With Trustwave’s DbProtect, threat monitoring and advanced user rights review will lift the burden on USPTO security teams to prioritize issues with on-premises and cloud databases.
Trustwave Media Coverage chronicles news articles and TV spots featuring commentary and insights from our experienced experts and enlightening studies.
The United States Patent and Trademark Office (USPTO) has awarded an expanded database security contract to the government solutions division of Trustwave, a Top 250 MSSP.
Cybersecurity companies Trustwave and Trellix say they want to help end users simplify their systems in the face of a complicated threat environment.
Trustwave security researcher Jeannette Dickens-Hale reflects on the ongoing cyber war and what security leaders can learn from the past 12 months.
Trustwave Government Solutions (TGS), a managed detection and response (MDR) provider and subsidiary of Trustwave Holdings, has announced its status as a Palo Alto Networks Cortex XMDR Specialization partner.
Trustwave SpiderLabs discovered a data leakage vulnerability in a popular financial management application illustrates the danger of using application programming interfaces that are not watertight.
One area tipped for growth by analysts and vendors is managed detection and response – the challenge for partners is to keep on top of training and vendor relationships. Trustwave weighs in.
Trustwave, a Top 250 MSSP, has relaunched its Advanced Continual Threat Hunting platform to help organizations identify threats that evade many security tools.
Trustwave launches enhancements that allow for increased human-led threat hunting to uncover more behavior-based findings associated with specific threat actors.
Trustwave’s Kory Daniels shares the security measures that can help decrease an organization's attack surface, create accurate response automation and prevent compromise.
Trustwave SpiderLabs researchers highlight a new phishing campaign uses Facebook posts as part of its attack chain to trick users into giving away their account credentials and personally identifiable information (PII).
The coming new year is a good moment for chief information security officers to reflect upon what they've learned this year and how to apply this knowledge going forward – Trustwave’s Kory Daniels chimes in.
A report from Trustwave SpiderLabs found the number of BEC attacks that leverage the Short Message Service (SMS) instead of email has been steadily increasing.
Trustwave partners have a new global leader. Garrett Gee, previously with Lumen Technologies/CenturyLink and previously Level 3, is Trustwave’s new global vice president of indirect channels and alliances.
Trustwave’s Ziv Mador explains how Dark Web marketplaces sell a plethora of tools, stolen data, and forged documents, and why some of the things for sale are priced higher than the rest.
Trustwave’s Ed Williams shares proactive guidelines on how healthcare organisations can bolster their security infrastructure and increase cyber resilience.
Trustwave has announced its new Enterprise Pen Testing (EPT) offering, designed to meet the complex testing needs of large organisations with an extensive breadth and depth of vulnerability identification, ability to deliver scaled programs of work, and competitive pricing.
Trustwave has released an Enterprise Pen Testing (EPT) service to help organizations identify known and unknown threats. EPT customers can receive pentesting performed by onshore, nearshore and offshore pentesters. They also can work with a local technical account manager who ensures that customers can get the most value from their pentesting investments.
Researchers at Trustwave’s SpiderLabs discovered another flavor of “infringement” phishing scams. The latest case resides under the umbrella of Meta and this time the targets are Instagram users via another Meta property: WhatsApp.
Trustwave announced enhanced Co-Managed SOC capabilities designed to maximize the threat detection and response value of SIEM (Security Information and Event Management) deployments, avoid unnecessary costs, and reduce alert noise by up to 90 percent.
Trustwave launched a new version of its Co-Managed SOC (security operations center) designed to maximize threat detection within security information and event management (SIEM) deployments.
In recent spam campaigns observed by Trustwave, attackers distributed ZIP or ISO archives disguised as invoices. Both file types can be opened natively on Windows without the use of additional applications.
As attackers continue to target the healthcare sector, Trustwave SpiderLabs’ Ed Williams shares how the same level of preparation as medical emergencies is increasingly essential for cyber threats.
In an interview with TechStrong’s Mike Vizard, SpiderLabs Senior Security Research Manager Karl Sigler explains how penetration testing is being used for both good and bad.
Trustwave’s research and intelligence team SpiderLabs published research about bugs in Canon Medical's Virea View that could allow cyberattackers to access several sources of sensitive patient data.
Trustwave shares how organizations are falling short when it comes to skilled cybersecurity professionals; however, the reason may be less about the number of professionals in the industry and more about the number of professionals with the right level of skills and training.
Threat actors continuously scan the internet to gain the advantage of organizations with slow or outdated patching process. A new Trustwave report shares why having a proactive approach to identifying and patching vulnerabilities is incredibly important to having a good security posture.
A new Trustwave report shows that significantly more CVEs will be published this year, and that some organizations are still vulnerable from older, unpatched CVEs.
Trustwave customer Children’s National Hospital shares how it’s improving its security posture in the growing threat environment with Trustwave. Breaches, hacks, and ransomware attacks are not only incredibly costly — they are ultimately a public health threat because they can compromise hospitals and healthcare workers’ abilities to provide care.
A new report from Trustwave shows that Ukraine is fighting a battle with Russia in cyber space, as well as a physical war. Russia has been using 'cyber warfare' on Ukraine since the physical invasion started in late February.
A study from Trustwave looks at the many Russian state cyberweapons subsequently unleashed against Ukraine. There is one common factor: they are all targeted specifically at and within Ukraine.
Trustwave’s Cyber Advisory Practice Lead Darren Van Booven shares why OT security needs to be a primary concern and organizations must urgently re-evaluate their security strategy.
Trustwave's SpiderLabs, which keeps tabs on prices for various products and services on the Dark Web, describes VPN credentials as the most expensive records in underground forums. According to Trustwave, prices for VPN access can go as high as $5,000 — and even higher — depending on the kind of organization and access it provides.
Stolen credit card data, VPN access credentials and other confidential info can be bought for as little as $8 on dark corners of the web. That’s according to researchers at SpiderLabs, the hacking and investigation team of cybersecurity company Trustwave, who conducted an extensive study into what cybercriminals charge for stolen data on the dark web.
Over 3,000 emails had phishing URLs using IPFS during the last 90 days, indicating the growing popularity of IPFS for phishing sites, a study from Trustwave revealed.
The distributed, peer-to-peer (P2P) InterPlanetary File System (IPFS) has become a hotbed of phishing-site storage: Thousands of emails containing phishing URLs utilizing IPFS are showing up in corporate inboxes. According to a report from Trustwave SpiderLabs, the company found more than 3,000 of these emails within its customer telemetry in the last three months.
Trustwave CISO Kory Daniels shares the ways to be most effective at addressing the cybersecurity talent shortage by maximizing investments in talent, technologies, and services.
Trustwave’s research and intelligence team SpiderLabs published research on the most egregious network security flaws of the past decade - from 2011 to 2021.
Overview: With a backdrop of the number of security incidents and vulnerabilities increasing in volume and sophistication, Trustwave shares the top 10 network vulnerabilities in no particular order that defined the decade and “won’t be forgotten.”
A social-engineering campaign bent on stealing Facebook account credentials and victim phone numbers is targeting business pages via a savvy campaign that incorporates Facebook's Messenger chatbot feature.
A cyberattack has struck one of Iran’s major steel companies on Monday, forcing it to halt production, SecurityWeek reports. The attack struck the state-owned Khuzestan Steel Co. and two other major steel producers.
A new phishing attack is using Facebook Messenger chatbots to impersonate the company's support team and steal credentials used to manage Facebook pages.
A new Trustwave report details phishing techniques cybercriminals use to trick users into providing their credit card data through fake chatbots. The phishing email appears to originate from DHL, stating there was a package delivery problem.
Darren Van Booven, Lead Principal Consultant at Trustwave explains why the demand for operational technology security services demand has doubled since Colonial Pipeline as leaders call for security system audits and assessments, ransomware protection strategies, and detection and response capabilities for advanced threats, such as cybergangs.
Trustwave SpiderLabs encountered a phishing scheme that tricks victims into giving away their email credentials. The scheme acts like a chameleon by changing and blending its color based on its environment.
Karl Sigler, Senior Security Research Manager, Trustwave SpiderLabs, shares his insights on how threats like the hacker gang Laspsus$ could continue to pose a big risk to organizations.
Mark Trinidad, Senior Manager of Database Security at Trustwave, covers the steps to mitigating security risks in complex cloud environments and leads discussion on how are organizations shifting to more data-centric security approaches that protect valuable data no matter where it is.
Cybersecurity researches at Trustwave SpiderLabs discovered the spyware, which is concealed in Microsoft Compiled HTML Help (CHM) files to avoid detection in email spam campaigns
Cyber attackers are hiding malware in places you may not look. The new phishing attack, revealed by Trustwave SpiderLabs, is designed to plant Vidar infostealer on target machines. Trustwave reported that there was a notable uptick in this strategy dating back to 2019.
Researchers at Trustwave SpiderLabs discovered an email malware campaign that demonstrates the complexity attackers are introducing to the delivery mechanism in order to avoid detection. The new campaign delivers an old but frequently updated infostealer: Vidar
As President Biden and the White House warned of potential Russian cyberattacks on U.S. critical infrastructure, Bill Rucker, president of cybersecurity services firm Trustwave Government Solutions, says the alert from the White House is not surprising. “The data [from the White House] wasn’t very detailed, but obviously there’s a credible threat about preparatory activity that they’ve seen,” Rucker said.
In the wake of the Russia-Ukraine conflict, Chicago cybersecurity experts at Trustwave have raised awareness of phishing emails pretending to raise money for displaced people in Ukraine. Kory Daniels, Chief Information Security Officer at Trustwave, says “If you look at the maximum upside of damage, yeah, so it opens up a lot of different variables in terms of what they do. You know, leveraging this messaging of preying upon individuals' empathy and support of what we see for fundraising in Ukraine.”
New research by Trustwave SpiderLabs has uncovered a phishing attack that is able to adapt itself to the user's email service in order to trick them into revealing their login credentials
Following the BlackByte attack on the San Francisco 49ers, it was reported that data from the football organizations servers was stolen and almost 300MB worth of files were leaked. Trustwave created and released a free BlackByte decryptor that enables victims to restore their files after the ransomware gang used the same decryption/encryption key in multiple attacks.
