustwave's SpiderLabs, which keeps tabs on prices for various products and services on the Dark Web, describes VPN credentials as the most expensive records in underground forums. According to Trustwave, prices for VPN access can go as high as $5,000 — and even higher — depending on the kind of organization and access it provides.
How Cybercriminals Sell Credit Card and VPN Data on the Dark Web
Stolen credit card data, VPN access credentials and other confidential info can be bought for as little as $8 on dark corners of the web. That’s according to researchers at SpiderLabs, the hacking and investigation team of cybersecurity company Trustwave, who conducted an extensive study into what cybercriminals charge for stolen data on the dark web.
IPFS Sites Increasingly Used for Phishing Attack
Over 3,000 emails had phishing URLs using IPFS during the last 90 days, indicating the growing popularity of IPFS for phishing sites, a study from Trustwave revealed.
1,000s of Phishing Attacks Blast Off from InterPlanetary File System
The distributed, peer-to-peer (P2P) InterPlanetary File System (IPFS) has become a hotbed of phishing-site storage: Thousands of emails containing phishing URLs utilizing IPFS are showing up in corporate inboxes. According to a report from Trustwave SpiderLabs, the company found more than 3,000 of these emails within its customer telemetry in the last three months.
Four Smart Cybersecurity Investments for CISOs to Bridge the Talent Shortage
Trustwave CISO Kory Daniels shares the ways to be most effective at addressing the cybersecurity talent shortage by maximizing investments in talent, technologies, and services.
The Decade in Vulnerabilities and Why They Persist
Trustwave’s research and intelligence team SpiderLabs published research on the most egregious network security flaws of the past decade - from 2011 to 2021.
Top 10 Cybersecurity Attacks of Last Decade Show What is to Come: Report
Overview: With a backdrop of the number of security incidents and vulnerabilities increasing in volume and sophistication, Trustwave shares the top 10 network vulnerabilities in no particular order that defined the decade and “won’t be forgotten.”
Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign
A social-engineering campaign bent on stealing Facebook account credentials and victim phone numbers is targeting business pages via a savvy campaign that incorporates Facebook's Messenger chatbot feature.
Apparent hacktivism in Iran and Lithuanian. Bumblebee's rise to prominence. CISA adds to its Catalog. A look at DCRat.
A cyberattack has struck one of Iran’s major steel companies on Monday, forcing it to halt production, SecurityWeek reports. The attack struck the state-owned Khuzestan Steel Co. and two other major steel producers.
Malicious Messenger chatbots used to steal Facebook accounts
A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages.
New phishing technique lures users with fake chatbot
A new Trustwave report details phishing techniques cybercriminals use to trick users into providing their credit card data through fake chatbots. The phishing email appears to originate from DHL, stating there was a package delivery problem.
What We've Learned in the 12 Months Since the Colonial Pipeline Attack
Darren Van Booven, Lead Principal Consultant at Trustwave explains why the demand for operational technology security services demand has doubled since Colonial Pipeline as leaders call for security system audits and assessments, ransomware protection strategies, and detection and response capabilities for advanced threats, such as cybergangs.
Watch Out For This Chameleon Phishing Scheme
Trustwave SpiderLabs encountered a phishing scheme that tricks victims into giving away their email credentials. The scheme acts like a chameleon by changing and blending its color based on its environment.
The Danger to the Digital Supply Chain from Lapsus$ Doesn’t End with Lapsus$
Karl Sigler, Senior Security Research Manager, Trustwave SpiderLabs, shares his insights on how threats like the hacker gang Laspsus$ could continue to pose a big risk to organizations.
Five Key Steps for Database Security in the Cloud Age
Mark Trinidad, Senior Manager of Database Security at Trustwave, covers the steps to mitigating security risks in complex cloud environments and leads discussion on how are organizations shifting to more data-centric security approaches that protect valuable data no matter where it is.
Vidar spyware is now hidden in Microsoft Help files
Cybersecurity researches at Trustwave SpiderLabs discovered the spyware, which is concealed in Microsoft Compiled HTML Help (CHM) files to avoid detection in email spam campaigns
Microsoft Help Files Disguise Vidar Malware
Cyber attackers are hiding malware in places you may not look. The new phishing attack, revealed by Trustwave SpiderLabs, is designed to plant Vidar infostealer on target machines. Trustwave reported that there was a notable uptick in this strategy dating back to 2019.
New Vidar Infostealer Campaign Hidden in Help File
Researchers at Trustwave SpiderLabs discovered an email malware campaign that demonstrates the complexity attackers are introducing to the delivery mechanism in order to avoid detection. The new campaign delivers an old but frequently updated infostealer: Vidar
White House Turns Heads With Critical Infrastructure Hack Warning
As President Biden and the White House warned of potential Russian cyberattacks on U.S. critical infrastructure, Bill Rucker, president of cybersecurity services firm Trustwave Government Solutions, says the alert from the White House is not surprising. “The data [from the White House] wasn’t very detailed, but obviously there’s a credible threat about preparatory activity that they’ve seen,” Rucker said.
How to spot scams pretending to raise money for Ukraine during war with Russia
In the wake of the Russia-Ukraine conflict, Chicago cybersecurity experts at Trustwave have raised awareness of phishing emails pretending to raise money for displaced people in Ukraine. Kory Daniels, Chief Information Security Officer at Trustwave, says “If you look at the maximum upside of damage, yeah, so it opens up a lot of different variables in terms of what they do. You know, leveraging this messaging of preying upon individuals' empathy and support of what we see for fundraising in Ukraine.”
Chameleon phishing attack brings bad karma to email users
New research by Trustwave SpiderLabs has uncovered a phishing attack that is able to adapt itself to the user's email service in order to trick them into revealing their login credentials
FBI: BlackByte ransomware breached US critical infrastructure
Following the BlackByte attack on the San Francisco 49ers, it was reported that data from the football organizations servers was stolen and almost 300MB worth of files were leaked. Trustwave created and released a free BlackByte decryptor that enables victims to restore their files after the ransomware gang used the same decryption/encryption key in multiple attacks.
Researchers find new way to neutralize side-channel memory attacks
When it comes to side-channel memory attacks, "these kinds of attacks are very uncommon," says Karl Sigler, manager of SpiderLabs Threat Intelligence at Trustwave. Sigler reports there haven’t been records of public exploitation of these types of vulnerabilities.
Russia Releases List of IPs, Domains Attacking Its Infrastructure with DDoS Attacks
Russian government released thousands of IP addresses and domains behind a series of DDoS attacks aimed at Ukraine’s domestic infrastructure. Trustwave SpiderLabs researchers stated “lone-wolf and organized threats actors who possess the proper cyber skills may directly attack their nation's enemy or recruit others to join in a coordinated attack”
Hacker Recruitment Campaigns
In a Dark Web Insights report from Trustwave SpiderLabs, Ukraine and Russia have been using different strategies to recruit hackers to work for them. Trustwave noted that people advocating for Russia have appeared to be lone operatives and those for Ukraine have utilized Facebook and other large social media platforms.
Hacktivists Stoke Pandemonium Amid Russia’s War in Ukraine
Stemming from Trustwave’s Dark Web Insights blog, security researchers at SpideLabs released findings on a pro-Russia entity (JokerDNR) that has been posting blogs to embarrass Ukrainian officials, claiming to dox government workers and military members.
The Art of Non-boring Cybersec Training–Podcast
Darren Van Booven, Lead Principal Consultant at Trustwave visited the Threatpost podcast with Lisa Vaas to talk about how the right cybersecurity awareness program should be conducted at the right pace by well-informed instructors.
Hacking group is on a tear, hitting US critical infrastructure and SF 49ers
Servers belonging to the San Francisco 49ers were hacked from BlackByte a few days after the FBI warned of critical infrastructure being compromised in the US. BlackByte’s early ransomware had a flaw the allowed Trustwave to release a free decryptor tool to recover data
FBI warns BlackByte ransomware is targeting US critical infrastructure
As the BlackByte ransomware gang has made a comeback, three U.S. critical infrastructure sectors were targeted, according to the FBI. As the gang hit a rough patch, Trustwave helped BlackByte victims recover their files by releasing a free decryption tool.
Cybercriminals Hunt For Medical Data. Zero Trust As The Only Good Option To Keep The Healthcare System Secure
Healthcare institutions are becoming the main vector of cybercriminal attacks as medical data is extremely attractive and intruders know very well how to cash them. Trustwave’s 2019 Trustwave Global Security Report reveals medical data may cost up to $250 per record on the black market, while stolen payment card data is sold for $5.40. The best place to defend attacks are from the most crowded areas such as employees of clinics or hospitals.
Flaw in Polkit's pkexec Puts Linux Users at Risk
Reegun Jayapaul, Lead Threat Architect at Trustwave SpiderLabs, provides pertinent information and a threat hunting guide for the security community during the PwnKit vulnerability.
Data Privacy: Experts Share How Far We’ve Come and How Far We Have to Go - Part 4
Luke Kenny, Lead Security Principal at Trustwave, covers the essence of data privacy and how it’s not solely based on day-to-day protection and compliance.
Outlook Security Feature Bypass Allowed Sending Malicious Links
Trustwave SpiderLabs researcher Reegun Richard Jayapaul has discovered a new technique to completely bypass a security feature of Microsoft Outlook and deliver a malicious link to the recipient.
Microsoft patches Outlook URL formatting bypass
Microsoft has patched an Outlook vulnerability discovered by Trustwave SpiderLabs researcher Reegun Richard Jayapaul. The vulnerability and associated bypass allowed malicious emails to get through to Microsoft Outlook users.
Experts Urge Firms to Patch Trivial-to-Exploit Flaw in Linux PolicyKit
Karl Sigler, Senior Security Research Manager, Trustwave, shares his insights on the widespread PwnKit vulnerability affecting Linux distributions.
Best Practices for Manufacturers During the Cybersecurity Era
Darren Van Booven, Lead Principal Consultant at Trustwave, discusses the proper security fundamentals and best practices for the manufacturing industry to take on during a time of heightened attacks.
REvil gang member arrests strike fear among cybercriminals on the Dark Web
Through Dark Web forums, Trustwave has uncovered conversation between cybercriminals reacting to the FSB arrests revealing that cybercriminals seem worried about being arrested, while those in Russia are concerned that their home country is no longer a safe haven.
After ransomware arrests, some dark web criminals are getting worried
According to analysis of chatter on Dark Web forums by cybersecurity researches at Trustwave SpiderLabs, the recent arrests, particularly those by Russia, appear to have scared cyber criminals, some of whom appear to be worried that they might be next.
Russia Takes Down REvil Ransomware Operation, Arrests Key Members
Russia has taken down REvil ransomware members at the request of the United States government. Chatter on the forums that Trustwave monitored showed a level of apprehension from Russian threat actors about law enforcement in the country tracking them down.
Trustwave releases tool to aid financial institutions with resurgent QakBot malware
Within the past year, Qakbot malware has made an aggressive return as Karl Sigler, Trustwave SpiderLabs senior security research manager points out, Qakbot is the Swiss Army Knife of financial malware. Trustwave SpiderLabs released a new decryption tool in efforts to aid financial services institutions and root out Qakbot Trojan.
FIN7 Mails Malicious USB Sticks to Drop Ransomware
As malicious USB drives are circulating from ransomware gangs, the FBI points fingers towards FIN7. Karl Sigler, Trustwave SpiderLabs senior security research manager, says ongoing security-awareness training “should include this type of attack and warn against connecting any strange device to your computer.”
Why the Zero-Trust Journey Requires Strong Database Security
As the threat landscape continues to evolve, the government is finalizing zero-trust adoption guidance adhering to the cybersecurity executive order to advance toward zero trust architecture. Bill Rucker, President of Trustwave Government Solutions, highlights the zero-trust journey and the need for strong database security.
Taking a Data-Centric Security Approach to Accommodate Cloud Misconfigurations
Experts at Trustwave outline a data-centric security approach to reducing cloud misconfigurations and protecting organizations.
Security implications in 2022 of the exponential increase in ransomware
Ed Williams, EMEA Director of Trustwave SpiderLabs discusses the security implications in 2022 of the exponential increase in ransomware.
Predictions for 2022 by cybersecurity vendors
This time of year, CISOs want to have an understanding of what’s to come. Ziv Mador, vice-president of security research at Trustwave SpiderLabs, predicts “the advent and increasing frequency of attacks that use a ransomware-as-a-service (RaaS) offering indicate that such attacks will not slack off during the coming year.”
Do these four things for a cybersafe summer holiday break this year
Trustwave GM of Pacific Jason Whyte outlines the top cybersecurity tips for keeping things safe at the office during Australia/New Zealand’s long holiday break.
What you should do after a ransomware rampage
As the saying goes, hope for the best and plan for the worst. In the aftermath of a ransomware attack, it’s easy to get caught up in the immediate challenge of getting the business beck on its feet. However, response plans need to include long term actions to mitigate the risk of a delayed or repeat attack.
US Cyber Command Goes on the Offensive
Trustwave’s SpiderLabs shared commentary from cybercriminals that was collected from dark web forums. The communication revealed the criminals believe there are “secret negotiations on cybercrime between the Russian Federation and the United States.”
The Log4j vulnerability is bad. Here’s the good news
A vulnerability has been discovered in Log4j, an open-source Apache logging library. The threat from this vulnerability can enable attackers to access and control devices remotely. Karl Sigler, senior security research manager at Trustwave SpiderLabs explains, “Since this vulnerability is a component of dozens if not hundreds of software packages, it could be hiding anywhere in an organization’s network, especially enterprises with massive environments and systems.”
What to Do While Waiting for the Log4J Updates
Researchers are warning that attackers are actively exploiting the newly publicized unauthenticated remote code execution vulnerability in Log4j, the Java-based logging tool from Apache. Karl Sigler, Senior Security Research Manager, Trustwave SpiderLabs comments: “Any java application using the affected log4j versions and accessible over the network can be exploited, and many of those applications are likely third-party and out of the user's hands administratively.”
Trustwave Rolls Out New Cyber Supply Chain Risk Assessment Solution
Trustwave unveiled its new Managed Vendor Risk Assessment (MVRA), which is a cyber supply chain risk assessment solution for enterprises and SMBs. It’s now available globally and encompasses automated and specialist-led assessments. Nick Ellsmore, Trustwave’s global head of strategy, consulting and professional services commented: “MVRA is addressing one of the biggest issues across the cybersecurity environment right now: supply chain risk management.”
Russia may be collaborating with US to bring cyber criminals to heel
Trustwave’s SpiderLabs says its analysis of chatter on underground dark web forums suggest cyber criminals are starting to panic that formerly ‘friendly’ governments are on their case.
Four common shortcomings in cyber threat response
Through cybersecurity crisis simulation exercises, Trustwave’s Darren Van Booven identifies a series of common security shortfalls and steps organizations need to take to prepare for the next security crisis.
How to Outplay the Ransomware Playbook
Many organizations are increasingly concerned with their own cybersecurity models and ransomware preparedness as there’s been a 64% increase in attacks from 2019 to 2020 (304 million attacks worldwide in 2020). Darren Van Booven, Trustwave’s global director, cyber defense consultant highlights how organizations can create a ransomware response plan for the full life cycle of an attack.
Four Best Practices for Advancing Bank Cybersecurity Programs for the Cloud Age
Cyber defense programs are having difficulty evolving against constant threats trying to enter organizations. Trustwave’s global director, cyber defense consultant, Kory Daniels covers the four best practices for advancing bank cyber programs for the cloud: develop a cloud-specific security strategy, test, security processes, leverage AI with a human-centric approach, and take a holistic approach.
New Ransomware Variant Could Become Next Big Threat
Security teams will need to look out for Yanluowang, a ransomware threat that has been mounting attacks against US organizations. Just this week, Red Canary researchers reported observing a threat actor exploiting the ProxyShell set of vulnerabilities in Microsoft Exchange to deploy a new ransomware variant called BlackByte, which TrustWave's SpiderLabs recently warned about as well.
Prepare, defend, recover, repeat – The vicious cybersecurity cycle in 2021
It’s fair to say that 2021 has been one of the most challenging years on record for business leaders and organisations. Ed Williams, EMEA Director of SpiderLabs, Trustwave, reflects on the past 12 months and suggests how we can move forward with strong cyber hygiene in place.
Phishing in the Iranian diaspora. Not your grandma and grandpa’s crytper. Malware-as-a-service. Proofs-of-concept (one is a zero-day). Apple sues NSO Group.
The CyberWire’s guest is Karl Sigler from Trustwave, who covers the results of the 2021 Trustwave SpiderLabs Telemetry Report.
Breaking news: GoDaddy’s managed WorldPress service hacked
Users of WordPress through GoDaddy are vulnerable after it’s been reported that phishing attacks have been successfully carried out through compromised emails and passwords. Ed Williams, director of Trustwave SpiderLabs comments: “A breach of this size is particularly dangerous around the holidays…Hackers try to take advantage of every new email address and password exposed in an attempt to launch phishing attacks and social engineering schemes. Enterprises, SMBs, and individuals using frequently targeted platforms like WordPress should ensure they are following strong password best practices: complexity, frequent password changes, not sharing passwords between applications, and multi-factor authentication. If possible, utilize an authenticator app to secure your account instead of traditional two-factor authentication via SMS, as hackers have recently been targeting users with specialized SMS phishing.”
GoDaddy WordPress data breach: A timeline
Ed Williams, EMEA Director of SpiderLabs, Trustwave, comments on the data breach: “Hackers try to take advantage of every new email address and password exposed in an attempt to try and launch phishing attacks and social engineering schemes.”
Cyber insurance expands in preparation of breaches, fallout
The collaboration of the public and private sector could stem the growing tide of high-pact breaches. Kevin Kerr, lead security principal consultant for Trustwave, comments on the impact of multi-party breaches: “The financial impact to SolarWinds was significant, but who knows the actual financial impact…Right now, there is no centralized way to measure multi-party breach impact in costs, reputations, contracts. And each affected organization would measure that impact differently.”
Breach ripple effect leads to exponentially greater financial damage
SolarWinds is an example of ripple breaches, which are increasing 20% per year. Lead security principal consultant, Kevin Kerr, points to a recent attack to a central bank in Denmark where a trusted entity passed malware on to unsuspecting users.
The urgent need for the healthcare industry to develop cyber-resiliency
The black market value of healthcare records has shot up, according to a Trustwave report. Healthcare data records may now be valued up to $250 per record.
Secure your databases against opportunistic attackers
Findings from Radoslaw Zdonczyk at Trustwave have shown there will be login attempts to databases and internet servers before IP addresses are listed by scanners similar to Shodan, leading to an increase in vulnerabilities.
Security Expert Warns Windows 11 Could Yet Become Vista 2.0
Trustwave SpiderLabs’ Ed Williams shared his insights on how secure Windows 11 is for a feature article from UK journalist Davey Winder for Forbes
'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks
Trustwave SpiderLabs’ latest research blog detailing the researchers’ findings on the BlackByte ransomware strain as well providing the decryptor so that victims might be able to use it to reverse the malware's damage
BlackByte: Free Decryptor Released for Ransomware Strain
A free decryptor for BlackByte ransomware was released by Trustwave SpiderLabs researchers after they cracked the crypto-locking malware's encryption
This is what happens when you’re hit by a ransomware attack
Trustwave SpiderLabs’ Ed Williams participates in a video interview with Danny Palmer at ZDNet discussing the ins and outs of a ransomware attack, how cyber criminals get into networks and what they actually do once inside
Ransomware: dealing with the aftermath
In this episode Trustwave’s Ed Williams and journalist Stephen Pritchard look at the 30 days after a ransomware attack, the impact of ransomware attacks on operations and reputation, and how businesses can recover
Telemetry Report Shows Patch Status of High-Profile Vulnerabilities
Twenty percent of this year’s new vulnerabilities were given a ‘high severity’ scoring by the NVD and given the speed with which malicious actors can start exploiting these vulnerabilities, researchers at Trustwave investigated and reported on how quickly industry patches them.
Why organizations are slow to patch even high-profile vulnerabilities
To help organizations get a better handle on their patch management, Trustwave says organizations should assign an individual or a team to design a security program that covers risk management and policy, provide training, and implement an effective incident response plan.
50% of Servers Have Weak Security Long After Patches Are Released
Karl Sigler, senior security research manager at Trustwave SpiderLabs, points to reasons why the number of disclosed vulnerabilities is trending upward.
The network effect and the search for resilient email security
Graeme Slogrove on how the ubiquity and resilience of email poses a cybersecurity threat many aren't paying attention to.
Manufacturers are too vulnerable to cyber attacks: bigger steps are needed
Trustwave provides insight into the two main drivers behind recent cyber attacks on manufacturing companies.
The Great Data E-Scrape
Eric Pinkerton explains how to safeguard personal data on social media platforms, in light of multiple data scrapes in 2021 alone.
Microsoft Azure Cosmos DB Incident Underscores the Need to Closely Watch Cloud Data
Following the significant vulnerability found in Microsoft’s Azure Cosmos DB service, companies are reminded that even the Big Three cloud providers can make mistakes and that organizations have to still worry about cloud database security.
A five-point strategy for taking on ransomware
Grayson Lenik of Trustwave Government Solutions shares how organizations can defend themselves against growing ransomware threats by training employees in security best practices, vetting the supply chain, implementing layers of defense and hacking their own organization in a byline article for SC Magazine.
Global MDR and MSS Leader Trustwave Sees 2x Demand In Ransomware Preparedness Services
With the surge in ransomware over the past year, Trustwave has seen a 2x demand for its ransomware preparedness services. The increase in demand has been driven by CEO and board-level interest in cyber resilience and preparedness, according to Darren Van Booven, Lead Principal Consultant at Trustwave and former CISO of the U.S. House of Representatives.
Six steps to stop manufacturers becoming the next ransomware headline
Trustwave’s lead principal consultant, Darren Van Booven, shares advice for the manufacturing industry on how to protect against ransomware attacks in a byline article for Information Age
Trustwave Launches New Cyber Risk Assessment Tool
Trustwave launched a first-of-its-kind cyber supply chain assessment solution for enterprises and SMBs in the Pacific region.
MacOS Flaw in Telegram Retrieves Deleted Messages
Reegun Richard Jayapaul, Trustwave SpiderLabs Lead Threat Architect, discovered the flaw in the Self-Destruct feature of Telegram MacOS, which is part of the Secret-Chats aspect of the messaging app that uses end-to-end encryption.
Telegram for Mac bug lets you save self-destructing messages forever
New bugs discovered by Reegun Richard Jayapaul, Trustwave SpiderLabs' Lead Threat Architect, allow Telegram for Mac users to save self-destructing messages and attachments forever.
Warning: Telegram Self-Destruct Messages Don’t Always Destroy Everything
Researchers with Trustwave SpiderLabs warn Telegram users of two privacy flaws found in the Self-Destruct feature of Telegram MacOS.
14 Top Cybersecurity Trends To Expect At Black Hat Conference
Bill Rucker, president at Trustwave Government Solutions discusses why a zero-trust approach is vital to ensure that sensitive data doesn’t become vulnerable.
Trustwave Joins CISA’s Cyber Information Sharing and Collaboration Program
Trustwave Government Solutions, the wholly-owned subsidiary of Trustwave Holdings, Inc., joined the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP).
What To Do After a Ransomware Attack [Q&A]
Ed Williams, EMEA director of Trustwave SpiderLabs, discusses how organizations should respond after the aftermath of a ransomware attack.
Top Enterprises are Normalising Data Leaks
In this podcast, Derek Taylor, Vice President, EMEA Head of Consulting & Professional Services, discusses the danger of the normalisation of data leaks.
Rising Email Threats Require an Evolution in Business Defences
Ziv Mador, VP of Security Research at Trustwave SpiderLabs, explores the changing nature of email threats and outlines some of the best ways of combating them.
Why It’s So Difficult To Bring Ransomware Attackers to Justice
Trustwave SpiderLabs research on the Kaseya ransomware attack was featured by CNN.
Code in Huge Ransomware Attack Written To Avoid Computers That Use Russian, Says New Report
Trustwave SpiderLabs released a new threat analysis blog on the Kaseya ransomware attack, which was featured by NBC.
Phishing attack's unusual file attachment is a double-edged sword
In a new report by Trustwave, researchers explain how a threat actor has begun to utilize WIM (Windows Imaging Format) attachments to distribute the Agent Tesla remote access trojan.
VPN exploitation rose in 2020, organizations slow to patch critical flaws
Remote access made business continuity possible throughout the pandemic. But according to Trustwave's 2021 Network Security Report, VPN exploitation rose as hackers scanned for unpatched VPNs, including easily exploitable vulnerabilities.
Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched
Trustwave have warned that thousands of internet-facing VMWare vCenter servers still harbor critical vulnerabilities weeks after patches were released.
Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet
Trustwave researchers discovered thousands of instances of VMware vCenter Servers with two recently disclosed vulnerabilities that remained publicly accessible on the Internet three weeks after the company urged organizations to immediately patch the flaws.
Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws
Trustwave researchers found that thousands of VMWare vCenter servers that are reachable from the internet remained vulnerable to attacks, even after VMware released patches for this critical vulnerability.
REvil Hits US Nuclear Weapons Contractor: Report
David Bishop, CISO at Trustwave, explains the need for more serious repercussions for attacks like the recent REvil attack on Sol Oriens, a government contractor that works for the DOE on nuclear weapons issues.
Bad building blocks: a new and unusual phishing campaign
Karl Sigler of Trustwave's SpiderLabs joins host Dave Bittner to talk about Trustwave’s research: "Hidden Phishing at Free JavaScript Site," which details an email phishing campaign containing malicious attachments.
Huawei fixes serious LTE USB stick security flaw
Trustwave have discovered a code execution vulnerability in one of Huawei’s LTE USB dongles.
The normalization of data leaks and the privacy paradox [Q&A]
Derek Taylor, Lead Principal Security Consultant at Trustwave, explains why we shouldn't accept data breaches as the norm and how the user’s privacy calculus around data disclosure decisions can easily be manipulated.
The pen testing guide you never thought you needed, until now…
Ed Williams, Director EMEA of SpiderLabs, Trustwave, shares his essential guide to penetration testing, helping businesses invest in the right security strategy.
New Pingback Malware Using ICMP Tunneling to Evade C&C Detection
Trustwave SpiderLabs discovered a novel malware that uses a variety of tricks to stay under the radar and evade detection while stealthily capable of executing arbitrary commands on infected systems.
Tax email, text scams to watch out for
Ziv Mador, VP of Security Research, Trustwave SpiderLabs, encourages taxpayers to be wary of email phishing tax scams, showing examples of how fraudsters can lure victims into sharing personal information.
Fraudsters Use HTML Legos to Evade Detection in Phishing Attack
Trustwave SpiderLabs researchers warn Microsoft 365 users of a phishing campaign that employs "HTML Lego" to deliver a fake login page.
Hafnium’s China Chopper: a ‘slick’ and tiny web shell for creating server backdoors
Trustwave SpiderLabs provides insight into China Chopper, a web shell used by the state-sponsored Hafnium hacking group.
This crafty email scam smuggles malware behind .zipx files
Trustwave SpiderLabs researchers identify a new email scam that applies a number of crafty techniques to bypass security filters and infect victims with NanoCore malware.
‘Severe’ SolarWinds Vulnerabilities Allow Hackers To Take Over Servers
Forbes details the latest SolarWinds product vulnerabilities discovered by Trustwave and protection recommendations.
More exploitable flaws found in SolarWinds software, says cybersecurity firm
Ziv Mador, VP of Security Research, discusses the importance of the three new and severe vulnerabilities in SolarWinds products found by Trustwave and the need for organizations to implement a strong penetration testing strategy.
4 ways to minimize the risk of IT supply chain attacks
Mark Whitehead, Global Vice President, SpiderLabs Consulting at Trustwave breaks down the importance of taking a zero-trust cybersecurity approach when it comes to protecting networks and data accessible by third-party partners.
This new phishing attack uses an odd lure to deliver Windows trojan malware
Trustwave discovered a new phishing campaign that attempts to lure victims into downloading malware that gives cybercriminals full control over infected Microsoft Windows machines.
Multiple security flaws let hackers infiltrate D-Link routers
Five major vulnerabilities have been discovered affecting D-Link routers by cybersecurity researchers working as part of Trustwave’s SpiderLabs team.
Security Automation: Time for a new playbook
Jesse Emerson, VP of Managed Security Services at Trustwave talks security automation in the cloud and IoT era.
Trustwave’s Bill Rucker: Agencies Need Unified Platform to Ensure Security of Mission-Critical Data
Bill Rucker, president of Trustwave Government Solutions discusses security in cloud and on-prem environments and the importance of unified platforms.
Hackers can use WinZip insecure server connection to drop malware
Trustwave SpiderLabs discovers a security vulnerability in WinZip 24 that could lead to a malware infection.
What's in Store for Privacy in 2021
Changes are coming to the privacy landscape, including more regulations and technologies.
This messaging app uploads every file you send to the internet, which is bad
Messaging app Go SMS Pro, which has over 100 million installs from the Google Play store, has a massive security flaw that potentially allows people to access the sensitive content you’ve sent using the app.
Messaging app Go SMS Pro exposed millions of users’ private photos and files
Go SMS Pro, one of the most popular messaging apps for Android, is exposing photos, videos and other files sent privately by its users.
Encryption Vulnerabilities Allow Hackers to Take Control of Schneider Electric PLCs
A total of four vulnerabilities were discovered in Modicon M221 PLCs by researchers at industrial cybersecurity firm Claroty. Three of them were identified independently by employees of cybersecurity company Trustwave.
Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope
Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.
Hybrid Cloud is Driving Digital Transformation
The hybrid cloud model is increasingly used in digital transformation and data storage according to a new report from Trustwave. Of over 950 IT professionals surveyed, 55 percent use both on-premises and public cloud to store data with 17 percent using public cloud only.
Iran and Russia Seek to Influence Election in Final Days, U.S Officials Warn
Iran and Russia have both obtained American voter registration data, top national security officials announced late on Wednesday, providing the first concrete evidence that the two countries are stepping in to try to influence the presidential election as it enters its final two weeks.
Cybersecurity Company Finds Hacker Selling Info on 186 Million U.S. Voters
A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million.
Open Source Threat Intelligence Searches for Sustainable Communities
As long as a community is strong, so will be the intelligence it shares on open source feeds. But if that community breaks down ...
Spammers Add Random Text to Shortened Links to Evade Detection
Spammers are using a new technique of generating URLs to evade detection by humans and spam filters alike. This technique comprises adding random, unused text bits to shortened links, to disguise them as full-sized URLs and bypass the scrutiny of email gateways.
Spammers Use Hexadecimal IP Addresses To Evade Detection
A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk in RFC791 — a standard that describes the Internet Protocol (IP).
Trustwave Fusion Platform Launches on AWS GovCloud
Threat detection and response services provider Trustwave has launched its Trustwave Fusion platform on Amazon Web Services GovCloud – letting Federal agencies and government contractors take advantage of the cloud-native cybersecurity platform to combat ever-changing security threats.
How a CISO’s Approach To Security Strategy Can Be Shaped by Philosophy
“Philosophy?” the conversation usually begins – “that’s an odd background for cybersecurity, isn’t it?” “Funnily enough,” comes my well-rehearsed reply, “not at all”. I have been surprised how often the skills of one field can be easily applied to the other.
Contactless Credit Card Popularity Soars During Pandemic, but Stay Vigilant for Scammers
Contactless credit cards have become an extremely popular way to pay during the COVID-19 pandemic, according to industry experts. The technology allows you to wave your credit and debit cards over a device and pay without touching anything at the register. But consumers should still be vigilant for scammers.
Shared Memory Vulnerability in IBM's Db2 Database Could Let Nefarious Insiders Wreak Havoc
A bug-hunter has uncovered a vulnerability in IBM's popular enterprise database which, if left unpatched, could allow a local user to access data and kick off a denial-of-service attack.