When it comes to side-channel memory attacks, "these kinds of attacks are very uncommon," says Karl Sigler, manager of SpiderLabs Threat Intelligence at Trustwave. Sigler reports there haven’t been records of public exploitation of these types of vulnerabilities.
Russian government released thousands of IP addresses and domains behind a series of DDoS attacks aimed at Ukraine’s domestic infrastructure. Trustwave SpiderLabs researchers stated “lone-wolf and organized threats actors who possess the proper cyber skills may directly attack their nation's enemy or recruit others to join in a coordinated attack”
In a Dark Web Insights report from Trustwave SpiderLabs, Ukraine and Russia have been using different strategies to recruit hackers to work for them. Trustwave noted that people advocating for Russia have appeared to be lone operatives and those for Ukraine have utilized Facebook and other large social media platforms.
Stemming from Trustwave’s Dark Web Insights blog, security researchers at SpideLabs released findings on a pro-Russia entity (JokerDNR) that has been posting blogs to embarrass Ukrainian officials, claiming to dox government workers and military members.
Darren Van Booven, Lead Principal Consultant at Trustwave visited the Threatpost podcast with Lisa Vaas to talk about how the right cybersecurity awareness program should be conducted at the right pace by well-informed instructors.
Servers belonging to the San Francisco 49ers were hacked from BlackByte a few days after the FBI warned of critical infrastructure being compromised in the US. BlackByte’s early ransomware had a flaw the allowed Trustwave to release a free decryptor tool to recover data
As the BlackByte ransomware gang has made a comeback, three U.S. critical infrastructure sectors were targeted, according to the FBI. As the gang hit a rough patch, Trustwave helped BlackByte victims recover their files by releasing a free decryption tool.
Healthcare institutions are becoming the main vector of cybercriminal attacks as medical data is extremely attractive and intruders know very well how to cash them. Trustwave’s 2019 Trustwave Global Security Report reveals medical data may cost up to $250 per record on the black market, while stolen payment card data is sold for $5.40. The best place to defend attacks are from the most crowded areas such as employees of clinics or hospitals.
Reegun Jayapaul, Lead Threat Architect at Trustwave SpiderLabs, provides pertinent information and a threat hunting guide for the security community during the PwnKit vulnerability.
Luke Kenny, Lead Security Principal at Trustwave, covers the essence of data privacy and how it’s not solely based on day-to-day protection and compliance.
Trustwave SpiderLabs researcher Reegun Richard Jayapaul has discovered a new technique to completely bypass a security feature of Microsoft Outlook and deliver a malicious link to the recipient.
Microsoft has patched an Outlook vulnerability discovered by Trustwave SpiderLabs researcher Reegun Richard Jayapaul. The vulnerability and associated bypass allowed malicious emails to get through to Microsoft Outlook users.
Karl Sigler, Senior Security Research Manager, Trustwave, shares his insights on the widespread PwnKit vulnerability affecting Linux distributions.
Darren Van Booven, Lead Principal Consultant at Trustwave, discusses the proper security fundamentals and best practices for the manufacturing industry to take on during a time of heightened attacks.
Through Dark Web forums, Trustwave has uncovered conversation between cybercriminals reacting to the FSB arrests revealing that cybercriminals seem worried about being arrested, while those in Russia are concerned that their home country is no longer a safe haven.
According to analysis of chatter on Dark Web forums by cybersecurity researches at Trustwave SpiderLabs, the recent arrests, particularly those by Russia, appear to have scared cyber criminals, some of whom appear to be worried that they might be next.
Russia has taken down REvil ransomware members at the request of the United States government. Chatter on the forums that Trustwave monitored showed a level of apprehension from Russian threat actors about law enforcement in the country tracking them down.
Within the past year, Qakbot malware has made an aggressive return as Karl Sigler, Trustwave SpiderLabs senior security research manager points out, Qakbot is the Swiss Army Knife of financial malware. Trustwave SpiderLabs released a new decryption tool in efforts to aid financial services institutions and root out Qakbot Trojan.
As malicious USB drives are circulating from ransomware gangs, the FBI points fingers towards FIN7. Karl Sigler, Trustwave SpiderLabs senior security research manager, says ongoing security-awareness training “should include this type of attack and warn against connecting any strange device to your computer.”
As the threat landscape continues to evolve, the government is finalizing zero-trust adoption guidance adhering to the cybersecurity executive order to advance toward zero trust architecture. Bill Rucker, President of Trustwave Government Solutions, highlights the zero-trust journey and the need for strong database security.
Experts at Trustwave outline a data-centric security approach to reducing cloud misconfigurations and protecting organizations.
Ed Williams, EMEA Director of Trustwave SpiderLabs discusses the security implications in 2022 of the exponential increase in ransomware.
This time of year, CISOs want to have an understanding of what’s to come. Ziv Mador, vice-president of security research at Trustwave SpiderLabs, predicts “the advent and increasing frequency of attacks that use a ransomware-as-a-service (RaaS) offering indicate that such attacks will not slack off during the coming year.”
Trustwave GM of Pacific Jason Whyte outlines the top cybersecurity tips for keeping things safe at the office during Australia/New Zealand’s long holiday break.
As the saying goes, hope for the best and plan for the worst. In the aftermath of a ransomware attack, it’s easy to get caught up in the immediate challenge of getting the business beck on its feet. However, response plans need to include long term actions to mitigate the risk of a delayed or repeat attack.
Trustwave’s SpiderLabs shared commentary from cybercriminals that was collected from dark web forums. The communication revealed the criminals believe there are “secret negotiations on cybercrime between the Russian Federation and the United States.”
A vulnerability has been discovered in Log4j, an open-source Apache logging library. The threat from this vulnerability can enable attackers to access and control devices remotely. Karl Sigler, senior security research manager at Trustwave SpiderLabs explains, “Since this vulnerability is a component of dozens if not hundreds of software packages, it could be hiding anywhere in an organization’s network, especially enterprises with massive environments and systems.”
Researchers are warning that attackers are actively exploiting the newly publicized unauthenticated remote code execution vulnerability in Log4j, the Java-based logging tool from Apache. Karl Sigler, Senior Security Research Manager, Trustwave SpiderLabs comments: “Any java application using the affected log4j versions and accessible over the network can be exploited, and many of those applications are likely third-party and out of the user's hands administratively.”
Trustwave unveiled its new Managed Vendor Risk Assessment (MVRA), which is a cyber supply chain risk assessment solution for enterprises and SMBs. It’s now available globally and encompasses automated and specialist-led assessments. Nick Ellsmore, Trustwave’s global head of strategy, consulting and professional services commented: “MVRA is addressing one of the biggest issues across the cybersecurity environment right now: supply chain risk management.”
Trustwave’s SpiderLabs says its analysis of chatter on underground dark web forums suggest cyber criminals are starting to panic that formerly ‘friendly’ governments are on their case.
Through cybersecurity crisis simulation exercises, Trustwave’s Darren Van Booven identifies a series of common security shortfalls and steps organizations need to take to prepare for the next security crisis.
Many organizations are increasingly concerned with their own cybersecurity models and ransomware preparedness as there’s been a 64% increase in attacks from 2019 to 2020 (304 million attacks worldwide in 2020). Darren Van Booven, Trustwave’s global director, cyber defense consultant highlights how organizations can create a ransomware response plan for the full life cycle of an attack.
Cyber defense programs are having difficulty evolving against constant threats trying to enter organizations. Trustwave’s global director, cyber defense consultant, Kory Daniels covers the four best practices for advancing bank cyber programs for the cloud: develop a cloud-specific security strategy, test, security processes, leverage AI with a human-centric approach, and take a holistic approach.
Security teams will need to look out for Yanluowang, a ransomware threat that has been mounting attacks against US organizations. Just this week, Red Canary researchers reported observing a threat actor exploiting the ProxyShell set of vulnerabilities in Microsoft Exchange to deploy a new ransomware variant called BlackByte, which TrustWave's SpiderLabs recently warned about as well.
It’s fair to say that 2021 has been one of the most challenging years on record for business leaders and organisations. Ed Williams, EMEA Director of SpiderLabs, Trustwave, reflects on the past 12 months and suggests how we can move forward with strong cyber hygiene in place.
The CyberWire’s guest is Karl Sigler from Trustwave, who covers the results of the 2021 Trustwave SpiderLabs Telemetry Report.
Users of WordPress through GoDaddy are vulnerable after it’s been reported that phishing attacks have been successfully carried out through compromised emails and passwords. Ed Williams, director of Trustwave SpiderLabs comments: “A breach of this size is particularly dangerous around the holidays…Hackers try to take advantage of every new email address and password exposed in an attempt to launch phishing attacks and social engineering schemes. Enterprises, SMBs, and individuals using frequently targeted platforms like WordPress should ensure they are following strong password best practices: complexity, frequent password changes, not sharing passwords between applications, and multi-factor authentication. If possible, utilize an authenticator app to secure your account instead of traditional two-factor authentication via SMS, as hackers have recently been targeting users with specialized SMS phishing.”
Ed Williams, EMEA Director of SpiderLabs, Trustwave, comments on the data breach: “Hackers try to take advantage of every new email address and password exposed in an attempt to try and launch phishing attacks and social engineering schemes.”
The collaboration of the public and private sector could stem the growing tide of high-pact breaches. Kevin Kerr, lead security principal consultant for Trustwave, comments on the impact of multi-party breaches: “The financial impact to SolarWinds was significant, but who knows the actual financial impact…Right now, there is no centralized way to measure multi-party breach impact in costs, reputations, contracts. And each affected organization would measure that impact differently.”
SolarWinds is an example of ripple breaches, which are increasing 20% per year. Lead security principal consultant, Kevin Kerr, points to a recent attack to a central bank in Denmark where a trusted entity passed malware on to unsuspecting users.