Businesses Opt to Outsource Cybersecurity Services
According to research, there is a lack of in-house expertise in the area of digital risk protection – the ability to monitor risks, threats and breaches outside the network. The research found 80% of respondents stated their teams lack skills and knowledge in this area.
Experts Reported Security Bug in IBM's Db2 Data Management Software
Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks.
Microsoft Teams Vulnerable to Patch Workaround, Researchers Report
Security researchers have discovered a way to use the Microsoft Teams Updater to download malware, bypassing a patch released earlier this year and flying under security teams' radar.
Hackers Can Abuse Microsoft Teams Updater to Install Malware
Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.
Chinese Tax Software Hides Nasty Spyware
The cybersecurity firm Trustwave has released a new report detailing its discovery of a new type of malware hidden inside Chinese tax software.
Malware Stashed in China-Mandated Software is More Extensive Than Thought
Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there’s evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China.
Cybersecurity Firm Finds More Malware Hidden in Chinese Tax Software
Analysts at cybersecurity firm Trustwave say they have discovered a new type of malware they say was embedded in sales tax software — a different, older malicious tool than the previous one they found.
Trustwave Allows Partners To Resell Services For The First Time
Trustwave is for the first time allowing VARs, MSPs and agent partners to directly resell the company’s managed threat detection and response and professional services.
Malware found in Chinese tax program may have been targeting Ministry of Defence
A US cyber security firm has discovered a new form of malware potentially targeting foreign companies operating in China, which has been embedded in compulsory tax software and installs a hidden backdoor to allow remote access to computer systems.
Hidden Back Door Embedded in Chinese Tax Software, Firm Says
When a U.K.-based technology vendor started doing business in China, it hired a cybersecurity firm to proactively hunt for any digital threats that could arise as part of doing business in the country. The firm discovered a problem, one with such major implications that it alerted the FBI.
Spyware Hidden in Chinese Tax Software Was Probably Planted by a Nation-State, Say Experts
The tax software was legitimate, but embedded inside it was a nasty surprise, according to a new report by a private security firm: A sophisticated piece of malware that gave attackers complete access to the company's network.
How to Shop Online Safely During the Pandemic
Even as stores reopen in many parts of the country, people are still shopping online more than ever. And that includes using new sites set up by their favorite small businesses attempting to stay afloat through perilous economic times.
Sextortion is evolving during the coronavirus pandemic, report says
Sextortion is evolving into nastier ways to try to extort people. To date, the basic template for this cybercrime has been to claim people's accounts have been hacked, with the criminals saying they have video proof – usually via webcam – of a person watching sexual content. The criminals demand immediate payment in Bitcoin – which gives the extortionist anonymity – or they will release the video to the public.
Crooks Tap Google Firebase in Fresh Phishing Tactic
A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways.
How the Dark Web is Handling the Coronavirus Pandemic
Many on the dark web are expressing the same thoughts and fears about COVID-19 as everyone else, while others are looking for ways to profit from it, says Trustwave.
Another Stuxnet-Style Vulnerability Found in Schneider Electric Software
Researchers have found another vulnerability in software made by Schneider Electric that is similar to the one exploited by the notorious Stuxnet malware.
Vulnerabilities in Two Schneider Electric ICS Products Reminiscent of Stuxnet
Trustwave’s Global OT/IoT security research team uncovered the flaws in Schneider’s SoMachine Basic v1.6 and Schneider Electric M221, firmware version 1.6.2.0, Programmable Logic Controller (PLC).
4 Tips for Protecting Users From COVID-19-Targeted Attacks
Attackers are using this time of crisis to go after victims with targeted campaigns. The biggest threats are phishing attacks related to COVID-19.
Ransomware Is Now the Biggest Online Menace You Need to Worry About - Here's Why
Analysis of more than a trillion security events over the past year and hundreds of breach investigations by researchers at cybersecurity company Trustwave found that ransomware attacks have become the most common security incident.
How to Better Protect Your Organization Against Email Threats
As most generic spam now gets blocked, attackers have turned to more targeted, personalized phishing emails to reel in their victims, according to security firm Trustwave.
Coronavirus Worries Allow New Scams to Take Hold
Cyber criminals are taking advantage of the worldwide level of concern surrounding the COVID-19 coronavirus to launch an insidious new round of attacks that are much more effective than previous cyber-attacks.
Hackers Update Age-Old Excel 4.0 Macro Attack
Researchers from security firm Trustwave said they discovered a new malspam campaign that sends Excel 4.0 xls 97-2003 files with a compromised macro in email messages. The ploy is predictable and attempt to dupe users with themes ranging from fake invoices to COVID-19 related lures.
How Cybercriminals are Exploiting the Coronavirus Outbreak
Hackers are exploiting vulnerabilities stemming from the global coronavirus pandemic, including distracted workers and stretched-thin IT staff, as cybersecurity attorneys say the spread of COVID-19 has also brought with it a spike in data security incidents.
Chicago Companies Beef Up Videoconferencing, Cybersecurity as Coronavirus Prompts Race to Work from Home
Businesses often have a contingency plan — a Plan B — in case workers can’t get to the office when there’s a power outage, natural disaster or extraordinary circumstances, like in Chicago last winter when a polar vortex plunged temperatures far below zero. But few companies expected their backup plans to be deployed for a worldwide pandemic.
As Turla Attacks Evolve, Do Enterprise Security Teams Need to Defend Differently?
Turla, the highly-sophisticated and long established cyber espionage threat actor, shows no sign of slowing down.
Popular Tax Return Software Company Used in Tax Season Scam
An email campaign that purports to be a popular tax return software provider is the latest scam to make the rounds. The corrupted email is quickly spreading, in an effort to catch people who use the tax program.
Trustwave Launches Palo Alto Prisma Cloud Services
Trustwave, a managed security services provider based in Chicago, took the wraps off a new line of consulting and security services for Palo Alto Networks Prisma Cloud.
Telco Security Alliance Ramps up Threat Detection Capabilities with Global Intel-Sharing Initiative
Telco Security Alliance members AT&T, Singtel, and Telefónica are now sharing threat intelligence and indicators of compromise (IoCs) to help fight global attack campaigns that are launched against their customers.
Hackers Are Using the Coronavirus Panic to Spread Malware
Hackers are using the public’s fear of the coronavirus to steal passwords and spread malware, according to multiple cybersecurity firms and computer security experts.
Email Scammers are Taking Advantage of Coronavirus Fears
As the death toll from the coronavirus outbreak continues to rise, online scammers are using email phishing schemes in an attempt to profit on people's confusion and fear surrounding the virus.
Iran’s ‘Critical’ Cyberattack Threat – This Is What Is Really Happening Right Now
A week on from the U.S. killing of Iran’s Qasem Soleimani on January 3, media warnings around the cyber threat now facing the U.S. and its allies show no signs of diminishing.
Internet of Things Predictions for 2020
Smart cities, connected cars and other emerging technology trends fueled by IoT-enabled devices are likely to further gain pace from 2020 onwards – so here are some of the major IoT trends today and what to expect in the year ahead.
Travelex Refuses to Say if it Paid $6m Ransom to Hackers
Hackers behind the ransomware attack on New Year's Eve claimed to have stolen customer data including credit card information, and threatened to publish it online if they weren’t paid the money within seven days.
Iranian Hackers are Likely Planning Social Engineering and Phishing Attacks
Iranian hackers are likely planning social engineering and phishing efforts as retaliation for the U.S. military’s killing of Iranian military chief Qasem Soleimani, according to security experts in government and the private sector.
How to Keep Your Devices Secure When You Travel
If you’re anything like me, you’ll be traveling with all of your devices this holiday season. But according to Trustwave, you need to do a quick security check-up.
Why Enterprises Buy Cybersecurity ‘Ferraris’
You wouldn’t purchase an expensive sports car if you couldn’t use it properly. So, why make a pricey security investment before knowing it fits into your ecosystem?
Top Gun 51 Profile: Trustwave’s Suzanne Swanson on Growing Partner Relationships to Build Success
With 30 years of work experience in the channel, Trustwave’s Suzanne Swanson says her biggest business strength today continues to be her hands-on involvement working with partners.
CrackQ Tool Adds Analysis and Reports to Password Cracking
There is a new tool offensive security teams can use for their password cracking needs. CrackQ is open-source and can provide metrics on the current jobs, queuing and re-queuing tasks.
SatLink VSAT Modem Vulnerabilities Open Door to Cross-site Scripting Attacks
Security researchers have divulged two vulnerabilities in the SatLink 2000 VSAT modem that could enable hackers to carry out cross-site scripting attacks and sniff sensitive data traversing the modem.
Fake Windows 10 ‘Update’ Is Actually Just Filled With Ransomware
It’s no secret that Microsoft’s Windows 10 updates have been controversial as of late. They’ve been filled with patches fixing previous updates’ bugs only to create more issues. Now, there’s a whole new problem altogether: Fake ransomware-filled updates.
Windows Users, Beware: This Fake Update Could Lock Up Your PC
With the end of support for Windows 7 coming in January, many users are looking to update to Windows 10 to continue getting security updates and support from Microsoft. According to a report from security firm Trustwave, attackers are well aware of this and targeting Microsoft users with fake update emails.
Trustwave Launches Advanced Threat Detection for Azure
For Microsoft Azure users, Trustwave is launching new services to bolster threat monitoring, detection and response natively on the platform.
To Secure Multicloud Environments, First Acknowledge You Have a Problem
Multicloud environments change rapidly. Organizations need a security framework that is purpose-built for the cloud and that aligns with their digital transformation strategy.
Ransomware First Responder: ‘The Bad Guys are Getting Smarter’
Trustwave’s Shawn Kanady on the evolution of ransomware attacks, why the public sector appears to be taking the biggest hit, and whether organizations should pay the ransom.
Many Passwords Not Strong Enough, Allowing Hackers to Access Your Accounts
You might think your password is strong but think again. Your passwords are at risk, even if they have special characters and numbers.
Microsoft Patch Tuesday Fixes 59 Flaws
Microsoft has issued its monthly security (Patch Tuesday) update, to fix a total of 59 vulnerabilities in its operating systems and products.
Experts Expect Hospital Ransomware Attacks to Continue
One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.
Singtel’s Trustwave Sharpens Cloud Security Platform in Singapore
Trustwave has unveiled a new cloud native platform designed to offer enhanced cyber security products and managed services to Singaporean customers.
‘Chameleon’ Spam Campaign Employs Randomized Email Headers
A large number of spam messages recently sent from the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing, Trustwave reports.
The Secret to Total Cyber Security
Good cyber-defense requires total visibility of the network to understand what could be a potential vulnerability. In cybersecurity, a network is only as strong as its weakest point. Chris Schueler, Trustwave’s Senior Vice President of Managed Security Services, shares more in an exclusive interview with GovInsider.
17 Cybersecurity Products the Cyber Insurance Industry Says Are Worthwhile
Insurance broker Marsh has unveiled the inaugural class of cybersecurity products and services receiving a Cyber Catalyst designation that is part of an evaluation program its backers hope will bring greater clarity in the crowded cybersecurity marketplace.
The Saudi Oil Attacks Could be a Precursor to Widespread Cyberwarfare for Companies in the Region
The Kingdom and oil and gas industry have been slow to shore up defenses, raising red flags about the possibility of longer term fallout in the region, experts said, including those who have responded to incidents in the region.
Think Outside the Box to Close the Skills Gap
The right people are out there. It’s just a matter of finding them. I talked to Chris Schueler, SVP of Managed Security Services at Trustwave, for advice on how companies can start thinking outside the box about hiring cybersecurity staff and how to best identify potential candidates who may not meet your current criteria but could end up being the right person for the job.
Top Wi-Fi Routers Have Major Security Flaws
A security researcher from Trustwave has discovered vulnerabilities in several D-Link and Comba routers which could make it easy for cybercriminals to see usernames and passwords stored on the devices.
D-Link Wireless Modems Found to Leak Passwords
Trustwave's Spiderlabs has uncovered credential leaking vulnerabilities in D-Link wireless ADSL2+ modem routers that are widely available in Australia.
Automation: Friend of the SOC Analyst
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs. Automation, artificial intelligence (AI), and machine learning (ML) are rapidly transforming nearly every industry, and cybersecurity is no exception.
Cybersecurity Readiness: A Must-Have For Digital Transformation Success
Enterprises today are facing challenges that are forcing them to embrace new technologies and applications that drive decision-making strategies based on hard data and real-time situational analysis and rely less on pure gut instincts.
Grupo Tecno Strengthens its Offer with Trustwave Managed Security Services
Trustwave, provider of cybersecurity services, and Grupo Tecno, integrator of Information Technology, signed an agreement that aims to provide managed cybersecurity services to both private and public companies in Mexico and Latin America.
Moving on Up: Ready for Your Apps to Live in the Cloud?
As the digital landscape changes, organizations are doing some purging of their own as they move to the cloud. But that transition isn't as easy as packing up dishes and linens, putting boxes on a truck, and heading off to a new destination.
AttackSurfaceMapper Automates the Reconnaissance Process
AttackSurfaceMapper, a new open source OSINT tool created by Andreas Georgiou and Jacob Wilkin, security consultants at Trustwave SpiderLabs, automates the process of collecting data that can help pentesters find a way into targets’ systems and networks.
#BHUSA: Increase Social Media Awareness with Active and Passive Testing
Speaking on “Testing Your Organization's Social Media Awareness” at Black Hat USA, Jacob Wilkin, network penetration tester and application security consultant, Trustwave SpiderLabs, said that social media phishing is on the rise and is now the “preferred vector for attackers” who now spread more malware via social media than on email.
Cybersecurity Staffers Needed, No Experience Required
The industry-wide shortage of trained cybersecurity personnel is not a new story, but Trustwave has begun to take a new approach to find not only trained cybersecurity staffers, but also those with no training or computer skills at all.
SanDisk’s SDD Dashboard Used Hardcoded Password, Lacks Encrypted Updates
Lackadaisical security practices in proprietary management software from a hardware vendor underscore the need for a vendor-agnostic solution.
Crain’s Hosts Tech 50 Event
Crain’s Chicago Business hosted its Tech 50 event honoring its annual list of headliners, behind-the-scenes heroes, new faces and emerging stars of Chicago tech. More than 100 people attended the event at cybersecurity company Trustwave’s office in the loop.
Snake Bites and Data Breaches
Why is treating a snake bite like responding to a data breach? It might sound like the beginning of a cheesy joke, but the two can have more in common that you might expect.
Cybersecurity Skills Shortage Prompts New Hiring Approach
Hiring managers are widening the pool of candidates in response to the cybersecurity skills shortage. Learn how a parks and recreation background can be an asset in threat hunting.
Hotel Kiosks Could Be Unsafe Due to Exposed Keys in Tech Tool
Researchers found that an application available on an unsecured website included credentials that could have allowed compromising consumer-facing Uniguest kiosks used by businesses in various activity sectors.
The Financial Implications of Cyber Crime
The modern-day robbery is no longer about criminals storming a bank wearing ski masks, brandishing firearms and filling bags with stolen cash. Instead, criminals now relay on more clandestine yet equally effective methods of stealing from financial institutions.
Wave and Pay: Cardless Card Make a Comeback Despite Previous Security Concerns
The convenient technology known as "wave and pay" available with some credit cards is making a comeback after serious security concerns. The technology is a debit or credit card with a wireless symbol where all you have to do is just wave it in front of a payment terminal and your transaction is done in seconds.
The Hotel Hackers Are Hiding in the Remote Control Curtains
Three men dressed for business travel in jeans and dress shirts loaded backpacks into the trunk of a black coupe and wound their way through the center of a major European city. When they arrived at their hotel, they unloaded their luggage and waited giddily to pass through the revolving doors. They were checking into the hotel to hack it.
Why Upskilling with Practical Experience Can Close the Cyber Skills Gap
As it becomes increasingly challenging and expensive to recruit new team members, one of the most effective approaches to improving security capabilities is to focus on upskilling your existing team instead.