The black market value of healthcare records has shot up, according to a Trustwave report. Healthcare data records may now be valued up to $250 per record.
Findings from Radoslaw Zdonczyk at Trustwave have shown there will be login attempts to databases and internet servers before IP addresses are listed by scanners similar to Shodan, leading to an increase in vulnerabilities.
Trustwave SpiderLabs’ Ed Williams shared his insights on how secure Windows 11 is for a feature article from UK journalist Davey Winder for Forbes
Trustwave SpiderLabs’ latest research blog detailing the researchers’ findings on the BlackByte ransomware strain as well providing the decryptor so that victims might be able to use it to reverse the malware's damage
A free decryptor for BlackByte ransomware was released by Trustwave SpiderLabs researchers after they cracked the crypto-locking malware's encryption
Trustwave SpiderLabs’ Ed Williams participates in a video interview with Danny Palmer at ZDNet discussing the ins and outs of a ransomware attack, how cyber criminals get into networks and what they actually do once inside
In this episode Trustwave’s Ed Williams and journalist Stephen Pritchard look at the 30 days after a ransomware attack, the impact of ransomware attacks on operations and reputation, and how businesses can recover
Twenty percent of this year’s new vulnerabilities were given a ‘high severity’ scoring by the NVD and given the speed with which malicious actors can start exploiting these vulnerabilities, researchers at Trustwave investigated and reported on how quickly industry patches them.
To help organizations get a better handle on their patch management, Trustwave says organizations should assign an individual or a team to design a security program that covers risk management and policy, provide training, and implement an effective incident response plan.
Karl Sigler, senior security research manager at Trustwave SpiderLabs, points to reasons why the number of disclosed vulnerabilities is trending upward.
Following the significant vulnerability found in Microsoft’s Azure Cosmos DB service, companies are reminded that even the Big Three cloud providers can make mistakes and that organizations have to still worry about cloud database security.
Grayson Lenik of Trustwave Government Solutions shares how organizations can defend themselves against growing ransomware threats by training employees in security best practices, vetting the supply chain, implementing layers of defense and hacking their own organization in a byline article for SC Magazine.
With the surge in ransomware over the past year, Trustwave has seen a 2x demand for its ransomware preparedness services. The increase in demand has been driven by CEO and board-level interest in cyber resilience and preparedness, according to Darren Van Booven, Lead Principal Consultant at Trustwave and former CISO of the U.S. House of Representatives.
Trustwave’s lead principal consultant, Darren Van Booven, shares advice for the manufacturing industry on how to protect against ransomware attacks in a byline article for Information Age
Reegun Richard Jayapaul, Trustwave SpiderLabs Lead Threat Architect, discovered the flaw in the Self-Destruct feature of Telegram MacOS, which is part of the Secret-Chats aspect of the messaging app that uses end-to-end encryption.
New bugs discovered by Reegun Richard Jayapaul, Trustwave SpiderLabs' Lead Threat Architect, allow Telegram for Mac users to save self-destructing messages and attachments forever.
Researchers with Trustwave SpiderLabs warn Telegram users of two privacy flaws found in the Self-Destruct feature of Telegram MacOS.
Bill Rucker, president at Trustwave Government Solutions discusses why a zero-trust approach is vital to ensure that sensitive data doesn’t become vulnerable.
Trustwave Government Solutions, the wholly-owned subsidiary of Trustwave Holdings, Inc., joined the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP).
Ziv Mador, VP of Security Research at Trustwave SpiderLabs, explores the changing nature of email threats and outlines some of the best ways of combating them.
Trustwave SpiderLabs released a new threat analysis blog on the Kaseya ransomware attack, which was featured by NBC.
In a new report by Trustwave, researchers explain how a threat actor has begun to utilize WIM (Windows Imaging Format) attachments to distribute the Agent Tesla remote access trojan.
Remote access made business continuity possible throughout the pandemic. But according to Trustwave's 2021 Network Security Report, VPN exploitation rose as hackers scanned for unpatched VPNs, including easily exploitable vulnerabilities.
Trustwave have warned that thousands of internet-facing VMWare vCenter servers still harbor critical vulnerabilities weeks after patches were released.
Trustwave researchers discovered thousands of instances of VMware vCenter Servers with two recently disclosed vulnerabilities that remained publicly accessible on the Internet three weeks after the company urged organizations to immediately patch the flaws.
Trustwave researchers found that thousands of VMWare vCenter servers that are reachable from the internet remained vulnerable to attacks, even after VMware released patches for this critical vulnerability.
David Bishop, CISO at Trustwave, explains the need for more serious repercussions for attacks like the recent REvil attack on Sol Oriens, a government contractor that works for the DOE on nuclear weapons issues.
Derek Taylor, Lead Principal Security Consultant at Trustwave, explains why we shouldn't accept data breaches as the norm and how the user’s privacy calculus around data disclosure decisions can easily be manipulated.
Ed Williams, Director EMEA of SpiderLabs, Trustwave, shares his essential guide to penetration testing, helping businesses invest in the right security strategy.
Trustwave SpiderLabs discovered a novel malware that uses a variety of tricks to stay under the radar and evade detection while stealthily capable of executing arbitrary commands on infected systems.
Ziv Mador, VP of Security Research, Trustwave SpiderLabs, encourages taxpayers to be wary of email phishing tax scams, showing examples of how fraudsters can lure victims into sharing personal information.
Trustwave SpiderLabs provides insight into China Chopper, a web shell used by the state-sponsored Hafnium hacking group.
Trustwave SpiderLabs researchers identify a new email scam that applies a number of crafty techniques to bypass security filters and infect victims with NanoCore malware.
Ziv Mador, VP of Security Research, discusses the importance of the three new and severe vulnerabilities in SolarWinds products found by Trustwave and the need for organizations to implement a strong penetration testing strategy.
Mark Whitehead, Global Vice President, SpiderLabs Consulting at Trustwave breaks down the importance of taking a zero-trust cybersecurity approach when it comes to protecting networks and data accessible by third-party partners.
Trustwave discovered a new phishing campaign that attempts to lure victims into downloading malware that gives cybercriminals full control over infected Microsoft Windows machines.
Five major vulnerabilities have been discovered affecting D-Link routers by cybersecurity researchers working as part of Trustwave’s SpiderLabs team.
Bill Rucker, president of Trustwave Government Solutions discusses security in cloud and on-prem environments and the importance of unified platforms.
Messaging app Go SMS Pro, which has over 100 million installs from the Google Play store, has a massive security flaw that potentially allows people to access the sensitive content you’ve sent using the app.
Go SMS Pro, one of the most popular messaging apps for Android, is exposing photos, videos and other files sent privately by its users.
A total of four vulnerabilities were discovered in Modicon M221 PLCs by researchers at industrial cybersecurity firm Claroty. Three of them were identified independently by employees of cybersecurity company Trustwave.
Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.
The hybrid cloud model is increasingly used in digital transformation and data storage according to a new report from Trustwave. Of over 950 IT professionals surveyed, 55 percent use both on-premises and public cloud to store data with 17 percent using public cloud only.
Iran and Russia have both obtained American voter registration data, top national security officials announced late on Wednesday, providing the first concrete evidence that the two countries are stepping in to try to influence the presidential election as it enters its final two weeks.
A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million.
As long as a community is strong, so will be the intelligence it shares on open source feeds. But if that community breaks down ...
Spammers are using a new technique of generating URLs to evade detection by humans and spam filters alike. This technique comprises adding random, unused text bits to shortened links, to disguise them as full-sized URLs and bypass the scrutiny of email gateways.
A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk in RFC791 — a standard that describes the Internet Protocol (IP).
Threat detection and response services provider Trustwave has launched its Trustwave Fusion platform on Amazon Web Services GovCloud – letting Federal agencies and government contractors take advantage of the cloud-native cybersecurity platform to combat ever-changing security threats.
“Philosophy?” the conversation usually begins – “that’s an odd background for cybersecurity, isn’t it?” “Funnily enough,” comes my well-rehearsed reply, “not at all”. I have been surprised how often the skills of one field can be easily applied to the other.
Contactless credit cards have become an extremely popular way to pay during the COVID-19 pandemic, according to industry experts. The technology allows you to wave your credit and debit cards over a device and pay without touching anything at the register. But consumers should still be vigilant for scammers.
A bug-hunter has uncovered a vulnerability in IBM's popular enterprise database which, if left unpatched, could allow a local user to access data and kick off a denial-of-service attack.
According to research, there is a lack of in-house expertise in the area of digital risk protection – the ability to monitor risks, threats and breaches outside the network. The research found 80% of respondents stated their teams lack skills and knowledge in this area.
Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks.
Security researchers have discovered a way to use the Microsoft Teams Updater to download malware, bypassing a patch released earlier this year and flying under security teams' radar.
Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.
Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there’s evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China.
Analysts at cybersecurity firm Trustwave say they have discovered a new type of malware they say was embedded in sales tax software — a different, older malicious tool than the previous one they found.
Trustwave is for the first time allowing VARs, MSPs and agent partners to directly resell the company’s managed threat detection and response and professional services.
A US cyber security firm has discovered a new form of malware potentially targeting foreign companies operating in China, which has been embedded in compulsory tax software and installs a hidden backdoor to allow remote access to computer systems.
When a U.K.-based technology vendor started doing business in China, it hired a cybersecurity firm to proactively hunt for any digital threats that could arise as part of doing business in the country. The firm discovered a problem, one with such major implications that it alerted the FBI.
The tax software was legitimate, but embedded inside it was a nasty surprise, according to a new report by a private security firm: A sophisticated piece of malware that gave attackers complete access to the company's network.
Even as stores reopen in many parts of the country, people are still shopping online more than ever. And that includes using new sites set up by their favorite small businesses attempting to stay afloat through perilous economic times.
Sextortion is evolving into nastier ways to try to extort people. To date, the basic template for this cybercrime has been to claim people's accounts have been hacked, with the criminals saying they have video proof – usually via webcam – of a person watching sexual content. The criminals demand immediate payment in Bitcoin – which gives the extortionist anonymity – or they will release the video to the public.
A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways.
Many on the dark web are expressing the same thoughts and fears about COVID-19 as everyone else, while others are looking for ways to profit from it, says Trustwave.
Researchers have found another vulnerability in software made by Schneider Electric that is similar to the one exploited by the notorious Stuxnet malware.
Trustwave’s Global OT/IoT security research team uncovered the flaws in Schneider’s SoMachine Basic v1.6 and Schneider Electric M221, firmware version 184.108.40.206, Programmable Logic Controller (PLC).
Attackers are using this time of crisis to go after victims with targeted campaigns. The biggest threats are phishing attacks related to COVID-19.
Analysis of more than a trillion security events over the past year and hundreds of breach investigations by researchers at cybersecurity company Trustwave found that ransomware attacks have become the most common security incident.
As most generic spam now gets blocked, attackers have turned to more targeted, personalized phishing emails to reel in their victims, according to security firm Trustwave.
Cyber criminals are taking advantage of the worldwide level of concern surrounding the COVID-19 coronavirus to launch an insidious new round of attacks that are much more effective than previous cyber-attacks.
Researchers from security firm Trustwave said they discovered a new malspam campaign that sends Excel 4.0 xls 97-2003 files with a compromised macro in email messages. The ploy is predictable and attempt to dupe users with themes ranging from fake invoices to COVID-19 related lures.
Hackers are exploiting vulnerabilities stemming from the global coronavirus pandemic, including distracted workers and stretched-thin IT staff, as cybersecurity attorneys say the spread of COVID-19 has also brought with it a spike in data security incidents.
Businesses often have a contingency plan — a Plan B — in case workers can’t get to the office when there’s a power outage, natural disaster or extraordinary circumstances, like in Chicago last winter when a polar vortex plunged temperatures far below zero. But few companies expected their backup plans to be deployed for a worldwide pandemic.
An email campaign that purports to be a popular tax return software provider is the latest scam to make the rounds. The corrupted email is quickly spreading, in an effort to catch people who use the tax program.
Trustwave, a managed security services provider based in Chicago, took the wraps off a new line of consulting and security services for Palo Alto Networks Prisma Cloud.
Telco Security Alliance members AT&T, Singtel, and Telefónica are now sharing threat intelligence and indicators of compromise (IoCs) to help fight global attack campaigns that are launched against their customers.
Hackers are using the public’s fear of the coronavirus to steal passwords and spread malware, according to multiple cybersecurity firms and computer security experts.
As the death toll from the coronavirus outbreak continues to rise, online scammers are using email phishing schemes in an attempt to profit on people's confusion and fear surrounding the virus.
A week on from the U.S. killing of Iran’s Qasem Soleimani on January 3, media warnings around the cyber threat now facing the U.S. and its allies show no signs of diminishing.
Smart cities, connected cars and other emerging technology trends fueled by IoT-enabled devices are likely to further gain pace from 2020 onwards – so here are some of the major IoT trends today and what to expect in the year ahead.
Hackers behind the ransomware attack on New Year's Eve claimed to have stolen customer data including credit card information, and threatened to publish it online if they weren’t paid the money within seven days.
Iranian hackers are likely planning social engineering and phishing efforts as retaliation for the U.S. military’s killing of Iranian military chief Qasem Soleimani, according to security experts in government and the private sector.
If you’re anything like me, you’ll be traveling with all of your devices this holiday season. But according to Trustwave, you need to do a quick security check-up.
You wouldn’t purchase an expensive sports car if you couldn’t use it properly. So, why make a pricey security investment before knowing it fits into your ecosystem?
With 30 years of work experience in the channel, Trustwave’s Suzanne Swanson says her biggest business strength today continues to be her hands-on involvement working with partners.
There is a new tool offensive security teams can use for their password cracking needs. CrackQ is open-source and can provide metrics on the current jobs, queuing and re-queuing tasks.
Security researchers have divulged two vulnerabilities in the SatLink 2000 VSAT modem that could enable hackers to carry out cross-site scripting attacks and sniff sensitive data traversing the modem.
It’s no secret that Microsoft’s Windows 10 updates have been controversial as of late. They’ve been filled with patches fixing previous updates’ bugs only to create more issues. Now, there’s a whole new problem altogether: Fake ransomware-filled updates.
With the end of support for Windows 7 coming in January, many users are looking to update to Windows 10 to continue getting security updates and support from Microsoft. According to a report from security firm Trustwave, attackers are well aware of this and targeting Microsoft users with fake update emails.
Multicloud environments change rapidly. Organizations need a security framework that is purpose-built for the cloud and that aligns with their digital transformation strategy.
Trustwave’s Shawn Kanady on the evolution of ransomware attacks, why the public sector appears to be taking the biggest hit, and whether organizations should pay the ransom.
You might think your password is strong but think again. Your passwords are at risk, even if they have special characters and numbers.
One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future.
Trustwave has unveiled a new cloud native platform designed to offer enhanced cyber security products and managed services to Singaporean customers.
A large number of spam messages recently sent from the same botnet were observed featuring randomized headers and even different templates, with some emails resembling phishing, Trustwave reports.
Good cyber-defense requires total visibility of the network to understand what could be a potential vulnerability. In cybersecurity, a network is only as strong as its weakest point. Chris Schueler, Trustwave’s Senior Vice President of Managed Security Services, shares more in an exclusive interview with GovInsider.
Insurance broker Marsh has unveiled the inaugural class of cybersecurity products and services receiving a Cyber Catalyst designation that is part of an evaluation program its backers hope will bring greater clarity in the crowded cybersecurity marketplace.
The Kingdom and oil and gas industry have been slow to shore up defenses, raising red flags about the possibility of longer term fallout in the region, experts said, including those who have responded to incidents in the region.
The right people are out there. It’s just a matter of finding them. I talked to Chris Schueler, SVP of Managed Security Services at Trustwave, for advice on how companies can start thinking outside the box about hiring cybersecurity staff and how to best identify potential candidates who may not meet your current criteria but could end up being the right person for the job.
A security researcher from Trustwave has discovered vulnerabilities in several D-Link and Comba routers which could make it easy for cybercriminals to see usernames and passwords stored on the devices.
Faced by increasingly sophisticated threats, organizations are realizing the benefits of automation in their cybersecurity programs. Automation, artificial intelligence (AI), and machine learning (ML) are rapidly transforming nearly every industry, and cybersecurity is no exception.
Enterprises today are facing challenges that are forcing them to embrace new technologies and applications that drive decision-making strategies based on hard data and real-time situational analysis and rely less on pure gut instincts.
Trustwave, provider of cybersecurity services, and Grupo Tecno, integrator of Information Technology, signed an agreement that aims to provide managed cybersecurity services to both private and public companies in Mexico and Latin America.
As the digital landscape changes, organizations are doing some purging of their own as they move to the cloud. But that transition isn't as easy as packing up dishes and linens, putting boxes on a truck, and heading off to a new destination.
AttackSurfaceMapper, a new open source OSINT tool created by Andreas Georgiou and Jacob Wilkin, security consultants at Trustwave SpiderLabs, automates the process of collecting data that can help pentesters find a way into targets’ systems and networks.
Speaking on “Testing Your Organization's Social Media Awareness” at Black Hat USA, Jacob Wilkin, network penetration tester and application security consultant, Trustwave SpiderLabs, said that social media phishing is on the rise and is now the “preferred vector for attackers” who now spread more malware via social media than on email.
The industry-wide shortage of trained cybersecurity personnel is not a new story, but Trustwave has begun to take a new approach to find not only trained cybersecurity staffers, but also those with no training or computer skills at all.
Lackadaisical security practices in proprietary management software from a hardware vendor underscore the need for a vendor-agnostic solution.
Crain’s Chicago Business hosted its Tech 50 event honoring its annual list of headliners, behind-the-scenes heroes, new faces and emerging stars of Chicago tech. More than 100 people attended the event at cybersecurity company Trustwave’s office in the loop.
Why is treating a snake bite like responding to a data breach? It might sound like the beginning of a cheesy joke, but the two can have more in common that you might expect.
Hiring managers are widening the pool of candidates in response to the cybersecurity skills shortage. Learn how a parks and recreation background can be an asset in threat hunting.
Researchers found that an application available on an unsecured website included credentials that could have allowed compromising consumer-facing Uniguest kiosks used by businesses in various activity sectors.
The modern-day robbery is no longer about criminals storming a bank wearing ski masks, brandishing firearms and filling bags with stolen cash. Instead, criminals now relay on more clandestine yet equally effective methods of stealing from financial institutions.
The convenient technology known as "wave and pay" available with some credit cards is making a comeback after serious security concerns. The technology is a debit or credit card with a wireless symbol where all you have to do is just wave it in front of a payment terminal and your transaction is done in seconds.
Three men dressed for business travel in jeans and dress shirts loaded backpacks into the trunk of a black coupe and wound their way through the center of a major European city. When they arrived at their hotel, they unloaded their luggage and waited giddily to pass through the revolving doors. They were checking into the hotel to hack it.
As it becomes increasingly challenging and expensive to recruit new team members, one of the most effective approaches to improving security capabilities is to focus on upskilling your existing team instead.
Organizations can’t just rely on diverse and cutting-edge technologies to fight adversaries. They will also need people with diverse expertise and backgrounds.
Hackers are targeting credit cards online more, a new report found. The number of cards being targeted went up by 7 percent, according to Trustwave’s global security report.
Given much of the publicity that is routinely attached to every breach disclosure these days, it’s easy to be pessimistic about the overall state of cybersecurity.
Gartner’s Magic Quadrant 2019 for managed security services providers (MSSPs) has surfaced. Here’s a look at each MSSP featured in the report, along with our perspectives on each cybersecurity business.
You may have business relationships with an internationally located vendor, supplier, provider, contractor, employee, or customer. You may have boosted cybersecurity in your network. Be vigilant, attackers can use your business relationships as stepping-stones into your network.
The White House says there are over 300,000 cybersecurity job vacancies in the United States and believes it’s crucial for the country’s economy and security that these jobs are filled.