Tomorrow’s Cybersecurity Analyst Is Not Who You Think
Organizations can’t just rely on diverse and cutting-edge technologies to fight adversaries. They will also need people with diverse expertise and backgrounds.
Sure Links Up With Cyber Experts
Telecoms company Sure has joined forces with a firm fighting the threat from cybercrime. The company is called Trustwave.
How to Stay Secure While Shopping Online
Hackers are targeting credit cards online more, a new report found. The number of cards being targeted went up by 7 percent, according to Trustwave’s global security report.
Trustwave Report: Threat Containment Getting Better
Given much of the publicity that is routinely attached to every breach disclosure these days, it’s easy to be pessimistic about the overall state of cybersecurity.
Gartner Magic Quadrant for Managed Security Services 2019: Analysis
Gartner’s Magic Quadrant 2019 for managed security services providers (MSSPs) has surfaced. Here’s a look at each MSSP featured in the report, along with our perspectives on each cybersecurity business.
Enterprises Not Doing So Well on Net Protections
You may have business relationships with an internationally located vendor, supplier, provider, contractor, employee, or customer. You may have boosted cybersecurity in your network. Be vigilant, attackers can use your business relationships as stepping-stones into your network.
Industry Reactions to Cybersecurity Workforce Executive Order
The White House says there are over 300,000 cybersecurity job vacancies in the United States and believes it’s crucial for the country’s economy and security that these jobs are filled.
Trustwave Releases New Database Security Updates
Trustwave is introducing a new database security scanning and testing software that helps organizations better protect critical data assets hosted on-site or by major cloud service providers.
Data: E-Retail Hacks More Lucrative Than Ever
This in-depth report from Trustwave contains a number of useful suggestions that sites can consider for a defense-in-depth approach to combating an increasingly crowded field of criminal groups turning more of their attention toward stealing CVV data.
MSSP Trustwave Unveils Database Security Scanning, Testing Software
Trustwave, a Top 100 MSSP, has introduced the DbProtect database security scanning and testing software. DbProtect provides data visibility and protection and compliance management capabilities, according to Trustwave.
Cyber-security Is Improving, Though Risk Continues to Grow
The 2019 Trustwave Global Security Report, released on April 25, has its fair share of bad news as it has found that multiple types of attacks have grown and attackers have continued to increase levels of sophistication.
Piracy Apps Surf for Vulnerabilities
Cyber criminals are attacking more accounts in the Asia Pacific region than North America, representing 35 percent of investigated data compromises, according to the annual report out today by Trustwave.
The Pulse of Risk Detection and Response at RSA 2019
Trustwave, which offers Managed Detection and Response (MDR) services, has taken a number of steps to build stronger context into their operations. They are feeding data about known bad actors into their intel fusion platform (IFP).
LokiBot Trojan Spotted Hitching a Ride Inside .PNG Files
A spam campaign pushing the info-stealing LokiBot trojan leverages a novel technique to avoid detection. According to researchers, the spam messages include malicious .zipx attachment hidden inside a .PNG file that can slip past some email security gateways.
CIA Extortion Scams Using SatoshiBox to Sell Alleged Proof for $500
The CIA extortion scams continue to evolve in order to squeeze as much money out of a victim as they can. In a new variant discovered by researchers, the extortion emails are now selling alleged proof on Satoshi Box for $500 that show you are part of the CIA investigation.
Attitude Is More Important Than Your Current Skill Set
Lawrence Munro, worldwide vice president of Trustwave SpiderLabs, on active threat hunting and what it takes to become a red teamer.
Hackers Use Pakistani Passport Website to Spy on Visitors
Hackers modified a Pakistani government website where citizens can request passports to spy on its visitors, according to researchers at Trustwave.
How to Break into Penetration Testing – an Expert’s Guide
In his role leading penetration testing services at Trustwave, Lawrence Munro, VP SpiderLabs, has pulled together the attributes, experience and qualifications he considers necessary to crack a career in this challenging space.
Pen Testing Takes Center Stage at RSA
It’s more important than ever for cybersecurity professional to understand how attackers can gain access to sensitive company or customer data. While it’s still important to examine vulnerabilities in isolation, the ability to understand attack paths and how attackers can gain access to data.
The Winners of the 2019 SC Awards Honored in the U.S.
Trustwave Managed Security Services’ elite team of 250 ethical hackers isn’t just protecting some of the world’s largest enterprises and government agencies. It’s actually reimagining ways that entire industries can protect their assets.
Why Cybersecurity Burnout Is Real (and What to Do About It)
The constant stresses from advanced malware to zero-day vulnerabilities can easily turn into employee overload with potentially dangerous consequences. Here’s how to turn down the pressure.
Trustwave Embraces Cybereason MDR for Endpoints
Trustwave, a Top 100 MSSP, has integrated the Cybereason Defense Platform into its Managed Detection and Response (MDR) for Endpoints service.
A Guide to Choosing a Cloud-Based Security Services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security.
Why Are You Looking at Me? I See You Watching Me.
Arjun and Jessica Sud routinely use a baby monitor to keep tabs on their 7-month-old’s bedroom. Last month, they heard something chilling through the monitor: A deep male voice was speaking to their child.
How Criminals Use Uber and Airbnb to Launder Money Stolen from Your Credit Card
Cybercriminals are turning to new technologies to launder their ill-gotten gains, including recruiting fake Uber drivers, shady Airbnb hosts and crypto conversion specialists via underground dark web, experts say.
Security Bugs in Video Chat Tools Enable Remote Attackers
Newly discovered security bugs in Lifesize videoconferencing products can be remotely exploited, giving attackers the ability to spy on a target organization or attack other devices.
Trustwave Secure Email Gateway Now Supports Microsoft Azure RMS
Today’s topics include Trustwave improving its Secure Email Gateway to reduce email threats.
Trustwave Improves Secure Email Gateway to Reduce Email Threats
Trustwave announced the latest iteration of its email security platform with the unveiling of Secure Email Gateway (SEG) 8.2. Among the highlights is support for the Microsoft Azure Rights Management System (RMS), which is used to protect against data loss and unauthorized access.
Why Good Database Security Planning is Essential for Protecting a Company’s Most Important Assets
Attackers know that shutting companies out of their own data can quickly cripple an organization and put the pressure on to consider paying the ransom.
The Year Cryptojacking Ate The Web
Cybersecurity can feel like a chaotic free-for-all sometimes, but it’s not every day that a whole new conceptual type of attack crops up. Over the last 15 months, though, cryptojacking has been exactly that. It’s officially everywhere, and it’s not going away.
Gartner Magic Quadrant for Managed Security Services 2018: Analysis
So what’s new for 2018? Trustwave moved into the enviable Leaders Quadrant, while Capgemini, DXC Technology and Fujitsu were added to the overall rankings.
Gift Cards Make Popular Gifts, Targets for Scammers
Gift cards are popular gifts this time of year, but they’re also big targets for theft. Americans have spent almost $30 billion on gift cards this holiday season but have also lost more than $50 million so far this year in gift card-related scams, according to the Federal Trade Commission.
Unpatched Kernel-Level Vuln in IBM Security Tool for Apple MacOS Revealed
Researchers disclose signedness bug in driver used by IBM Trusteer Rapport endpoint security tool after IBM fails to deliver timely patch.
Dark Web Recruitment: In the Web’s Lawless Underbelly, There are Still Rules
What we see when we browse the web is just the tip of the iceberg. Hidden below the surface, accessible only by the Tor browser, exists a marketplace in which criminals can sell drugs, weapons and stolen data with relatively little surveillance.
60 Cybersecurity Predictions for 2019
Just like last year, this year’s 60 predictions reveal the state-of-mind of key participants in the cybersecurity industry (on the defense team, of course) and cover all that’s hot today.
The SOC Essentials for 2019
What are the key differences between building a SOC for a large enterprise vs. for a small to midsized organization? Trustwave's Kory Daniels explains the distinction and outlines the must-have skills.
Hackers Infect Make-A-Wish Foundation Website With Code That Generates Cryptocurrency
Hackers successfully broke into the international website of the Make-A-Wish Foundation and inserted malicious computer code which used the computers of people visiting the site to generate cryptocurrency.
Hacker Brief: Criminals With No Shame Hit Make-A-Wish Website
Over the last year or so, cryptojacking—which forces your computer to mine cryptocurrency for bad guys when you visit an infected site—has become one of the internet’s most pervasive scourges.
How to Train Your Team (and Organization) to Effectively Use Threat Intelligence
Threat intelligence has transformed the information security world for the better but it’s not always leveraged in the best way possible by organizations and departments. The sheer amount of information, providers, platforms, and types of threat intelligence and data available, make it difficult to confidently ensure an organization is making the most of their threat intelligence.
Ransomware Infection? Here’s How You Control the Damage
Eighteen months ago, ransomware hit headlines around the world with the WannaCry and Petya outbreaks which spread across 150 countries. While lower attack volume may suggest that file-encrypting ransomware is no longer a risk, that’s not the case.
Five Key Considerations when Developing a Security Operations Center
Ensuring access to a reliable feed of threat intelligence through a security operations center (SOC) is an essential element of many organization’s security strategy today. However, establishing a SOC is a complicated endeavor, particularly when it comes to balancing budget and resource limitations in an increasingly complex security landscape.
Why is Burnout so Prevalent in the Cybersecurity Industry?
A role in cybersecurity, while rewarding, can also be extremely taxing psychologically. We spoke to Chris Schueler from Trustwave about why burnout is so prevalent and how it can be addressed.
Red Alert Android Trojan for Rent at $500 Per Month
The Red Alert 2.0 Android Trojan first detailed in September last year is currently available for rent on underground forums at $500 per month, Trustwave reports.
Virtual Case Notes: 10 Years After Fighting Conficker Exploit, Security Researcher Reflects
As the last full week of the 15th National Cybersecurity Awareness Month comes to a close, security experts are reflecting on the 10-year anniversary of one of the most significant computer vulnerabilities and cyberattacks of the time.
Like it or not, Business Must Swallow TLS Deprecation Medicine
In coordinated statements, the big four in the browser application world have finally announced the deprecation of Transport Layer Security (TLS) protocol v1.0 and v1.1.
Top Cybersecurity Facts, Figures and Statistics for 2018
Looking for hard numbers to back up your sense of what’s happening in the cybersecurity world? We dug into studies and surveys of the industry’s landscape to get a sense of the lay of the land – both in terms of what’s happening and how your fellow IT pros are reacting to it.
Singtel to Buy Australian Cyber Security Firm for A$23.3 Million
Singtel’s Australian subsidiary has inked a deal to buy a privately held cyber security firm incorporated in Victoria state, which will be integrated into the group’s Trustwave cyber security arm.
AVANT, Trustwave Partner to Increase Security Sales in The Channel
AVANT Communications has forged an alliance with Trustwave, an MSSP that helps businesses fight cybercrime, protect data and reduce risk. The alliance gives AVANT’s thousands of channel sales professionals access to Trustwave’s portfolio of managed security services covering threats, vulnerabilities and compliance.
Inside the Dark Web’s ‘Help Wanted’ Ads
How cybercriminals recruit everyone from car drivers to corporate insiders and pay them according to the risk they assume.
Signed Check Used to Take $4,500 from Couple’s Account
A year ago, one couple wrote a check for $625. Then, someone tried to deposit more than a dozen other checks worth around $20,000 using that original signed check as their counterfeit canvas. CBS 2’s Dorothy Tucker investigates how that can happen.
How to Defend Enterprise Apps with Threat Modeling: 4 Lessons Learned
Security experts have long recommended that security teams incorporate threat modeling into their process of analyzing their corporate assets. Taking a structured approach to analyzing risks to information infrastructure can reveal new threats that aren’t contained in compliance requirements or industry standards.
PureVPN Windows Client Leaked Passwords
PureVPN has had two vulnerabilities which would allow hackers to retrieve stored passwords through the VPN client. This was confirmed by Trustwave’s research and the VPN provider itself.
There’s a Booming Job Market for Corporate Insiders Willing to Share Secret Info with Cyber Criminals
Many companies, especially in big technology, banking and telecom, face heavy incentives overseas for employees to sell internal information or access. The problem is so common that in some jurisdictions, criminal enterprises post “job ads” looking for specific insiders to aid in targeted schemes.
A Look at the Windy City’s Newest Cyber Command Center
Ask anyone what a quintessential cybersecurity command center looks like, and they’ll likely launch into a description that includes a dark room with vibrant accent lighting and a collection of screens displaying an array of information from global news to maps highlighting real-time cyberattacks.
Threat Hunters and Ethical Hackers: Trustwave’s Chicago Command Center Battles Cybercriminals
Scrolling down a jumbo screen Trustwave’s Loop office is a list of personal information. There are emails, names, passwords, credit card numbers and expiration dates – a gold mine for anyone trying to steal someone’s identity.
How Trustwave Keeps an Eye on Hackers
Look inside the Loop command center where the information-security company is stepping up its cybersecurity game.
The Secrets of Social Engineering
We’ve all heard the stories in the news about cyberattacks enabled by unwitting consumers: fraudsters hacking into individuals’ email accounts and sending messages to their contacts requesting money; consumers providing payment information to phony websites; cybercriminals pretending to be relatives “in urgent needs of funds.”
Unpicking the Cyber-Crime Economy
Turning virtual cash into real money without being caught is a big problem for successful cyber-criminals. They often have to get creative when “cashing out” or laundering the money they have stolen, according to a security expert.
Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors
Researchers have found a cross-site scripting (XSS) flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites.
Thought Leader – Chris Schueler
At a time when cyberattacks and threats are on a sharp rise both in frequency and severity, Chris Schueler has been a driving force in shaping how large organizations incorporate the managed security model.
Criminals Exclusively Target Bank Staff Credentials with RAT-Laced MS Publisher Email Attachments
Cybercriminals have chosen one of Microsoft’s lesser known Office document creation apps Publisher (.pub) as the vehicle for distributing password stealing malware intended for employees at thousands of banks around the word.
New Facial Recognition Tool Tracks Targets Across Different Social Networks
Researchers at Trustwave released a new open-source tool called Social Mapper, which uses facial recognition to track subjects across social media networks.
How Your LinkedIn Exposes You to Facial Recognition Hacks
From Facebook overshares to accidental password posts on Twitter, there are many ways in which Web personas leak things of use to malicious hackers.
MikroTik Routers Enslaved in Massive Coinhive Cryptojacking Campaign
According to Trustwave researcher Simon Kenin, on July 31, a surge in Coinhive activity was detected which indicated that a malicious cryptocurrency mining operation was underway.
200,000 Routers Turned Into Mindless Crypto Coin Mining Zombies
Somewhere out there a cybercriminal is lining his or her pockets with cryptocurrency. Whoever it is isn’t using powerful computer to do the mining. Instead, this individual is using an ever-growing army of enslaved routers to do the dirty work.
Cryptojacker Campaign Hits MikroTik Routers
More than 200,000 routers hit with a sophisticated cryptomining attack that appears to be spreading.
Oracle Fixes Solaris Vulnerability that Could Allow Kernel Level Privilege Escalation
A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.
Dust Yourself Off and Try Again: Ancient Solaris Patch Missed the Mark
A vulnerability first detected and “resolved” years ago in Oracle’s Unix OS, Solaris, has resurfaced, necessitating a fix in Big Red’s latest quarterly patch batch.
A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.
A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.
DanaBot Trojan Targets Bank Customers In Phishing Scam
The recently-discovered DataBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB.
What Does the EU Cybersecurity Vote Mean for the Average Person?
The European Parliament’s industry committee wants to give ENISA more power and create a rulebook for connected devices.
Why Cryptocurrency Threats Aren’t Going Away Anytime Soon
In the 2018 Trustwave Global Security Report, which looks at a wide range of computing and internet threats, risks and vulnerabilities across more than a dozen industries and 21 countries, cryptocurrency has a starring role.
Linux Becomes Major Cryptomining Target
Not only has cryptojacking hit the big time, but now attackers are moving to target Linux.
Third-Party Cyber Security: Strengthening the Weak Link
As companies adopt new technologies in short timeframes, they are increasingly turning to outsourcing resulting in third-party providers having access to sensitive data more than ever before.