Trustwave is introducing a new database security scanning and testing software that helps organizations better protect critical data assets hosted on-site or by major cloud service providers.
This in-depth report from Trustwave contains a number of useful suggestions that sites can consider for a defense-in-depth approach to combating an increasingly crowded field of criminal groups turning more of their attention toward stealing CVV data.
Trustwave, a Top 100 MSSP, has introduced the DbProtect database security scanning and testing software. DbProtect provides data visibility and protection and compliance management capabilities, according to Trustwave.
The 2019 Trustwave Global Security Report, released on April 25, has its fair share of bad news as it has found that multiple types of attacks have grown and attackers have continued to increase levels of sophistication.
Cyber criminals are attacking more accounts in the Asia Pacific region than North America, representing 35 percent of investigated data compromises, according to the annual report out today by Trustwave.
Trustwave, which offers Managed Detection and Response (MDR) services, has taken a number of steps to build stronger context into their operations. They are feeding data about known bad actors into their intel fusion platform (IFP).
A spam campaign pushing the info-stealing LokiBot trojan leverages a novel technique to avoid detection. According to researchers, the spam messages include malicious .zipx attachment hidden inside a .PNG file that can slip past some email security gateways.
The CIA extortion scams continue to evolve in order to squeeze as much money out of a victim as they can. In a new variant discovered by researchers, the extortion emails are now selling alleged proof on Satoshi Box for $500 that show you are part of the CIA investigation.
Hackers modified a Pakistani government website where citizens can request passports to spy on its visitors, according to researchers at Trustwave.
In his role leading penetration testing services at Trustwave, Lawrence Munro, VP SpiderLabs, has pulled together the attributes, experience and qualifications he considers necessary to crack a career in this challenging space.
It’s more important than ever for cybersecurity professional to understand how attackers can gain access to sensitive company or customer data. While it’s still important to examine vulnerabilities in isolation, the ability to understand attack paths and how attackers can gain access to data.
Trustwave Managed Security Services’ elite team of 250 ethical hackers isn’t just protecting some of the world’s largest enterprises and government agencies. It’s actually reimagining ways that entire industries can protect their assets.
The constant stresses from advanced malware to zero-day vulnerabilities can easily turn into employee overload with potentially dangerous consequences. Here’s how to turn down the pressure.
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security.
Arjun and Jessica Sud routinely use a baby monitor to keep tabs on their 7-month-old’s bedroom. Last month, they heard something chilling through the monitor: A deep male voice was speaking to their child.
Cybercriminals are turning to new technologies to launder their ill-gotten gains, including recruiting fake Uber drivers, shady Airbnb hosts and crypto conversion specialists via underground dark web, experts say.
Newly discovered security bugs in Lifesize videoconferencing products can be remotely exploited, giving attackers the ability to spy on a target organization or attack other devices.
Trustwave announced the latest iteration of its email security platform with the unveiling of Secure Email Gateway (SEG) 8.2. Among the highlights is support for the Microsoft Azure Rights Management System (RMS), which is used to protect against data loss and unauthorized access.
Attackers know that shutting companies out of their own data can quickly cripple an organization and put the pressure on to consider paying the ransom.
Cybersecurity can feel like a chaotic free-for-all sometimes, but it’s not every day that a whole new conceptual type of attack crops up. Over the last 15 months, though, cryptojacking has been exactly that. It’s officially everywhere, and it’s not going away.
So what’s new for 2018? Trustwave moved into the enviable Leaders Quadrant, while Capgemini, DXC Technology and Fujitsu were added to the overall rankings.
Gift cards are popular gifts this time of year, but they’re also big targets for theft. Americans have spent almost $30 billion on gift cards this holiday season but have also lost more than $50 million so far this year in gift card-related scams, according to the Federal Trade Commission.
Researchers disclose signedness bug in driver used by IBM Trusteer Rapport endpoint security tool after IBM fails to deliver timely patch.
What we see when we browse the web is just the tip of the iceberg. Hidden below the surface, accessible only by the Tor browser, exists a marketplace in which criminals can sell drugs, weapons and stolen data with relatively little surveillance.
Just like last year, this year’s 60 predictions reveal the state-of-mind of key participants in the cybersecurity industry (on the defense team, of course) and cover all that’s hot today.
What are the key differences between building a SOC for a large enterprise vs. for a small to midsized organization? Trustwave's Kory Daniels explains the distinction and outlines the must-have skills.
Hackers successfully broke into the international website of the Make-A-Wish Foundation and inserted malicious computer code which used the computers of people visiting the site to generate cryptocurrency.
Over the last year or so, cryptojacking—which forces your computer to mine cryptocurrency for bad guys when you visit an infected site—has become one of the internet’s most pervasive scourges.
Threat intelligence has transformed the information security world for the better but it’s not always leveraged in the best way possible by organizations and departments. The sheer amount of information, providers, platforms, and types of threat intelligence and data available, make it difficult to confidently ensure an organization is making the most of their threat intelligence.
Eighteen months ago, ransomware hit headlines around the world with the WannaCry and Petya outbreaks which spread across 150 countries. While lower attack volume may suggest that file-encrypting ransomware is no longer a risk, that’s not the case.
Ensuring access to a reliable feed of threat intelligence through a security operations center (SOC) is an essential element of many organization’s security strategy today. However, establishing a SOC is a complicated endeavor, particularly when it comes to balancing budget and resource limitations in an increasingly complex security landscape.
A role in cybersecurity, while rewarding, can also be extremely taxing psychologically. We spoke to Chris Schueler from Trustwave about why burnout is so prevalent and how it can be addressed.
The Red Alert 2.0 Android Trojan first detailed in September last year is currently available for rent on underground forums at $500 per month, Trustwave reports.
As the last full week of the 15th National Cybersecurity Awareness Month comes to a close, security experts are reflecting on the 10-year anniversary of one of the most significant computer vulnerabilities and cyberattacks of the time.
In coordinated statements, the big four in the browser application world have finally announced the deprecation of Transport Layer Security (TLS) protocol v1.0 and v1.1.
Looking for hard numbers to back up your sense of what’s happening in the cybersecurity world? We dug into studies and surveys of the industry’s landscape to get a sense of the lay of the land – both in terms of what’s happening and how your fellow IT pros are reacting to it.
Singtel’s Australian subsidiary has inked a deal to buy a privately held cyber security firm incorporated in Victoria state, which will be integrated into the group’s Trustwave cyber security arm.
AVANT Communications has forged an alliance with Trustwave, an MSSP that helps businesses fight cybercrime, protect data and reduce risk. The alliance gives AVANT’s thousands of channel sales professionals access to Trustwave’s portfolio of managed security services covering threats, vulnerabilities and compliance.
A year ago, one couple wrote a check for $625. Then, someone tried to deposit more than a dozen other checks worth around $20,000 using that original signed check as their counterfeit canvas. CBS 2’s Dorothy Tucker investigates how that can happen.
Security experts have long recommended that security teams incorporate threat modeling into their process of analyzing their corporate assets. Taking a structured approach to analyzing risks to information infrastructure can reveal new threats that aren’t contained in compliance requirements or industry standards.
PureVPN has had two vulnerabilities which would allow hackers to retrieve stored passwords through the VPN client. This was confirmed by Trustwave’s research and the VPN provider itself.
Many companies, especially in big technology, banking and telecom, face heavy incentives overseas for employees to sell internal information or access. The problem is so common that in some jurisdictions, criminal enterprises post “job ads” looking for specific insiders to aid in targeted schemes.
Ask anyone what a quintessential cybersecurity command center looks like, and they’ll likely launch into a description that includes a dark room with vibrant accent lighting and a collection of screens displaying an array of information from global news to maps highlighting real-time cyberattacks.
Scrolling down a jumbo screen Trustwave’s Loop office is a list of personal information. There are emails, names, passwords, credit card numbers and expiration dates – a gold mine for anyone trying to steal someone’s identity.
We’ve all heard the stories in the news about cyberattacks enabled by unwitting consumers: fraudsters hacking into individuals’ email accounts and sending messages to their contacts requesting money; consumers providing payment information to phony websites; cybercriminals pretending to be relatives “in urgent needs of funds.”
Turning virtual cash into real money without being caught is a big problem for successful cyber-criminals. They often have to get creative when “cashing out” or laundering the money they have stolen, according to a security expert.
Researchers have found a cross-site scripting (XSS) flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites.
At a time when cyberattacks and threats are on a sharp rise both in frequency and severity, Chris Schueler has been a driving force in shaping how large organizations incorporate the managed security model.
Cybercriminals have chosen one of Microsoft’s lesser known Office document creation apps Publisher (.pub) as the vehicle for distributing password stealing malware intended for employees at thousands of banks around the word.
Researchers at Trustwave released a new open-source tool called Social Mapper, which uses facial recognition to track subjects across social media networks.
From Facebook overshares to accidental password posts on Twitter, there are many ways in which Web personas leak things of use to malicious hackers.
According to Trustwave researcher Simon Kenin, on July 31, a surge in Coinhive activity was detected which indicated that a malicious cryptocurrency mining operation was underway.
Somewhere out there a cybercriminal is lining his or her pockets with cryptocurrency. Whoever it is isn’t using powerful computer to do the mining. Instead, this individual is using an ever-growing army of enslaved routers to do the dirty work.
A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.
A vulnerability first detected and “resolved” years ago in Oracle’s Unix OS, Solaris, has resurfaced, necessitating a fix in Big Red’s latest quarterly patch batch.
A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.
The recently-discovered DataBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB.
In the 2018 Trustwave Global Security Report, which looks at a wide range of computing and internet threats, risks and vulnerabilities across more than a dozen industries and 21 countries, cryptocurrency has a starring role.
As companies adopt new technologies in short timeframes, they are increasingly turning to outsourcing resulting in third-party providers having access to sensitive data more than ever before.
The EFF’s new STARTTLS Everywhere initiative aims to secure email as it transits the internet between mail servers to prevent mass surveillance, as well as email spoofing.