EFF’s STARTTLS Everywhere Aims to Protect Email in Transit
The EFF’s new STARTTLS Everywhere initiative aims to secure email as it transits the internet between mail servers to prevent mass surveillance, as well as email spoofing.
Why Cybercriminals are Turning to Cryptojacking for Easy Money
The cryptocurrency market has seen an incredible amount of attention and hype over the last year, culminating with Bitcoin values soaring by more than 1,300 percent in 2017.
Cover Your Bases: Areas to Focus on in Your Information Security Strategy
From connected devices to insider threats, the modern-day cybersecurity professionals has their hands full when it comes to ensuring their organization measurably reduces risk.
Weaponizing IPv6 to Bypass IPv4 Security
Just because you’re not yet using IPv6 doesn’t mean you’re safe from the protocol’s attack vectors.
These Terrifying Ads Selling Violent Services Don’t Show the True Secret of the ‘Dark Web’ – That Criminals Behave a lot like Regular Companies
What you can’t see is that these cyber criminals behave among one another in much the same way legit businesses behave to legit customers, a security researcher tells Business Insider.
Don’t expect your bank’s virtual cards to be the ultimate security solution
Finding out you’re a data breach victim is bad enough. But the process of canceling credit cards and checking statements for suspicious activity will likely be an even bigger headache.
What’s the Biggest Security Threat for 2018? Malware
What will be the most significant threat to cybersecurity teams in 2018? According to a May 2018 survey from information security company Trustwave, 22 percent of full-time information technology (IT) professionals said preventing malware, including ransomware, was their biggest obligation for 2018.
GDPR is on the books, Google, Facebook face lawsuits, others scramble to comply
GDPR has been in play for less than 24 hours and several lawsuits have already been filed in the EU against Facebook and Google claiming each in not abiding by the new privacy regulations.
Pressures impacting security pros are up, threats are turing up the heat
Trustwave released the 2018 Security Pressures Report based on a global survey of 1,600 full-time IT professionals who are security decision makers or security influencers within their organization.
Growing Job Pressures Increase Risk of Burnout for Cybersecurity Professionals
A new Trustwave survey shows information security executives and practitioners are under increasing pressure from trying to keep up with threats and compliance mandates.
Not so Safe in the Cloud – a Quarter of Enterprises Hit by Cryptojackers
Newly published research reveals the poor state of enterprise cloud security, as evidenced by the advance of cryptojacking within these environments.
IPV6 and IoT Security: What Should you Know?
IPv4 is stretched to breaking point and IPv6 migration is an inevitability as IoT devices multiply.
Cyberthreats: A 10-Year Perspective
This year marks a historic decade-long milestone of the Trustwave Global Security Report (GSR), an annual report that touches on the current state of cybersecurity and the evolving threat landscape.
Have you updated your Electron app?
Electron – the widely used desktop application framework that renders top programs – suffered from a security vulnerability that potentially allows miscreants to execute evil code on victims’ computers.
Exploit puts popular web and mobile apps at risk
A new exploit could allow users to bypass security checks in Electron, a popular cross-platform development framework.
Internet security: A power user’s guide to staying safe online
There are lots of straightforward steps you can take to protect your privacy online. Spend a couple of minutes now to get yourself set up, and you’ll never worry about it again.
Microsoft Patches Two Zero-Day Flaws this Month
Microsoft has patched over 60 vulnerabilities in this month’s security update round including two being actively exploited in the wild.
Wither Spam?
The internet has never been an especially safe place, but at least one small corner of it – email – was less perilous for most users in 2017.
Survey Roundup: Regulatory Inconsistencies Take Toll on Companies
Cost of Divergence: Inconsistencies in regulation among various jurisdictions – regulatory divergence – cost financial institutions between 5% and 10% of their annual revenue.
MSSP Trustwave Launches Enterprise Cybersecurity Consulting Practice
Trustwave, a Top 100 MSSP and compliance, threat and vulnerability management services provider, has launched a Detection, Analytics and Response Consulting (DARC) practice for enterprises.
Trustwave Helps Financial Service Providers Fight Back Against the Cybercriminals Who Want Your Data
Cybercrime and information security breaches are increasing at alarming rates, and the FBI estimates losses each year run into the trillions of dollars.
Research Reports Reveal Web Application, Patching Worries
Security vulnerabilities are rampant, while software patching remains a key challenge. These are a few of the high-level findings from research reports released the week of April 2-6.
Cybercriminals are Increasingly Targeting Online Retailers. Here’s How to Protect Yourself
Cybersecurity can be a cat-and-mouse game. Fix one weakness, and the criminals find another target. It’s a lesson industries from retail to restaurants to airlines are learning as consumers’ data increasingly draws the attention of online thieves.
All Web Applications Studied Had at Least One Vulnerability, Says Trustwave Report
Web developers are still not closing all the security holes in their applications, a new vendor study suggests.
100% of Web Applications Vulnerable to Attack, Despite Billions Spent on Security Efforts
Vulnerabilities and attacks on networked devices have surged in the past decade, while spam emails have dropped, according to a Trustwave report.
Retail Sector Leads in Data Breaches as Criminals Target Corporate Networks
The retail sector suffered the most breaches in 2017, accounting for 16.7 percent followed by the finance and insurance industry at 13.1 percent and hospitality at 11.9 percent.
Gosh, These ‘Hacker’ Nerds are Only Getting More Sophisticated
An annual report from security firm Trustwave highlighted increased sophistication of web app hacking and social engineering tactics on the part of miscreants.
Despite Risks, A Majority of Firms are Allowing the use of Wi-Fi Hotspots
While experts have warned about the perils of connecting to unsecured public Wi-Fi hotspots in the past, new research has revealed that organisations are suffering more from security issues than in the past.
jRAT Leverages Crypter Service to Stay Undetected
In recently observed attacks, the jRAT backdoor was using crypter services hosted on the dark web to evade detection, Trustwave security researchers have discovered.
Leader of Cybercrime APT Behind $1.2 Billion in Bank Heists Arrested
In a big victory for international law enforcement, Spanish police have arrested the alleged leader of Carbanak, a cybercrime group believed responsible for stealing over $1.2 billion from more than 100 banks in 40 countries.
Trustwave Goes Threat Hunting
Trustwave Government Solutions is debuting its new Threat Hunting service for forward-leaning government agencies that are tired of having they cyber clocks cleaned.
GDPR: Is Your Company Ready?
In May, the European Union (EU) will begin enforcing the most stringent regulations to date on how EU citizens’ personal data is lawfully collected, processed and stored.
Top Five Ways Security Vulnerabilities Hide in Your IT Systems
Despite the known risks of software vulnerabilities, most companies have unpatched security flaws in their infrastructure.
Trustwave Launches Proactive Threat Hunting Service
Trustwave, a Chicago-based cybersecurity company that has specialized in cyberattack response, has launched Threat Hunting for Government, a service designed to proactively and continuously search federal networks for intruders and malware.
Government Steps Up to One New Technology, Risks Another Over Inaction
As the Defense Department beefs up its cyber threat hunting capabilities, it’s taken a slower approach toward modernizing GPS.
New Word Malware Attacks Systems Without Using Macros
Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.
Cryptomining Can Slow Down Devices, Run up Electric Bill
Could your computer or device be running slower on certain websites? The I-Team is investigating cryptomining and how it can affect you – and even your electric bill.
Trustwave, Uniserve Partner to Deliver Managed Security Services in Canada
Trustwave, a Top 100 MSSP that provides compliance, threat and vulnerability management services, has added Canadian voice, data and media services company Uniserve Communications to its customers across Canada.
Wish You Could Log into Someone’s Netgear Box Without a Password?
If you’re using a Netgear router at home, it’s time to get patching. The networking hardware maker has just released a tsunami of patches for a couple of dozen models of its kit.
The 20 Coolest Cloud Security Vendors of the 2018 Cloud 100
Soaring demand for cloud security is being fueled by everything from increased adoption of bring-your-own devices and connected devices to smart cities and government mandates around cloud adoption.
Spectre Shenanigans, Nork Hackers Upgrade, Bad WD Drives and More
Your Weekly Dose of Infosec Odds’n’sods.
New Western Digital My Cloud Bugs Give Local Attackers Root on NAS Devices
Researchers disclosed two new vulnerabilities in Western Digital My Cloud network storage devices on Thursday that could allow a local attacker to delete files stored on devices or allow them to execute shell commands as root.
OnePlus Attackers Steal Credit Card Data From 40,000 Customers
Days after receiving initial reports about fraudulent activity, the mobile phone vendor reveals that attackers could get a malicious script onto its website that stole user credit card information.
Australian Companies Lag World In Evaluating Business Risk of Data Compromise
Despite tighter privacy controls and a looming disclosure regime, Australian companies are less vigilant about data risk than their counterparts in other advanced economies, according to research that found protection of critical data varied with dramatic differences in the perceived value of that data.
How Secure Is Your Hotel’s Mobile Room Key?
By the time you get to your hotel, you’ve waited at the airport, on the plane and in transit. Checking into your room may also mean a wait — but not if your hotel offers mobile check-in and a digital room key.
The CEO’s Critical Role In Driving Cybersecurity Readiness
Cybercrime’s cost to businesses continues to grow exponentially. In 2015, Juniper Research predicted that the continued reliance on digitization in our lives will be the catalyst for a $2.1 trillion criminally driven industry by 2019.
Trustwave’s Value of Data Study Finds Major Variances on the Black Market Value of Critical Financial Information
Most consumers think of credit card information as the most valuable personal data to cyber thieves. But strategies put in place by card issuers to lock a credit card the instant fraud is suspected makes it a valuable commodity for only a brief period of time.
Why Retail Is The Hottest Target For Hackers
Five trillion dollars in U.S. retail spending is very attractive to cybercriminals. The large volumes of financial data continuously processed by payment and retail vendors is highly valued and can provide criminals with easy payouts.
Examining Attitudes Towards Confidential Data
Industry analyst firm Quocirca surveyed 500 IT decision makers in the United States, Canada, United Kingdom, Australia and Japan, examining attitudes towards the value of confidential data including: personally identifiable information, payment card data, intellectual property and email.
The Value of Personal Data to Companies and Cyber Criminals
Businesses rely more and more on data, but a new study shows up significant differences in the value that is placed on confidential data around the world and in different industries.
From Porn Sites to Starbucks Wi-Fi, CPUs Are Getting Hijacked to Mine Cryptocoins
It’s one things to wake up and discover that you missed the boat on a cryptocurrency boom that’s making a handful of people very wealthy. It’s another thing to find out that your computer is making someone else rich while it gives you poor performance and jacks up your electricity bill.
East European Banks Cyber Robbed: How Did They Do It?
Earlier this year Trustwave was called to investigate several security breaches which had affected banks in Post-Soviet countries.
Trustwave: A Managed Security Provider on the Front Lines of the Fight Against Damaging Data Breaches in Retail
Hackers routinely target vulnerable retailers of all sizes, stealing credit card data and other sensitive financial information in the process. Trustwave helps those businesses protect their data and mitigate risks through cloud and managed security services — and by enlisting a team of cybersecurity experts.
Why Hackers Love Cryptocurrency Miner Coinhive
A brilliant idea to monetize internet traffic appears to be running amok.
Just Don’t Call Them Ethical Hackers
The field of cyber security has a couple of problems. First, the media insists on using headline-friendly terms like "ethical hacker" for roles that are done not by loners in hoodies, but professionals in corporate cubicles.
Trustwave Shakes up Global Channel Program as Aussie Security Demand Increases
Trustwave has announced a revamped global partner program in the channel, with updates including a new online learning system and partner portal.
Trustwave Adds Online Learning, Self-Service Portal to Partner Program
Cybersecurity firm Trustwave has a new online learning system and streamlined partner portal designed to give partners a complete understanding of customer security and compliance issues.
Wired Away: Couple Loses Life Savings During Home Purchase
The I-Team has a warning after a local couple's life savings vanished. They lost more than $300,000 during the purchase of their dream home in a scam that could happen to anyone.
Risk Assessment: The First Step in Improving Cyber Security
Despite the proliferation of high profile cyber-attacks over the last 18 months, many organisations are still too disorganised in their approach to security.
Cryptojacking Craze That Drains Your CPU Now Done by 2,500 Sites
A researcher has documented almost 2,500 sites that are actively running cryptocurrency mining code in the browsers of unsuspecting visitors, a finding that suggests the unethical and possibly illegal practice has only picked up steam since it came to light a few weeks ago.
Oh Brother: Hackers Can Crash Your Unpatched Printers – Researchers
Security company Trustwave says it has found a flaw in the web server used by Brother printers which could lead to a denial of service.
Brother Printers Susceptible to Remote Denial of Service Attacks
Networked consumer and business printers manufactured and sold by Brother contain an unpatched vulnerability that can be abused by a remote attacker to cause a denial-of-service condition on the device.
How Devs at 7 Chicago Companies Keep Their Skills Cutting Edge
Companies are constantly evaluating and implementing new technologies, which requires engineers to stay on top of the industry’s latest developments.
10 Scariest Ransomware Attacks of 2017
Who needs a horror movie when you have the 2017 ransomware news cycle? There has been a constant stream of increasingly destructive attacks hitting victims around the world.
A Lack of Cybersecurity Talent is Driving Companies to Use AI against Online Attacks
A shortage of humans to fight cybersecurity battles is causing companies to turn to machines.
For Cybersecurity, AI Helps Alleviate Shortage of Human Experts
Tighter cybersecurity is a priority for most companies. But good help is so hard to find.
Hacking as a Matter of Life or Death, Trustwave
Hacking as a Matter of Life or Death, Trustwave
Why Cryptojacking Is the Next Big Cybersecurity Threat
Meet the Internet’s latest menace. Hackers and penny-pinching website hosts are hijacking people’s computers to “min” cryptocurrency. And we’re not talking about coal and canaries.
Your Browser Could Be Mining Cryptocurrency for a Stranger
Wired There’s something new to add to your fun mental list of invisible internet dangers. Joining classic favorites like adware and spyware comes a new, tricky threat called “cryptojacking,” which secretly uses your laptop or mobile device to mine cryptocurrency when you visit an infected site.
Taxpayers Targeted by Spam Emails Posing as HMRC to Take Control of Computers
UK taxpayers have been warned to be on high alert after a wave of booby-trapped emails was recently caught posing as tax return messages from Her Majesty's Revenue & Customs (HMRC).
New Cybercrime Campaign a ‘Clear and Imminent’ Threat to Banks Worldwide
Hundreds of millions of dollars stolen from banks via an sophisticated attack that blended cyber and physical elements.
Ykcol and Asasin Ransomware Locky Variants Released Within Short Time Frame
At least two new Locky ransomware variants have been released within less than a month of each other although one of the variants is broken for the time being due to a malformed spam campaign.
Trustwave Smart Security on Demand
Data is the lifeblood of business, and it is increasingly being jeopardized as the businesses are facing an onslaught of financially motivated hackers, corporate data breaches, and frequent compliance changes.
Overdraft-fiddling Hackers Cost Bank in Eastern Europe $100m
Hybrid cyberattacks on banks in former Soviet states has already resulted in estimated losses of $100m.
Digital Bank Heist Spree has Totaled at Least $40 Million since March
An international organized crime syndicate has stolen at least $40 million from banks since March using a hacking scheme, according to a report released Tuesday, and has likely stolen substantially more.
Criminals Stole Millions from E. Europe Banks with ATM “Overdraft” Hack
Crime ring opened minimal accounts with banks, then boosted their withdrawal limits.
Inmarsat Launches Fleet Secure
Inmarsat has officially launched its Fleet Secure cyber security service, which has been constructed and delivered in partnership with Singtel and Trustwave, at its UK headquarters as part of London International Shipping Week.
Beyond Open Floor Plans: Check Out 5 of Chicago’s Coolest Tech Offices
Kegs and ping pong tables won’t cut it anymore if you’re looking to wow prospective employees with your office.
New Dridex Phishing Campaign Delivers Fake Accounting Invoices
A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero.
Threat Seeker – Ziv Mador
For his work with the SpiderLabs Security Research team and previously as a member of Microsoft's response team where he helped formalize the incident response program and the malware protection center.
Chips Can Fall Out of Chip Credit Cards, Leaving Consumers Vulnerable
A new wrinkle in smart technology serves as a reminder for consumers to be cautious, as the tiny chip in your credit card can fall out and then be used by someone else to access your credit card information.
How to Make Sure Your Tech Business Keeps up with Cyber Attackers
Brian Hussey, VP of cyber threat detection and response for SpiderLabs at Trustwave, explains what elements firms need to have in place if they are to detect, contain and survive a cyber-attack.
This is Where You Will Find Your Next New Employee
If you’re looking to expand your team, chances are one of your current employees knows just the right person.
Phones May Be Joining Unsecure Wi-Fi Networks Automatically, Experts Say
Free Wi-Fi is a great way to save on data, but the I-Team has learned your phone could be taken over automatically by Wi-Fi, signing on to unsecure networks and putting your information at risk.
Rising Information Security Threats, and What to do About Them
The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to every CISO.
It costs just $5 to infect 1,000 computers with malvertisements
Even though malware detection and containment have improved a lot since 2015, malvertisement are still a lot cheaper and difficult to contain, says a report from security firm Trustwave.
Fight against cybercrime shows wins and losses in 2017 Trustwave global security report
Trustwave has released the 2017 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2016.
PoS Attacks on the Rise and Spam Rebounds, Trustwave Reports
Security services firm Trustwave released its 92-page 2017 Global Security Report on June 20, providing insight into security trends observed by the firm from data breach investigations conducted around the world. One trend was a growing volume of point-of-sale (PoS) system breaches, which grew to 31 percent of breached environments analyzed by Trustwave in 2016, up from 22 percent in 2015. "Cybersecurity in 2016 had both highlights and lowlights," Trustwave CEO and President Robert J. McCullen said in a statement. In this slide show, eWEEK looks at both the highlights and the lowlights of the 2017 Trustwave Global Security Report.
Nearly half of compromises due to insecure remote-access software and policies: report
Metrics are vital for CISOs to do their job effectively. Unfortunately the numbers included in the latest Trustwave global survey show that infosec pros and software developers around the world still have a long way to go. Read more: http://www.itworldcanada.com/article/nearly-half-of-compromises-due-to-insecure-remote-access-software-and-policies-report/394253#ixzz4kr7UFcTc or visit http://www.itworldcanada.com for more Canadian IT News
Cybersecurity trends: Fight against cybercrime shows both improvements and downsides
Trustwave released the 2017 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2016. The report demonstrates both good and bad news in the world of cybersecurity as intrusion detection and breach containment times were relatively better, but other threats like malvertisements became cheaper and malicious spam saw increases.
Median Dwell Time for Hackers Drops to 49 Days
The dwell time for hackers inside victim networks fell by nearly half over the past year, although the time from intrusion to containment of such threats remained virtually the same, according to Trustwave.
It's cheaper to infect 1,000 computers with malvertising than to buy a beer six-packv
The state of global cybersecurity is a mixed bag at the moment, according to a new report by Trustwave. The company's 2017 Trustwave Global Security Report says intrusion detection is faster, as well as containment times. However, malvertisement is cheaper, and spam has picked up the pace.
Time to Detect Compromise Improves, While Detection to Containment Worsens: Report
Throughout 2016, Trustwave investigated hundreds of data breaches in 21 different countries, and conducted thousands of penetration tests across databases, networks and applications. An analysis of key findings from this activity is presented in the 2017 Trustwave Global Security Report published Tuesday (PDF).
Cybercrime evolving into more of a genuine business, Trustwave report
The "2017 Trustwave Global Security Report" [registration required] examines trends over 2016 in the areas of cybercrime, data breaches and security. The era of acting defensively is over. It is time to approach cybersecurity proactively, the report stated.
Organizations Are Protecting Intrusions More Quickly
More organizations appear to be heeding the advice to implement capabilities for detecting intrusions sooner, at least based on an analysis of data from breach investigations that security vendor Trustwave conducted for clients last year.
Gains, losses in efforts to combat cyber crime in 2016: Trustwave
The fight against cyber crime showed both advances and retreats in 2016, with improvements on the intrusion detection and breach containment fronts matched by cyber crime increasingly being treated as a business, suggests a Trustwave report released Tuesday.
Report: 99.7% of web apps have at least one vulnerability
Nearly every web application has at least one vulnerability, according to the 2017 Trustwave Global Security Report, released Tuesday. Of the apps scanned by Trustwave for the report, 99.7% included at least one vulnerability, with the mean number of vulnerabilities in web apps being 11.
Payment Card Data Still Hackers’ Most Frequent Target
Yesterday, news broke that a file containing detailed personal information on 200 million Americans was stored on an unprotected server by a political contractor. The travails of Yahoo and its half a billion stolen records have been well documented. Breaches like these, focused on personal information, recently have shifted the focus of card-not-present fraud professionals toward new kinds of fraud based on personal information: account takeover, account creation and synthetic fraud.
Trustwave: 63 percent of breaches observed targeted payment card data
Security firm Trustwave has released its 2017 Global Security Report which contains some bleak findings relating to the rise of payment card data thefts and incidents involving point-of-sale breaches in the hospitality, retail and food and beverage industries.
Retail industry leads the way in data breaches
The largest share of data breach incidents involved the retail industry, closely followed by food and beverages, according to a new report. The 2017 Global Security Report from Trustwave shows that 22 percent of incidents involved the retail industry, followed by food and beverages at 20 percent.
US is Number One! In sales register hacking attacks, at least
Hacking attacks against sales terminals have risen by nearly a third last year, and the US is still leading the way in being insecure. Incidents affecting sales tills and payment systems increased to 31 per cent in 2016, according to research by security firm Trustwave, while incidents affecting e-commerce environments fell to 26 per cent from 38 per cent. Incidents involving sales registers were most common in the US, thanks to its tardy adoption of EMV chip technology and a reliance on chip and signature rather than chip and PIN payment.
Trustwave Global Security Report: Cyber Intrusion Detection Improving
Many organizations are getting better at cyber intrusion detection, according to a new report from Trustwave, the Chicago-based MSSP. The “2017 Trustwave Global Security Report” of cybercrime, data breach and security threat trends from 2016 indicated the median number of days from cyber intrusion to detection of a compromise fell from 80.5 in 2015 to 49 last year. In addition, the median number of days from cyber intrusion detection to containment was 2.5 in 2016, according to the report.
Minimizing Risk: Five Ways Payment Facilitators Can Stay Secure and Keep Merchant Risk at Bay
Attackers are developing new methods of stealing sensitive information every day, making retail breaches an all-too-common occurrence. But an important line of defense for merchants are their payment facilitators, which, when armed with the right knowledge, can act as digital bodyguards for these brands.
What Happens When Your Small Business Is Hacked
News headlines continue to call our attention to the latest cyber attacks -- something that provides IT and security professionals with the daunting task of remaining steadfast on the unpredictable security battlefield. In fact, 53 percent of IT professionals felt more pressure to secure their organization last year, compared to 2015, according to the 2017 Security Pressures Report from Trustwave. However, contrary to what you would expect, the pressures are not just coming from the C-suite.
Interview with Mayor Emanuel and Trustwave CEO Bob McCullen
Chicago Mayor Rahm Emanuel joins Trustwave to open the company's new and expanded headquarters, plus helps to mark the start of the City Colleges of Chicago's (CCC) inaugural Cyber Security Boot Camp.
Trustwave Says it’s Hiring Hundred to Grow its Cybersecurity Business in Chicago
Trustwave, the Chicago-based information security firm that helps businesses protect against cyberattacks, unveiled its expanded headquarters and announced an internship program with the City Colleges of Chicago Monday at an event with Mayor Rahm Emanuel.
Trustwave signs up e92plus for push into security channel
Trustwave looks to put more business through the channel as it broadens out from traditional compliance business
4 Reasons the Vulnerability Disclosure Process Stalls
The relationship between a manufacturer or vendor and security researchers can be filled with tension and unease, and it's most often put to the test during the vulnerability disclosure process. Although their intentions are pure, researchers often feel they are being shut out of the process, while vendors may see disclosure deadlines as a threat from researchers looking to produce headlines.
Security Issues Place More Pressure on IT Pros
As organizations wade deeper into digital technology, the pressure grows on IT and security professionals to keep systems up and running. What's more, as budgets shrink and the time required to manage and maintain security systems swells, the stress levels keep rising. A recent report from Trustwave, "2017 Security Pressures Report," offers some perspective on how organizations are addressing these issues, and how IT and security teams are faring.
Security experts find clues to ransomware worm's lingering risks(1)
Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.
Security experts find clues to ransomware worm's lingering risks
FRANKFURT (Reuters) - Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.
Outsourcing security: Would You Turn Over the Keys to a Third Party?
Tom Bain, vice president of marketing at CounterTack, believes organizations want to "collapse the stack" and move to fewer providers and platform offerings. They want less agents and ultimately not as many providers under the hood. “Taking technologies into a managed deployment gives an enormous advantage to MSSPs who can remove the burden from operators, monitoring and responding to threats on their behalf,” he said.
Trustwave adds space and employees at new Loop HQ
In the past year, Trustwave has hired 160 people in Chicago, increasing headcount here about 30 percent to more than 500 people. Worldwide, Trustwave is up to 1,650 employees. It's a workforce heavy on engineering talent. McCullen doesn't expect the growth to slow down. The company has 50 open positions in Chicago. There isn't enough talent anywhere in tech, but the challenge is particularly steep in cybersecurity. "We need really skilled people," he said. "Even our customers can't find them."
Secure IT: Profile of a White Hat hacker
Ever wondered who these ‘hush-hush’ people are that help to keep our networks safe? Here we talk to Lawrence Munro, director of SpiderLabs EMEA for Trustwave, about the role of the ‘White Hat hacker’.
Carbanak Hackers Refine Intrusion Tactics
The Carbanak group, also known as Anunak, was exposed in 2015 after it managed to steal an estimated $1 billion from more than 100 banks across 30 countries. In early 2016, the group continued to target banks, mainly in the Middle East and U.S.
Tech-Savvy Innovative Hotels Are More Vulnerable to Data Breaches
The race to become the most innovated and tech-savvy hotel is on. Hotels have increasingly begun working with technology companies to offer more innovative and enhanced guest experiences. Guests at many hotels can now bypass the need to go to the front desk by using their mobile devices to select a room, check-in, receive texts when their room is ready, and even unlock the door to their room. Guests can also customize their stay by requesting items, ordering room service, planning activities, or purchasing upgrades. Everything a guest may want is only a few clicks or taps away, and soon, the data collected by these programs will allow hotel operators to anticipate guests’ requests and needs.
This elite cybercrime group is wreaking havoc on the U.S. restaurant industry
A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent brand-name restaurants in the U.S.
What to look for when evaluating an Incident Response Services Provider
With Australia’s mandatory data breach notification laws set to take effect by 23 February 2018, protecting sensitive information and data privacy has moved up the burgeoning list of an organisation’s IT security priorities.
Behold, the spear phish that just might be good enough to hook you
To understand why Carbanak is one of the Internet's most skilled and successful criminal groups, consider the recent spear-phishing campaign it used to infect computers in the hospitality and restaurant industries with malware that steals banking credentials.
Pressure is on Australian CSOs as cybersecurity breaches are found to be near-ubiquitous
The risk of cybersecurity compromise has become ubiquitous across business and government sectors, with new figures suggesting that nine out of every 10 Australian organisations dealt with an attempted or successful cybersecurity breach during fiscal 2015-16 – and that 58 percent had been successfully compromised.
IT Professionals Feel Security Pressure From Cloud, Others’ Breaches
IT Professionals Feel Security Pressure From Cloud, Others’ Breaches
Software often launched without security checks, survey finds
Cybersecurity company Trustwave, which has its Canadian headquarters in Waterloo, released the results of its fourth annual Security Pressures Report on Wednesday. The survey is based on interviews with 1,600 IT and cybersecurity professionals around the world.
Security Professionals Feel More Pressure to Deliver Cybersecurity
According to Trustwave’s 2017 Security Pressures Report, the answer is yes, a shift is happening, especially in who is putting the pressure on staff for improving cybersecurity efforts. Security is becoming more personal, the report said, with 24 percent of respondents citing pressure exerted by oneself to deal with cybersecurity, which is up 13 percent over last year’s report. Nearly half of the respondents did admit that they feel the pressure from executives and boards of directors, but that number is down 13 percent from last year.
InfoSec pros feel less external pressure, take security more personally
Security professionals are feeling less pressure from management, less pressure to approve IT projects early, and are less worried about emerging technologies, according to a report released this morning. But they are also putting more pressures on themselves.
Tech workers are routinely pressured to roll out products that aren’t secure, report says
The majority of tech professionals are pressured to roll out projects before they’ve undergone necessary security audits and hardening, according to a new security pressures survey from the security firm Trustwave.
The Evolving Role of the Managed Security Service Providers
This issue includes: Identity and access management strategy: Time to modernize? Strong authentication methods: Are you behind the curve? Start redrawing your identity and access management roadmap
How to respond to device and software backdoors inserted or left by Vendors
It’s bad enough when black hat hackers insert malicious backdoors into systems and software after vendors/makers have sold these into the marketplace. It is another matter when the vendors who create these devices and programs unwittingly or purposely leave backdoors inside their products.
Shut The Backdoor! More IoT Cybersecurity Problems
We all know that what we mean by hacker around here and what the world at large thinks of as a hacker are often two different things. But as our systems get more and more connected to each other and the public Internet, you can’t afford to ignore the other hackers — the black-hats and the criminals. Even if you think your data isn’t valuable, sometimes your computing resources are, as evidenced by the recent attack launched from unprotected cameras connected to the Internet.
Chinese IoT devices containing a hidden backdoor – Trustwave
The built-in backdoor discovered by Trustwave in IoT devices enables access by the manufacturer and leaves the devices open to exploitation by others, which despite Trustwave following the responsible disclosure process, has repeatedly been left exposed by the vendor.
We found a hidden backdoor in Chinese Internet of Things devices – researchers
IoT devices from a Chinese vendor contain a weird backdoor that the vendor is refusing to fix, we're told. The vulnerability was discovered in almost all devices produced by VoIP specialist dbltek, and appears to have been purposely built in as a debugging aid, according to researchers at TrustWave. The infosec biz says that it followed a responsible disclosure process, but claims the manufacturer responded only with modifications to its firmware that leave access open
The rise of the chief digital officer and six other takeaways from RSA 2017
The cybersecurity industry wrestles with why the Internet isn’t safer after $75 billion in annual spending and how to handle ransomware at one of its marquee annual events.
I-Team Investigation on Phishing (features Trustwave's Shawn Kanady)
Millions use Amazon to shop, and many are used to receiving emails from the company. But the ABC 7 I-Team investigated emails that look like they could be from Amazon but are not.
Trustwave introduces proactive threat hunting service
Trustwave announced at RSA Conference 2017 new and enhanced managed security and professional services designed to help short-circuit an attacker’s activities by detecting cybersecurity threats much earlier and shutting them down before real damage is done.
Disclosure floodgates set to open as Australian breach notification passes Parliament after years of waiting
It took years of discussion and several revisions, but experts believe the long-awaited passage of Australia’s breach notification legislation will kick off a new era of transparency that will rapidly improve understanding of the country’s real cybersecurity threat climate. The enabling legislation – contained within the Privacy Amendment (Notifiable Data Breaches) Bill 2016 – passed both houses of Parliament after a series of readings since it was first formally introduced to Parliament last October. But the process of authoring, revising and discussing the legislation stretches back several years, with one security executive after another warning that continued inaction was hobbling Australia’s ability to improve its overall cybersecurity posture.
Incident Response and the role of Penetration Testing
Rapid7 and Trustwave in their articles will explain how crucial the connection between Incident Response and Penetration Testing is, while Kroll will show you practical examples of attack response. We hope you will enjoy these contributions , prepared for you by world-wide corporations.