The cryptocurrency market has seen an incredible amount of attention and hype over the last year, culminating with Bitcoin values soaring by more than 1,300 percent in 2017.
From connected devices to insider threats, the modern-day cybersecurity professionals has their hands full when it comes to ensuring their organization measurably reduces risk.
What you can’t see is that these cyber criminals behave among one another in much the same way legit businesses behave to legit customers, a security researcher tells Business Insider.
Finding out you’re a data breach victim is bad enough. But the process of canceling credit cards and checking statements for suspicious activity will likely be an even bigger headache.
What will be the most significant threat to cybersecurity teams in 2018? According to a May 2018 survey from information security company Trustwave, 22 percent of full-time information technology (IT) professionals said preventing malware, including ransomware, was their biggest obligation for 2018.
GDPR has been in play for less than 24 hours and several lawsuits have already been filed in the EU against Facebook and Google claiming each in not abiding by the new privacy regulations.
Trustwave released the 2018 Security Pressures Report based on a global survey of 1,600 full-time IT professionals who are security decision makers or security influencers within their organization.
A new Trustwave survey shows information security executives and practitioners are under increasing pressure from trying to keep up with threats and compliance mandates.
Newly published research reveals the poor state of enterprise cloud security, as evidenced by the advance of cryptojacking within these environments.
This year marks a historic decade-long milestone of the Trustwave Global Security Report (GSR), an annual report that touches on the current state of cybersecurity and the evolving threat landscape.
Electron – the widely used desktop application framework that renders top programs – suffered from a security vulnerability that potentially allows miscreants to execute evil code on victims’ computers.
There are lots of straightforward steps you can take to protect your privacy online. Spend a couple of minutes now to get yourself set up, and you’ll never worry about it again.
Cost of Divergence: Inconsistencies in regulation among various jurisdictions – regulatory divergence – cost financial institutions between 5% and 10% of their annual revenue.
Trustwave, a Top 100 MSSP and compliance, threat and vulnerability management services provider, has launched a Detection, Analytics and Response Consulting (DARC) practice for enterprises.
Cybercrime and information security breaches are increasing at alarming rates, and the FBI estimates losses each year run into the trillions of dollars.
Security vulnerabilities are rampant, while software patching remains a key challenge. These are a few of the high-level findings from research reports released the week of April 2-6.
Cybersecurity can be a cat-and-mouse game. Fix one weakness, and the criminals find another target. It’s a lesson industries from retail to restaurants to airlines are learning as consumers’ data increasingly draws the attention of online thieves.
Vulnerabilities and attacks on networked devices have surged in the past decade, while spam emails have dropped, according to a Trustwave report.
The retail sector suffered the most breaches in 2017, accounting for 16.7 percent followed by the finance and insurance industry at 13.1 percent and hospitality at 11.9 percent.
An annual report from security firm Trustwave highlighted increased sophistication of web app hacking and social engineering tactics on the part of miscreants.
While experts have warned about the perils of connecting to unsecured public Wi-Fi hotspots in the past, new research has revealed that organisations are suffering more from security issues than in the past.
In recently observed attacks, the jRAT backdoor was using crypter services hosted on the dark web to evade detection, Trustwave security researchers have discovered.
In a big victory for international law enforcement, Spanish police have arrested the alleged leader of Carbanak, a cybercrime group believed responsible for stealing over $1.2 billion from more than 100 banks in 40 countries.
Trustwave, a Chicago-based cybersecurity company that has specialized in cyberattack response, has launched Threat Hunting for Government, a service designed to proactively and continuously search federal networks for intruders and malware.
Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.
Could your computer or device be running slower on certain websites? The I-Team is investigating cryptomining and how it can affect you – and even your electric bill.
Trustwave, a Top 100 MSSP that provides compliance, threat and vulnerability management services, has added Canadian voice, data and media services company Uniserve Communications to its customers across Canada.
If you’re using a Netgear router at home, it’s time to get patching. The networking hardware maker has just released a tsunami of patches for a couple of dozen models of its kit.
Soaring demand for cloud security is being fueled by everything from increased adoption of bring-your-own devices and connected devices to smart cities and government mandates around cloud adoption.
Researchers disclosed two new vulnerabilities in Western Digital My Cloud network storage devices on Thursday that could allow a local attacker to delete files stored on devices or allow them to execute shell commands as root.
Days after receiving initial reports about fraudulent activity, the mobile phone vendor reveals that attackers could get a malicious script onto its website that stole user credit card information.
Despite tighter privacy controls and a looming disclosure regime, Australian companies are less vigilant about data risk than their counterparts in other advanced economies, according to research that found protection of critical data varied with dramatic differences in the perceived value of that data.
By the time you get to your hotel, you’ve waited at the airport, on the plane and in transit. Checking into your room may also mean a wait — but not if your hotel offers mobile check-in and a digital room key.
Cybercrime’s cost to businesses continues to grow exponentially. In 2015, Juniper Research predicted that the continued reliance on digitization in our lives will be the catalyst for a $2.1 trillion criminally driven industry by 2019.
Most consumers think of credit card information as the most valuable personal data to cyber thieves. But strategies put in place by card issuers to lock a credit card the instant fraud is suspected makes it a valuable commodity for only a brief period of time.
Five trillion dollars in U.S. retail spending is very attractive to cybercriminals. The large volumes of financial data continuously processed by payment and retail vendors is highly valued and can provide criminals with easy payouts.
Industry analyst firm Quocirca surveyed 500 IT decision makers in the United States, Canada, United Kingdom, Australia and Japan, examining attitudes towards the value of confidential data including: personally identifiable information, payment card data, intellectual property and email.
Businesses rely more and more on data, but a new study shows up significant differences in the value that is placed on confidential data around the world and in different industries.
It’s one things to wake up and discover that you missed the boat on a cryptocurrency boom that’s making a handful of people very wealthy. It’s another thing to find out that your computer is making someone else rich while it gives you poor performance and jacks up your electricity bill.
Hackers routinely target vulnerable retailers of all sizes, stealing credit card data and other sensitive financial information in the process. Trustwave helps those businesses protect their data and mitigate risks through cloud and managed security services — and by enlisting a team of cybersecurity experts.
The field of cyber security has a couple of problems. First, the media insists on using headline-friendly terms like "ethical hacker" for roles that are done not by loners in hoodies, but professionals in corporate cubicles.
Trustwave has announced a revamped global partner program in the channel, with updates including a new online learning system and partner portal.
Cybersecurity firm Trustwave has a new online learning system and streamlined partner portal designed to give partners a complete understanding of customer security and compliance issues.
The I-Team has a warning after a local couple's life savings vanished. They lost more than $300,000 during the purchase of their dream home in a scam that could happen to anyone.
Despite the proliferation of high profile cyber-attacks over the last 18 months, many organisations are still too disorganised in their approach to security.
A researcher has documented almost 2,500 sites that are actively running cryptocurrency mining code in the browsers of unsuspecting visitors, a finding that suggests the unethical and possibly illegal practice has only picked up steam since it came to light a few weeks ago.
Security company Trustwave says it has found a flaw in the web server used by Brother printers which could lead to a denial of service.
Networked consumer and business printers manufactured and sold by Brother contain an unpatched vulnerability that can be abused by a remote attacker to cause a denial-of-service condition on the device.
Companies are constantly evaluating and implementing new technologies, which requires engineers to stay on top of the industry’s latest developments.
Who needs a horror movie when you have the 2017 ransomware news cycle? There has been a constant stream of increasingly destructive attacks hitting victims around the world.
Meet the Internet’s latest menace. Hackers and penny-pinching website hosts are hijacking people’s computers to “min” cryptocurrency. And we’re not talking about coal and canaries.
Wired There’s something new to add to your fun mental list of invisible internet dangers. Joining classic favorites like adware and spyware comes a new, tricky threat called “cryptojacking,” which secretly uses your laptop or mobile device to mine cryptocurrency when you visit an infected site.
UK taxpayers have been warned to be on high alert after a wave of booby-trapped emails was recently caught posing as tax return messages from Her Majesty's Revenue & Customs (HMRC).
At least two new Locky ransomware variants have been released within less than a month of each other although one of the variants is broken for the time being due to a malformed spam campaign.
Data is the lifeblood of business, and it is increasingly being jeopardized as the businesses are facing an onslaught of financially motivated hackers, corporate data breaches, and frequent compliance changes.
An international organized crime syndicate has stolen at least $40 million from banks since March using a hacking scheme, according to a report released Tuesday, and has likely stolen substantially more.
Inmarsat has officially launched its Fleet Secure cyber security service, which has been constructed and delivered in partnership with Singtel and Trustwave, at its UK headquarters as part of London International Shipping Week.
A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero.
For his work with the SpiderLabs Security Research team and previously as a member of Microsoft's response team where he helped formalize the incident response program and the malware protection center.
A new wrinkle in smart technology serves as a reminder for consumers to be cautious, as the tiny chip in your credit card can fall out and then be used by someone else to access your credit card information.
Brian Hussey, VP of cyber threat detection and response for SpiderLabs at Trustwave, explains what elements firms need to have in place if they are to detect, contain and survive a cyber-attack.
Free Wi-Fi is a great way to save on data, but the I-Team has learned your phone could be taken over automatically by Wi-Fi, signing on to unsecure networks and putting your information at risk.
The digital threat landscape faced by enterprises large and small is in perpetual flux, and keeping an eye on things and adapting defenses should be of primary importance to every CISO.
Even though malware detection and containment have improved a lot since 2015, malvertisement are still a lot cheaper and difficult to contain, says a report from security firm Trustwave.
Trustwave has released the 2017 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2016.
Security services firm Trustwave released its 92-page 2017 Global Security Report on June 20, providing insight into security trends observed by the firm from data breach investigations conducted around the world. One trend was a growing volume of point-of-sale (PoS) system breaches, which grew to 31 percent of breached environments analyzed by Trustwave in 2016, up from 22 percent in 2015. "Cybersecurity in 2016 had both highlights and lowlights," Trustwave CEO and President Robert J. McCullen said in a statement. In this slide show, eWEEK looks at both the highlights and the lowlights of the 2017 Trustwave Global Security Report.