He’s a super-sleuth on your side at Trustwave’s SpiderLabs
Trustwave does everything I can think of for security. The team that I’m a part of is the incident response team, and we’re within a bigger team called SpiderLabs. I tell my kids, “I work at SpiderLabs and I fight cybercrime, the bad guys.” And they absolutely love it.
Your Netgear router may expose your password if you don't update its firmware
The security of internet infrastructure devices like routers and wireless access points, along with all kinds of devices that connect through them, has been of particular concern lately. Recent distributed denial of service (DDoS) attacks have originated in Internet of Things (IoT) devices, for example, and a slowdown in such issues doesn’t seem imminent.
Easy-to-exploit authentication bypass flaw puts Netgear routers at risk
For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done. The vulnerability was discovered by Simon Kenin, a security researcher at Trustwave, and stems from a faulty password recovery implementation in the firmware of many Netgear routers. It is a variation of an older vulnerability that has been publicly known since 2014, but this new version is actually easier to exploit.
Dozens of Netgear products vulnerable to authentication bypass flaws
Simon Kenin, a security researcher at Trustwave, was – by his own admission – being lazy the day he discovered an authentication vulnerability in his Netgear router. Instead of getting up out of bed to address a connection problem, he started fuzzing the web interface and discovered a serious issue. Kenin had hit upon unauth.cgi, code that was previously tied to two different exploits in 2014 for unauthenticated password disclosure flaws.
Compliance Failures, Breaches Top ‘Fireable’ IT Issues: Survey
The Trump administration’s proposed clampdown on foreign-worker visas is expected to boost demand for tech professionals at home, as The Wall Street Journal reported this week.
Businesses hobbled by deficiencies in security resourcing as IoT-driven DDoS volumes surge
Distributed denial of service (DDoS) attacks are increasingly being used to distract businesses and insecure Internet of Things (IoT) devices became the favoured mechanism for launching the attacks during 2016, according to a new analysis of the past year’s DDoS attack trends.
Trustwave: Russian Cybercrime Group Targets Hospitality Industry
According to Trustwave, a well-known Russian cybercrime group called Carbanak has been targeting the hospitality and retail industry in Europe and North America. The group is said to be specifically targeting internal corporate secrets and payment card data.
Addressing the IT Security Skills Gap
Today's cyber-threats present challenges for even the most tech-savvy IT executives in the most tech-savvy organizations. It's not news that the volume and velocity of threats continue to grow. At the center of the problem? Recruiting and retaining the security talent necessary to mitigate and minimize cyber-risks.
Trustwave Report Shows Enterprises Can't Hire Enough Security Staff
While security challenges often seem limitless, the resources that organizations have on hand to combat them are not. Security firm Trustwave issued a new report on Jan. 18 looking at the state of IT resources and staffing challenges titled, "Money, Minds and the Masses."
Carbanak gang using Google services for command and control
The infamous Carbanak gang may have been using Google cloud services as command and control infrastructure for malware embedded in malicious Office documents.
The Changing Face of Carbanak
Months of ramped up Carbanak activity that includes a new host of targets and new command and control strategy has reinvigorated attention on a criminal outfit that may have at one time stolen up to $1 billion from banks worldwide.
Canadian enterprise among victims of macro-based malware attacks
A major Canadian corporation is among those in the hospitality industry in several countries whose financial activities have been compromised by a Microsoft Word-based macro attack that appears to be orchestrated by criminal groups working together, according to a security vendor. Read more: http://www.itworldcanada.com/article/canadian-enterprise-among-victims-of-macro-based-malware-attack/390012#ixzz4XGPqmvAg or visit http://www.itworldcanada.com for more Canadian IT News
Beeeellion-dollar' mastercrooks in hotel, restaurant blitzkrieg
The Carbanak cyber criminal gang is abusing Google’s infrastructure as a conduit for botnet control. The gang became notorious when it was blamed for the theft of one billion dollars from more than 100 banks across 30 countries back in 2015. Fast-forward two years and Carbanak is now infecting users via a script that will send and receive commands to and from Google Apps and Google Forms services.
Carbanak gang using Google for malware command and control
The Carbanak cybergang has been spotted using Google for its malware command-and-control channel. Forcepoint Security Labs researchers said the group is hiding in plain site by is using Google as an independent command and control channel since Google is likely to be more successful than using newly created domains or domains with no reputation.
How to get fired in 2017: Have a security breach
There are many reasons why IT professionals can be fired, but six out of the top nine are related to security, said a survey released this morning. For example, having a tech investment that leads to a security breach was considered a fireable offense by 39 percent of organizations, according to Osterman Research, which conducted the survey.
Money Launderers Meet Their Match
As Deep Throat said to Woodward and Bernstein, “follow the money,” and you will see who is doing what, when, how and maybe even why. In the old days, that was walking on foot to the laundromats that were literally and figuratively serving as fronts to launder money obtained from illicit activities. In a digital world, it’s not that easy. “Laundromats” can take any digital form, and following the money is a web of digital phony storefronts — and more — that engage in transaction laundering activities.
Transaction laundering attracts more scrutiny as fraudsters dodge PCI
Fraudsters, aware of the scope of the Payment Card Industry data security standards, increasingly deploy fraud methods that fall outside of PCI safety.
Security gaps going undetected, untested because IT staff can’t think like cybercriminals
Recent findings that Australian businesses are failing to test their IT security adequately – or even at all, in some cases – highlight a major business risk that is being exacerbated by the inability of many IT practitioners to think like outside intruders, a security expert has warned.
Skype for Mac Backdoor Allowed Access to Calls, Messages for Years
Microsoft quietly patched the Mac OS X client for Skype in October, closing a backdoor that could have existed for as long as a decade and would have allowed attackers to control many aspects of the software, security-services firm Trustwave said on Dec. 14.
MSSPs taking on global demand
Managed security services demand is an opportunity being examined in the U.S., but it seems the opportunity for channel partners offering these services has reached a global scale.
Trustwave: One in seven Australian businesses do not test for security vulnerabilities
A report by US-based security firm Trustwave has found that one in seven Australian businesses are failing to conduct frequent security testing despite believing that it is critical in securing their systems and data.
Delete data or push it to the cloud, PCI DSS assessor advises as standard’s minimalist data ethos resonates
It may have started as a guideline for protection of credit-card information, but the payment card industry’s PCI DSS (Payment Card Industry Data Security Standard) is rapidly gaining a following across other industries as a more general framework for data security.
Call centre agents warned about the malicious email attachments from potential customers
Contact centre agents should be warned about allowing alleged customers sending them email with attachments after a security vendor discovered a new wave of attacks against three customers including North American hospitality companies, attacks similar to ones from the Eastern European based Carbanak crime group.
This malware attack starts with a fake customer-service phone call
Hotel and restaurant chains, beware. A notorious cybercriminal gang is tricking businesses into installing malware by calling their customer services representatives and convincing them to open malicious email attachments.
Carbanak Attacks Shift to Hospitality Sector
The Carbanak cybercrime gang, best known for allegedly stealing $1 billion from financial institutions worldwide, have shifted strategy and are targeting the hospitality and restaurant industries with new techniques and malware.
Singtel opens Tokyo cybersecurity center, partners TIS
Singapore Telecommunications is tapping into Japan's underserved cybersecurity market through a tie-up with Japanese system integration company TIS.
CRN Exclusive: Trustwave Nabs F5’s Channel Leader To Mount Partner Offensive In Security
Trustwave is embarking on a new commitment to the channel with the hiring of channel veteran Jim Ritchings, tasked with driving indirect sales and revamping partner programs around security services.
A Proactive Approach to Vulnerability Management: 3 Steps
Having the tools to detect a breach is important, but what if you could prevent the attack from happening in the first place?
Adapting to The Ever-Changing Threat Landscape
Every security professional remembers the day they realized their job is not simply applying patches...
Trustwave offer no malware guarantee
Security vendor Trustwave has just announced a cloud-based secure web gateway service with a zero malware guarantee.
Emversary: EMV’s Impact On Card-Not-Present Commerce One Year Later
On October 1, 2015, Visa and Mastercard changed the liability rules in the United States for fraudulent credit card purchases at card-present locations as an incentive for issuers and merchants to issue and accept EMV/chip-enabled cards.
Canada Revenue Warning Scam Uses .MSG Attachment
Everyone loves to hate the Canada Revenue Agency. Unfortunately, criminals apparently love the tax man — they keep finding ways of leveraging Canadians’ fear of the agency to lure them into malware.
APAC: A hotbed of cybercrime
Technology overall is lagging behind - this can be positive as it allows specific countries to jump past the “legacy” phase of dated technology - but it can also be negative as it means that some issues are still waiting to happen.
Managed Security Services: The Next Opportunity
Security is undoubtedly top of mind for customers, in both the public and private sectors, as breaches continue to make headlines.
Chip-card rollout a year later: Slow and, mostly, sure
The rollout of smart-chip cards and chip reader in-store payment terminals in the U.S. hasn't been easy -- to put it mildly.
Trustwave Unveils Federated Global Security Operations
Global Network of Federated, Advanced Security Operations Centers powered by Trustwave Ushers in the Next Generation of Cybersecurity Protection
A Hacker’s Eye View: Targeted Attacks – Part One
The risk of a cyber-attack has become an unfortunate fact of life in today’s digital world.
Report: 20% of businesses do not test regularly for data breach vulnerability
Despite the reputation-damaging headlines that appear after a data breach, and even as companies themselves acknowledge the significance of network security preparedness, 20 percent of businesses have gone at least six months without any testing for security vulnerabilities, according to a new report.
Top trends in security testing and vulnerability management
Many businesses fail to conduct frequent security testing despite believing that it’s critically important to securing their systems and data.
Fraudster's Best Friend: Businesses That Ignore Security Testing
Even with advanced technology, fraudsters need a lot of help to get their hands on secure payment or personal data.
One in five companies fail to test for security vulnerabilities
Many businesses don't carry out frequent security testing despite believing that it's critically important to securing their systems and data, according to a new survey.
Profile: Most Powerful Women – Chua Sock Koong
In a decade at the helm, Chua has grown Singtel into Southeast Asia’s largest telecommunications company, boasting $51 billion in market capitalization, and earnings of $2.8 billion last year—70% of which came from overseas operations.
7 Chicago tech companies you could land your dream job at this month
Chicago's tech scene is positively booming — but by now, you've probably already heard that. If you're looking to get in on the action, there are so many innovative companies out there that it can be hard to know where to even begin the job search.
No honour among thieves: Sundown EK stealing exploits
Trustwave researchers have looked at the new version of Sundown exploit kit, finding it to be riddled with other people's exploits
Sundown Exploit Kit Outsources Coding Work
Sundown, a relatively new exploit kit (EK), is outsourcing panel and Domain Generation Algorithm (DGA) coding work and stealing exploits in an attempt to improve its presence on the EK scene.
POS breaches a reminder to toughen defences
Retailer Eddie Bauer's recent warning to Canadian and U.S. customers of breach shows POS malware is only increasing.
What to look for in endpoint detection and response tools and services
It’s become necessary to take a broader and more proactive approach to protect the endpoint.
Data Security—What You Don’t Know Can Hurt You
In today’s ever expanding IT ecosystem, how do you know whether your data is really secure? It’s a critical question.
Zero-days: Why These Security Flaws are so Dangerous and Expensive
Hackers hunt for them and governments around the world use them to carry out spy operations. What are zero-days and why are they increasingly valuable?
Nginx web server upgrade focuses on web security, JS configuration
Nginx Plus Release 10 adds a web app firewall, IP transparency, and support for the nginScript configuration and control language
Industrial monolith sold hackable thermostats, says expert
Trane's Comfortlink XL850 thermostat was vulnerable to hacking, making it possible for burglars to access customers' private data. A patch has been released.
Exploit Kits: Infiltrating the Ad Industry with Traditional Tactics
Exploit Kits: Infiltrating the Ad Industry with Traditional Tactics Exploit kits are increasingly using the evil twin of an advertisement, a malvertisement, as a gateway to a web browser.
Security still not tough enough in IoT
Vulnerabilities found in a home smart thermostat underline that security in IoT devices has yet to mature.
Researcher Warns of Holes In Smart Thermostats
A researcher from the firm Trustwave warns that Trane ComfortLink smart thermostats suffer from a string of security woes, including hard coded administrator
How to protect your financial apps from getting hacked
Hackers are making a fortune stealing customer info on financial apps. It's time to monitor your transactions and change your passwords.
Managed security services veteran Schueler joins Trustwave from IBM to run global security operations
Trustwave has appointed Chris Schueler as senior vice president of Managed Security Services.Schueler will be responsible for Trustwave Managed Security Services, the global network of Trustwave Advanced Security Operations Centers and Trustwave SpiderLabs incident response.
Cybersecurity firm moving to Waterloo, hiring 30 new employees
A cybersecurity company is moving its Canadian operations from Cambridge to Waterloo, and making space for dozens of new employees as it does so.
Cybersecurity firm Trustwave expands in Waterloo
Data security firm Trustwave has expanded its Canadian headquarters in Waterloo Region.
Scout tech competitions for new talent
If you are young and love to hack, there are opportunities abounding for you to showcase your talents. This fall the ITA Tech Challenge, a programming and coding skills competition for students at targeted Midwest universities, hosts its 7th annual competition.
Unwitting Accomplices: Employees and vendors—not hackers—pose greatest data breach threat - Utah Business
Often, the phrase “data breach” conjures up images of code-cracking hackers in far-flung locations. In fact, many data breaches are the result of activities much closer to home
These 10 Companies Are the Top Cybersecurity Startup Acquirers
Top cybersecurity startup acquiring companies include Cisco, Symantec, Microsoft, IBM and EMC, per Matt Suiche, citing Crunchbase data.
Talent shortage greatest weakness in cybersecurity battle
More than a million jobs in the cybersecurity industry are vacant around the world, according to labor statistics cited in a 2016 report funded by Trustwave, one of the largest cybersecurity firms with over 3 million clients in 96 countries.
7 Steps to Combat the Cybersecurity Skills Shortage
The cybersecurity industry is facing a major shortage of expertise, with industry estimates suggesting that more than one million unfilled security jobs exist worldwide.
MSSPs challenged to stay on the cutting edge
Both technology and services play a role as MSSPs aim to stay ahead of mainstream trends
Making Sense of Today's Cyber-Threat Landscape
Coping with Malware-as-a-Service and other emerging security challenges has become a huge problem. Here's a look at some of the latest cyber-security trends.
10 cutting-edge tools that take endpoint security to a new level
The 10 products we tested in this review go beyond proactive monitoring and endpoint protection and look more closely at threats. They evaluate these threats in a larger ecosystem, combining the best aspects from network intrusion detection and examining the individual process level on each computer.
Business Email Compromise Gets a New Twist
No longer are business email compromise scams just about getting organizations to send money; now some such attacks are sending fraudulent CEO emails to deliver malware payloads.
Lenovo patches two high severity flaws in PC support tool
Lenovo has fixed two high severity vulnerabilities in its Lenovo Solution Center support tool that is preinstalled on many laptop and desktop PCs.
Has ransomware become the Chicken Little of the security industry?
That ransomware is a problem cannot be doubted. Whether the current level of media coverage, fuelled by vendor press releases, is doing more harm than good is more open to debate..
Windows zero day devalued as supply and demand takes hold, experts speculate
Market forces are beginning to have an effect on zero days, evidenced by a new drop in the price of a significant zero-day.
NFL is latest in string of high-profile hacks
Hackers say they were able to post fake death news on commissioner Roger Goodell by obtaining an NFL employee's Twitter password
Trustwave And CounterTack Team To Reduce Impact Of Data Breaches
Trustwave and CounterTack recently announced a new alliance to help businesses minimize the impact of data security breaches by speeding incident...
20 Chicago tech companies that have been around for over 20 years
Part of the secret sauce behind current-day Chicago's success as a tech ecosystem is its long history of fostering innovative tech companies backed by solid business fundamentals. In fact, many of Chicago's biggest tech companies are over 20 years old.