Metrics are vital for CISOs to do their job effectively. Unfortunately the numbers included in the latest Trustwave global survey show that infosec pros and software developers around the world still have a long way to go. Read more: http://www.itworldcanada.com/article/nearly-half-of-compromises-due-to-insecure-remote-access-software-and-policies-report/394253#ixzz4kr7UFcTc or visit http://www.itworldcanada.com for more Canadian IT News
Trustwave released the 2017 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2016. The report demonstrates both good and bad news in the world of cybersecurity as intrusion detection and breach containment times were relatively better, but other threats like malvertisements became cheaper and malicious spam saw increases.
The dwell time for hackers inside victim networks fell by nearly half over the past year, although the time from intrusion to containment of such threats remained virtually the same, according to Trustwave.
The state of global cybersecurity is a mixed bag at the moment, according to a new report by Trustwave. The company's 2017 Trustwave Global Security Report says intrusion detection is faster, as well as containment times. However, malvertisement is cheaper, and spam has picked up the pace.
Throughout 2016, Trustwave investigated hundreds of data breaches in 21 different countries, and conducted thousands of penetration tests across databases, networks and applications. An analysis of key findings from this activity is presented in the 2017 Trustwave Global Security Report published Tuesday (PDF).
The "2017 Trustwave Global Security Report" [registration required] examines trends over 2016 in the areas of cybercrime, data breaches and security. The era of acting defensively is over. It is time to approach cybersecurity proactively, the report stated.
More organizations appear to be heeding the advice to implement capabilities for detecting intrusions sooner, at least based on an analysis of data from breach investigations that security vendor Trustwave conducted for clients last year.
The fight against cyber crime showed both advances and retreats in 2016, with improvements on the intrusion detection and breach containment fronts matched by cyber crime increasingly being treated as a business, suggests a Trustwave report released Tuesday.
Nearly every web application has at least one vulnerability, according to the 2017 Trustwave Global Security Report, released Tuesday. Of the apps scanned by Trustwave for the report, 99.7% included at least one vulnerability, with the mean number of vulnerabilities in web apps being 11.
Yesterday, news broke that a file containing detailed personal information on 200 million Americans was stored on an unprotected server by a political contractor. The travails of Yahoo and its half a billion stolen records have been well documented. Breaches like these, focused on personal information, recently have shifted the focus of card-not-present fraud professionals toward new kinds of fraud based on personal information: account takeover, account creation and synthetic fraud.
Security firm Trustwave has released its 2017 Global Security Report which contains some bleak findings relating to the rise of payment card data thefts and incidents involving point-of-sale breaches in the hospitality, retail and food and beverage industries.
The largest share of data breach incidents involved the retail industry, closely followed by food and beverages, according to a new report. The 2017 Global Security Report from Trustwave shows that 22 percent of incidents involved the retail industry, followed by food and beverages at 20 percent.
Hacking attacks against sales terminals have risen by nearly a third last year, and the US is still leading the way in being insecure. Incidents affecting sales tills and payment systems increased to 31 per cent in 2016, according to research by security firm Trustwave, while incidents affecting e-commerce environments fell to 26 per cent from 38 per cent. Incidents involving sales registers were most common in the US, thanks to its tardy adoption of EMV chip technology and a reliance on chip and signature rather than chip and PIN payment.
Many organizations are getting better at cyber intrusion detection, according to a new report from Trustwave, the Chicago-based MSSP. The “2017 Trustwave Global Security Report” of cybercrime, data breach and security threat trends from 2016 indicated the median number of days from cyber intrusion to detection of a compromise fell from 80.5 in 2015 to 49 last year. In addition, the median number of days from cyber intrusion detection to containment was 2.5 in 2016, according to the report.
Attackers are developing new methods of stealing sensitive information every day, making retail breaches an all-too-common occurrence. But an important line of defense for merchants are their payment facilitators, which, when armed with the right knowledge, can act as digital bodyguards for these brands.
News headlines continue to call our attention to the latest cyber attacks -- something that provides IT and security professionals with the daunting task of remaining steadfast on the unpredictable security battlefield. In fact, 53 percent of IT professionals felt more pressure to secure their organization last year, compared to 2015, according to the 2017 Security Pressures Report from Trustwave. However, contrary to what you would expect, the pressures are not just coming from the C-suite.
Chicago Mayor Rahm Emanuel joins Trustwave to open the company's new and expanded headquarters, plus helps to mark the start of the City Colleges of Chicago's (CCC) inaugural Cyber Security Boot Camp.
Trustwave, the Chicago-based information security firm that helps businesses protect against cyberattacks, unveiled its expanded headquarters and announced an internship program with the City Colleges of Chicago Monday at an event with Mayor Rahm Emanuel.
The relationship between a manufacturer or vendor and security researchers can be filled with tension and unease, and it's most often put to the test during the vulnerability disclosure process. Although their intentions are pure, researchers often feel they are being shut out of the process, while vendors may see disclosure deadlines as a threat from researchers looking to produce headlines.
As organizations wade deeper into digital technology, the pressure grows on IT and security professionals to keep systems up and running. What's more, as budgets shrink and the time required to manage and maintain security systems swells, the stress levels keep rising. A recent report from Trustwave, "2017 Security Pressures Report," offers some perspective on how organizations are addressing these issues, and how IT and security teams are faring.
Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.
FRANKFURT (Reuters) - Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.
Tom Bain, vice president of marketing at CounterTack, believes organizations want to "collapse the stack" and move to fewer providers and platform offerings. They want less agents and ultimately not as many providers under the hood. “Taking technologies into a managed deployment gives an enormous advantage to MSSPs who can remove the burden from operators, monitoring and responding to threats on their behalf,” he said.
In the past year, Trustwave has hired 160 people in Chicago, increasing headcount here about 30 percent to more than 500 people. Worldwide, Trustwave is up to 1,650 employees. It's a workforce heavy on engineering talent. McCullen doesn't expect the growth to slow down. The company has 50 open positions in Chicago. There isn't enough talent anywhere in tech, but the challenge is particularly steep in cybersecurity. "We need really skilled people," he said. "Even our customers can't find them."
Ever wondered who these ‘hush-hush’ people are that help to keep our networks safe? Here we talk to Lawrence Munro, director of SpiderLabs EMEA for Trustwave, about the role of the ‘White Hat hacker’.
The Carbanak group, also known as Anunak, was exposed in 2015 after it managed to steal an estimated $1 billion from more than 100 banks across 30 countries. In early 2016, the group continued to target banks, mainly in the Middle East and U.S.
The race to become the most innovated and tech-savvy hotel is on. Hotels have increasingly begun working with technology companies to offer more innovative and enhanced guest experiences. Guests at many hotels can now bypass the need to go to the front desk by using their mobile devices to select a room, check-in, receive texts when their room is ready, and even unlock the door to their room. Guests can also customize their stay by requesting items, ordering room service, planning activities, or purchasing upgrades. Everything a guest may want is only a few clicks or taps away, and soon, the data collected by these programs will allow hotel operators to anticipate guests’ requests and needs.
A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent brand-name restaurants in the U.S.
With Australia’s mandatory data breach notification laws set to take effect by 23 February 2018, protecting sensitive information and data privacy has moved up the burgeoning list of an organisation’s IT security priorities.
To understand why Carbanak is one of the Internet's most skilled and successful criminal groups, consider the recent spear-phishing campaign it used to infect computers in the hospitality and restaurant industries with malware that steals banking credentials.
The risk of cybersecurity compromise has become ubiquitous across business and government sectors, with new figures suggesting that nine out of every 10 Australian organisations dealt with an attempted or successful cybersecurity breach during fiscal 2015-16 – and that 58 percent had been successfully compromised.
Cybersecurity company Trustwave, which has its Canadian headquarters in Waterloo, released the results of its fourth annual Security Pressures Report on Wednesday. The survey is based on interviews with 1,600 IT and cybersecurity professionals around the world.
According to Trustwave’s 2017 Security Pressures Report, the answer is yes, a shift is happening, especially in who is putting the pressure on staff for improving cybersecurity efforts. Security is becoming more personal, the report said, with 24 percent of respondents citing pressure exerted by oneself to deal with cybersecurity, which is up 13 percent over last year’s report. Nearly half of the respondents did admit that they feel the pressure from executives and boards of directors, but that number is down 13 percent from last year.
Security professionals are feeling less pressure from management, less pressure to approve IT projects early, and are less worried about emerging technologies, according to a report released this morning. But they are also putting more pressures on themselves.
The majority of tech professionals are pressured to roll out projects before they’ve undergone necessary security audits and hardening, according to a new security pressures survey from the security firm Trustwave.
This issue includes: Identity and access management strategy: Time to modernize? Strong authentication methods: Are you behind the curve? Start redrawing your identity and access management roadmap
It’s bad enough when black hat hackers insert malicious backdoors into systems and software after vendors/makers have sold these into the marketplace. It is another matter when the vendors who create these devices and programs unwittingly or purposely leave backdoors inside their products.
We all know that what we mean by hacker around here and what the world at large thinks of as a hacker are often two different things. But as our systems get more and more connected to each other and the public Internet, you can’t afford to ignore the other hackers — the black-hats and the criminals. Even if you think your data isn’t valuable, sometimes your computing resources are, as evidenced by the recent attack launched from unprotected cameras connected to the Internet.
The built-in backdoor discovered by Trustwave in IoT devices enables access by the manufacturer and leaves the devices open to exploitation by others, which despite Trustwave following the responsible disclosure process, has repeatedly been left exposed by the vendor.
IoT devices from a Chinese vendor contain a weird backdoor that the vendor is refusing to fix, we're told. The vulnerability was discovered in almost all devices produced by VoIP specialist dbltek, and appears to have been purposely built in as a debugging aid, according to researchers at TrustWave. The infosec biz says that it followed a responsible disclosure process, but claims the manufacturer responded only with modifications to its firmware that leave access open
The cybersecurity industry wrestles with why the Internet isn’t safer after $75 billion in annual spending and how to handle ransomware at one of its marquee annual events.