$90,000 zero-day exploit for sale: It could potentially impact all Windows OS versions
A zero-day being sold on the Russian cybercriminal underground "could affect almost all Windows machines on the planet." If the local privilege escalation (LPE) vulnerability truly does exist in all versions of Microsoft Windows, from Windows 2000 up to Windows 10, then it could potentially impact "over 1.5 billion Windows users."
Got $90,000? A Windows 0-Day Could Be Yours
How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows?
Massive Locky Campaign Powered by JavaScript Attachments
Researchers have seen a spike in the number of malicious spam emails using attached JavaScript (.js) files to distribute malware such as the infamous Locky ransomware.
How Cybercrime Startups Are Adopting Mainstream Tech Business Practices
Cybercrime is one of the most talked-about and least understood topics in the news today, but the truth is that cybercrime operates much like any legitimate business. There are integrated marketing campaigns, risk and cost analysis, R&D, even Black Friday deals--all of the things you would normally associate with any company trying to win over customers.
What are hackers up to these days?
The short answer: They’re targeting sites in North America, where they’re planting malware in ad networks and launching dating site spam.
The great computer stick-up
Why ransomware is now the biggest online threat of all.
Before fighting a cyber attack, you have to find it first - How to tell if a data breach has hit your business
Data breaches are inevitable, companies large and small are getting attacked, and those same companies under attack are failing to detect and deal with numerous threats. This paints a worrying picture of today's data landscape.
IT Security Pros Fear Brand Damage and Job Loss
Trustwave found that the pressure on practitioners is growing, a cyber-security skills gap is becoming worse, and assembling the right strategy and collection of solutions is more difficult than ever. Consequently, the things security professionals most fear as a result of a breach are damage to the company's reputation and finances, and losing their job.
PCI DSS version 3.2 release extends multifactor authentication requirement
The PCI Data Security Standard version 3.2 not only includes new requirements to safeguard payment data, including multifactor authentication, but also “advocates that organizations focus on people, process and policy, with technology playing an important role in reducing the overall cardholder data footprint.”
Vast majority of tested applications have at least one vulnerability: cyber security report
Cyber criminals are increasingly making use of malware-as-a-service, an issue of concern given that 97% of applications tested by Trustwave in 2015 had at least one vulnerability, note findings from the 2016 Trustwave Global Security Report.
Cyber crime now taking a business approach
Cyber crime is an increasingly serious business and a new report released by Trustwave looks at the top trends from the past year based on real-world data from data breach investigations.
What you need to know about cybercrime in 2016
Contrary to popular belief, cybercriminals are not all solo-operating, pizza-eating basement dwellers. Cybercrime is a global business with sky-high margins, and many of the most popular tools used by cybercriminals are developed by professional (though shady) software and services companies competing for market share.
Corporate, Internal Network Breaches on the Rise: Trustwave
Data breaches affecting corporate and internal networks increased considerably in 2015 compared to the previous year, according to the 2016 Global Security Report published by Trustwave on Tuesday.
Hackers turn to corporate attacks as spam's payoff diminishes
Cybercrime continues to be a moneymaker, but whom hackers target — and how — is changing, according to a report on trends in cybersecurity released Tuesday by Chicago-based firm Trustwave.
Cybersecurity Firm Finds That Companies Are Getting Better at Detecting Breaches
Data about cybercrime appears to grow worse and the warnings more apocalyptic. Yet the Trustwave Global Security Report, released Tuesday, offers some small nuggets of hope.
That USB drive you found has more than just spring break photos
Karl Sigler is threat intelligence manager at Chicago-based cybersecurity company Trustwave. Sigler said the team tests the USB attack frequently — they drop USBs in the parking lot, the bathroom, the lobby — and it’s almost guaranteed that someone will plug them in.
Hyped-up Badlock flaw isn't critical, but serious enough
Badlock's details do not impress the security community, but users should still deploy the patches in a timely manner.
Microsoft Patch Tuesday settles a lot of concerns, including blockbuster Badlock
Badlock was announced with much fanfare on 22 March with a dedicated domain and webpage, a cool icon and a codename, but there were no details about the nature of the bug.
Badlock flaw is patched, but failed to live up to the security hype
Collectively, the so-called "Badlock" vulnerability, would allow an attacker to listen in on traffic, trigger a session downgrade, and hijack a session. Simply put, an attacker may be able to reveal user passwords and other sensitive information on an affected server.
Badlock Flaw Disclosed as Microsoft Issues 13 Security Advisories
Badlock is actually a series of vulnerabilities, including CVE-2016-2118 in Samba and CVE-2016-0128 on Windows. The vulnerabilities could potentially enable man-in-the middle (MITM) as well as denial-of-service (DoS) attacks against vulnerable Windows or Samba users.
That ‘Badlock’ Bug Is More Hype Than Hurt
“I can’t say that this vulnerability rises to any level that deserves the focus that a dedicated website and three weeks of buildup have given Badlock,” Karl Sigler wrote on Trustwave’s web site.
Even digital data needs a CSI team to fight hackers: Trustwave’s tips to handle data breaches
The pressure is on for IT departments to secure businesses’ digital assets, but the enterprise seems to have trouble keeping up. The 2016 Security Pressures Report from Trustwave shows how to tackle the various factors affecting security challenges.
Locky Variant Changes C2 Communication, Found in Nuclear EK
Security experts warn companies need to brace for new harder-to-detect and more determined variants of the Locky ransomware spotted recently in the wild. The news comes just as reported Locky ransomware attacks have waned in recent weeks.
Beyond Technology: Managing the Blind Spots of Database Security
The sheer quantity of digital information available today makes storing, organizing and analyzing data extremely difficult. The issue is compounded by the fact that databases and big data stores are a prime target for hackers due to the amount of sensitive information residing within.
Anonymous Hacker Goes Straight: Why Ex-Cybercriminals Have Become Hot Commodities In The Security World
Lawrence Munro weighs in on the perils of hiring ex-hackers, after a notorious former member of LulzSec becomes a legitimate security advisor.
Zen Cart admins: Don't skip version 1.5.5
If you missed the March 17-issued patch for shopping cart application Zen Cart, get busy, because among other things it fixed serious cross-site scripting (XSS) vulnerabilities. Trustwave, which turned up the bug last September, made it public last Friday.
Health Care Facilities Targeted in a Wave of Ransomware Attacks
Most of us are familiar with ransomware, at least in theory, if not from personal experience, but other than complaints of paying for data held hostage, we haven’t seen how damaging ransomware can be.
Online shopping cart Zen Cart patches critical XSS flaws
In a blog post on Friday, Trustwave researchers from the SpiderLabs Research team said the company discovered multiple XSS-based vulnerabilities in the application and have been working with Zen Cart since September 2015 to fix a swath of bugs.
How to protect your hospitality business from cyber crime
Oliver Pinson-Roxburgh, systems engineering manager for EMEA at Trustwave, looks at some of the steps hospitality business owners can take to protect their hotels, restaurants and pubs from the increasing risk of cyber crime.
Researchers spot multiple XSS vulnerabilities in Zen Cart
Trustwave researchers spotted multiple cross-site scripting (XSS) vulnerabilities in the admin section of the online store management platform Zen Cart. If exploited a malicious person could use the vulnerability to insert custom JavaScript into a web session that could allow the attacker to impersonate the admin and have full access to the site.
Zen Cart Patches Multiple XSS Vulnerabilities
Zen Cart on Friday released an updated version of the popular online open source shopping cart application to address multiple Cross-Site Scripting (XSS) vulnerabilities. The security issues were discovered by Trustwave and are said to affect Zen Cart 1.5.4 and potentially prior versions.
Hackers use websites you visit daily to attack you - here's how to protect yourself
It's generally accepted that hackers are smart and sneaky, but we got another big reminder last weekend when several major sites, including the New York Times, BBC, MSN, Answers.com, AOL.com and thousands of other sites were used to serve malicious ads.
STEM mentors put students on path to careers in security
Brian Hussey, global director of incident response and computer forensics at Trustwave, is a volunteer mentor with LifeJourney, which helps students test drive careers in cybersecurity.
Malvertising campaign strikes top websites worldwide
Malvertising is the use of malicious adverts to spread malware. Many Internet domains rely on adverts supplied by third-party ad networks in order to generate enough revenue to stay afloat, and unfortunately, sometimes fraudulent and fake adverts slip through the net.
BBC, MSN hit by malicious ad attack
Analysis by Trustwave researchers suggested the attack managed to put ads on so many sites because the perpetrators behind it gained ownership of a web domain that used to supply legitimate adverts.
Big-name sites hit by rash of malicious ads spreading crypto ransomware
Mainstream websites are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.
Top websites affected by Angler exploit kit malvertising, security vendors say
Security vendor Trustwave detected a large malvertising campaign involving the Angler exploit kit, a software package that probes a computer for software vulnerabilities in order to deliver malware.
Trustwave identifies whopping big new Angler campaign
Trustwave says it has discovered an advertising campaign that has succeeded in putting ads that redirect to the Angler exploit kit on to “very popular websites” around the world.
Ransomware infections are surging as 'Locky' evolves into an effective cyberweapon
Over the past 30 days, Trustwave experts said they recorded concentrated bursts of ransomware activity and at one point a peak of 200,000 emails hit their servers in a single hour.
Dridex Botnet Spreading Locky Ransomware Via JavaScript Attachments
The Dridex botnet operators have recently changed the delivery mechanism in their spam campaigns, as well as the payload, to deliver the Locky ransomware, researchers at Trustwave warn.
Locky Ransomware Spreading in Massive Spam Attack
Researchers are tracking a massive spam campaign pelting inboxes with Locky ransomware downloaders in the form of JavaScript attachments. The huge spike, reported by security firm Trustwave, represents an extraordinary uptick in the attempted distribution of the Locky ransomware.
Spike in ransomware spam prompts warnings
Trustwave reported that a version of Locky produced two weeks ago is now the second most prevalent form of ransomware it sees. The US, France and Japan were the top targets for the gang behind Locky, statistics suggested.
Locky ransomware activity ticks up
Locky, a new family of ransomware that emerged in the last few weeks, has quickly made a mark for itself. Trustwave said on Wednesday that 18 percent of 4 million spam messages it collected in the last week were ransomware-related, including many linked to Locky.
Cloud security becomes a boardroom issue
Business decisions are driving the adoption of cloud computing. Often, however, decisions to move to the cloud are made without considering the security risks associated with it, and information security teams are bypassed.
Microsoft patches remote code execution flaws in Windows, IE, Edge, Office
Researchers from Trustwave pointed out an exploit during the regular Patch Tuesday blog, which would allow attackers to execute code with kernel privileges by inserting a specially crafted USB device into the target computer.
Cybersecurity services: MSPs look to expand portfolios
MSPs are pushing beyond traditional services such as patch and firewall management as they look to stand out from other companies offering managed IT security services.
Slideshow: 8 things keeping security professionals up at night
As the need for enterprise data and technology grows, it only widens the skills gap for security professionals. That means, security professionals are feeling the pressure to get more done with less.
How easy is it to hack a home network?
My home is under attack. The attackers are Dan Turner and Kyprianos Vasilopoulos from security firm Trustwave who test network security for a living.
Slideshow: Why Security Pros Are Always Under Pressure
A shortage of security expertise is now the third biggest pressure security professionals face, up from eighth last year, according to a new report. Advanced security threats and the adoption of emerging technologies are the two concerns ahead of the shrinking pool of security experts.
Extendoffice was dropping malware on thousands of users
Extendoffice.com has fixed a security hole in its site that was redirecting thousands of users to the Angler exploit kit which was dropping TeslaCrypt ransomware.
Ransomware takes millions, baffles law enforcement
On Wednesday, a California hospital announced that it had paid hackers a ransom in bitcoin — an anonymous digital currency — to regain access to their locked systems. For almost a week, the hospital was thrown into the dark ages, relying on paper charts and fax machines to care for its patients.
Los Angeles hospital attack concerns cybersecurity experts
Cybersecurity experts worry that the $17,000 a Los Angeles hospital paid hackers to regain control of its computers could signal a troubling escalation of the growing "ransomware" threat.
Hollywood hospital pays hackers $17,000 ransom to restore computers
Hospital staff noticed on Feb. 5 that they couldn’t share communications electronically. Using an attack called ransomware, attackers locked down that system to make it unusable and demanded 40 bitcoins, equivalent to about $17,000, to bring it back.
Trustwave: MSP Security Experts More Valuable Than Ever
The number of IT professionals who already utilize or plan to utilize a managed service provider for their security needs has risen over the past year due to mounting pressure to secure enterprise assets and a general lack of in-house security expertise.
Study: IT staff pressured to buy useless cybersecurity products
A new study looking at the various pressures on IT security professionals has found that many are on the rise, especially those related to dealing with the board and with having enough skilled employees.
New Trustwave report finds Infosec staff are seriously stressed
The report, based on a survey of 1,414 in-house information security professionals, found that 63 percent of infosec professionals felt more under pressure in doing their jobs, and 65 percent said that it would get worse in the year ahead, up 9 and 8 percent respectively compared to last year.
Can IT security pros handle pressure?
IT security professionals are feeling the pressure from the explosion in cyberthreats, static security budgets, shortage of security expertise, and fear of losing their jobs in the aftermath of a breach.
Report: Pros urged to roll out IT projects before they are security-ready
The Security Pressures Report from Trustwave, now in its third year, explored the professional and personal pressures faced by cybersecurity professionals in the U.S., Canada, U.K., Australia, and Singapore (Professionals in Australia and Singapore were added to the survey this year).
New Anti-Analysis Feature Added to Neutrino EK
The developers of the Neutrino exploit kit have added a new feature designed to reduce exposure to automated scans and security researchers’ analysis attempts. Researchers at Trustwave discovered the new feature after observing a drop in Neutrino exploit kit instances in their lab environment.
The Neutrino exploit kit has a new way to detect security researchers
Trustwave's SpiderLabs division found computers they were using for research couldn't make a connection with servers that delivered the Neutrino exploit kit.
Hackers try to con the wrong mom. Knitting circle not the same
Jonathan Yarema's mom likes knitting -- not computers. But she figured out something was wrong with a shopping website she visited because her son warned her to look for the padlock icon in the upper-left corner of the website.
IoT security is the least of manufacturers’ worries: Here’s what they should do
As more things connect to the Internet, it seems security is taking a back seat to cost for manufacturers. Manufacturers do not want to shoulder the cost of putting security implements in their products to keep production cost low, thus resulting in unsecured devices.
CTOs to know: Larry Podmolik on Trustwave, cybersecurity, and software developers in Chicago
Trustwave’s CTO Larry Podmolik, whose tenure at the cybersecurity giant began over eight years ago, leads a rockstar tech team who have built products and services that millions of businesses the world over depend on to secure their information and assets.
Companies look beyond firewalls in cyber battle with hackers
With firewalls no longer seen as enough of a defense against security breaches, companies are looking at new tools to foil hackers trying to enter a computer network.
Security awareness: Training moms and end users to spot a scam
Char Yarema is of the generation of parents who did not grow up using technology, so her son, Jonathan Yarema, security consultant at Trustwave, has impressed upon her the importance of using caution and patience when surfing the web.
The 10 most in-demand Chicago jobs in 2016
Demand is up for these 10 professions, which land at the top of the Bureau of Labor Statistics' ranking for growth over the next decade. The hottest industries, no surprise, are health care and tech.
PCI DSS Moving Security Ahead in 2016
The Payment Card Industry Data Security Standard (PCI DSS) is one of the key components of security compliance, and it's set to improve in 2016. Among the areas of PCI DSS focus for the new year will be improved guidance on how organizations can comply with requirement for continuous monitoring and logging.
Rogers Pitches Cybersecurity Offering
Pursuing a new business services growth opportunity, Canada’s Rogers Communications introduced a cybersecurity offering in partnership with Trustwave.
Budgets prompt data center vs colocation discussion
Data center costs shouldn’t factor into your budget the same way it did last year, when outsourcing certain functions could add savings and security.
Rogers Launches Suite of Cybersecurity Solutions to Protect Canadian Businesses
Canadian businesses can take two months to detect a breach due to a lack of tools and resources, according to the 2015 Trustwave Global Security Report.