Millions use Amazon to shop, and many are used to receiving emails from the company. But the ABC 7 I-Team investigated emails that look like they could be from Amazon but are not.
Trustwave announced at RSA Conference 2017 new and enhanced managed security and professional services designed to help short-circuit an attacker’s activities by detecting cybersecurity threats much earlier and shutting them down before real damage is done.
It took years of discussion and several revisions, but experts believe the long-awaited passage of Australia’s breach notification legislation will kick off a new era of transparency that will rapidly improve understanding of the country’s real cybersecurity threat climate. The enabling legislation – contained within the Privacy Amendment (Notifiable Data Breaches) Bill 2016 – passed both houses of Parliament after a series of readings since it was first formally introduced to Parliament last October. But the process of authoring, revising and discussing the legislation stretches back several years, with one security executive after another warning that continued inaction was hobbling Australia’s ability to improve its overall cybersecurity posture.
Rapid7 and Trustwave in their articles will explain how crucial the connection between Incident Response and Penetration Testing is, while Kroll will show you practical examples of attack response. We hope you will enjoy these contributions , prepared for you by world-wide corporations.
Trustwave does everything I can think of for security. The team that I’m a part of is the incident response team, and we’re within a bigger team called SpiderLabs. I tell my kids, “I work at SpiderLabs and I fight cybercrime, the bad guys.” And they absolutely love it.
The security of internet infrastructure devices like routers and wireless access points, along with all kinds of devices that connect through them, has been of particular concern lately. Recent distributed denial of service (DDoS) attacks have originated in Internet of Things (IoT) devices, for example, and a slowdown in such issues doesn’t seem imminent.
For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done. The vulnerability was discovered by Simon Kenin, a security researcher at Trustwave, and stems from a faulty password recovery implementation in the firmware of many Netgear routers. It is a variation of an older vulnerability that has been publicly known since 2014, but this new version is actually easier to exploit.
Simon Kenin, a security researcher at Trustwave, was – by his own admission – being lazy the day he discovered an authentication vulnerability in his Netgear router. Instead of getting up out of bed to address a connection problem, he started fuzzing the web interface and discovered a serious issue. Kenin had hit upon unauth.cgi, code that was previously tied to two different exploits in 2014 for unauthenticated password disclosure flaws.
The Trump administration’s proposed clampdown on foreign-worker visas is expected to boost demand for tech professionals at home, as The Wall Street Journal reported this week.
Distributed denial of service (DDoS) attacks are increasingly being used to distract businesses and insecure Internet of Things (IoT) devices became the favoured mechanism for launching the attacks during 2016, according to a new analysis of the past year’s DDoS attack trends.
According to Trustwave, a well-known Russian cybercrime group called Carbanak has been targeting the hospitality and retail industry in Europe and North America. The group is said to be specifically targeting internal corporate secrets and payment card data.
Today's cyber-threats present challenges for even the most tech-savvy IT executives in the most tech-savvy organizations. It's not news that the volume and velocity of threats continue to grow. At the center of the problem? Recruiting and retaining the security talent necessary to mitigate and minimize cyber-risks.
While security challenges often seem limitless, the resources that organizations have on hand to combat them are not. Security firm Trustwave issued a new report on Jan. 18 looking at the state of IT resources and staffing challenges titled, "Money, Minds and the Masses."
The infamous Carbanak gang may have been using Google cloud services as command and control infrastructure for malware embedded in malicious Office documents.
Months of ramped up Carbanak activity that includes a new host of targets and new command and control strategy has reinvigorated attention on a criminal outfit that may have at one time stolen up to $1 billion from banks worldwide.
A major Canadian corporation is among those in the hospitality industry in several countries whose financial activities have been compromised by a Microsoft Word-based macro attack that appears to be orchestrated by criminal groups working together, according to a security vendor. Read more: http://www.itworldcanada.com/article/canadian-enterprise-among-victims-of-macro-based-malware-attack/390012#ixzz4XGPqmvAg or visit http://www.itworldcanada.com for more Canadian IT News
The Carbanak cyber criminal gang is abusing Google’s infrastructure as a conduit for botnet control. The gang became notorious when it was blamed for the theft of one billion dollars from more than 100 banks across 30 countries back in 2015. Fast-forward two years and Carbanak is now infecting users via a script that will send and receive commands to and from Google Apps and Google Forms services.
The Carbanak cybergang has been spotted using Google for its malware command-and-control channel. Forcepoint Security Labs researchers said the group is hiding in plain site by is using Google as an independent command and control channel since Google is likely to be more successful than using newly created domains or domains with no reputation.
There are many reasons why IT professionals can be fired, but six out of the top nine are related to security, said a survey released this morning. For example, having a tech investment that leads to a security breach was considered a fireable offense by 39 percent of organizations, according to Osterman Research, which conducted the survey.
As Deep Throat said to Woodward and Bernstein, “follow the money,” and you will see who is doing what, when, how and maybe even why. In the old days, that was walking on foot to the laundromats that were literally and figuratively serving as fronts to launder money obtained from illicit activities. In a digital world, it’s not that easy. “Laundromats” can take any digital form, and following the money is a web of digital phony storefronts — and more — that engage in transaction laundering activities.
Fraudsters, aware of the scope of the Payment Card Industry data security standards, increasingly deploy fraud methods that fall outside of PCI safety.
Recent findings that Australian businesses are failing to test their IT security adequately – or even at all, in some cases – highlight a major business risk that is being exacerbated by the inability of many IT practitioners to think like outside intruders, a security expert has warned.
Microsoft quietly patched the Mac OS X client for Skype in October, closing a backdoor that could have existed for as long as a decade and would have allowed attackers to control many aspects of the software, security-services firm Trustwave said on Dec. 14.
Managed security services demand is an opportunity being examined in the U.S., but it seems the opportunity for channel partners offering these services has reached a global scale.
A report by US-based security firm Trustwave has found that one in seven Australian businesses are failing to conduct frequent security testing despite believing that it is critical in securing their systems and data.
It may have started as a guideline for protection of credit-card information, but the payment card industry’s PCI DSS (Payment Card Industry Data Security Standard) is rapidly gaining a following across other industries as a more general framework for data security.
Contact centre agents should be warned about allowing alleged customers sending them email with attachments after a security vendor discovered a new wave of attacks against three customers including North American hospitality companies, attacks similar to ones from the Eastern European based Carbanak crime group.
Hotel and restaurant chains, beware. A notorious cybercriminal gang is tricking businesses into installing malware by calling their customer services representatives and convincing them to open malicious email attachments.
The Carbanak cybercrime gang, best known for allegedly stealing $1 billion from financial institutions worldwide, have shifted strategy and are targeting the hospitality and restaurant industries with new techniques and malware.
Singapore Telecommunications is tapping into Japan's underserved cybersecurity market through a tie-up with Japanese system integration company TIS.
Trustwave is embarking on a new commitment to the channel with the hiring of channel veteran Jim Ritchings, tasked with driving indirect sales and revamping partner programs around security services.
On October 1, 2015, Visa and Mastercard changed the liability rules in the United States for fraudulent credit card purchases at card-present locations as an incentive for issuers and merchants to issue and accept EMV/chip-enabled cards.
Everyone loves to hate the Canada Revenue Agency. Unfortunately, criminals apparently love the tax man — they keep finding ways of leveraging Canadians’ fear of the agency to lure them into malware.
Technology overall is lagging behind - this can be positive as it allows specific countries to jump past the “legacy” phase of dated technology - but it can also be negative as it means that some issues are still waiting to happen.
Despite the reputation-damaging headlines that appear after a data breach, and even as companies themselves acknowledge the significance of network security preparedness, 20 percent of businesses have gone at least six months without any testing for security vulnerabilities, according to a new report.
Many businesses fail to conduct frequent security testing despite believing that it’s critically important to securing their systems and data.
Many businesses don't carry out frequent security testing despite believing that it's critically important to securing their systems and data, according to a new survey.
In a decade at the helm, Chua has grown Singtel into Southeast Asia’s largest telecommunications company, boasting $51 billion in market capitalization, and earnings of $2.8 billion last year—70% of which came from overseas operations.
Chicago's tech scene is positively booming — but by now, you've probably already heard that. If you're looking to get in on the action, there are so many innovative companies out there that it can be hard to know where to even begin the job search.
Sundown, a relatively new exploit kit (EK), is outsourcing panel and Domain Generation Algorithm (DGA) coding work and stealing exploits in an attempt to improve its presence on the EK scene.
Hackers hunt for them and governments around the world use them to carry out spy operations. What are zero-days and why are they increasingly valuable?
Trane's Comfortlink XL850 thermostat was vulnerable to hacking, making it possible for burglars to access customers' private data. A patch has been released.
Exploit Kits: Infiltrating the Ad Industry with Traditional Tactics Exploit kits are increasingly using the evil twin of an advertisement, a malvertisement, as a gateway to a web browser.
A researcher from the firm Trustwave warns that Trane ComfortLink smart thermostats suffer from a string of security woes, including hard coded administrator
Trustwave has appointed Chris Schueler as senior vice president of Managed Security Services.Schueler will be responsible for Trustwave Managed Security Services, the global network of Trustwave Advanced Security Operations Centers and Trustwave SpiderLabs incident response.
A cybersecurity company is moving its Canadian operations from Cambridge to Waterloo, and making space for dozens of new employees as it does so.
If you are young and love to hack, there are opportunities abounding for you to showcase your talents. This fall the ITA Tech Challenge, a programming and coding skills competition for students at targeted Midwest universities, hosts its 7th annual competition.
Often, the phrase “data breach” conjures up images of code-cracking hackers in far-flung locations. In fact, many data breaches are the result of activities much closer to home
More than a million jobs in the cybersecurity industry are vacant around the world, according to labor statistics cited in a 2016 report funded by Trustwave, one of the largest cybersecurity firms with over 3 million clients in 96 countries.
The cybersecurity industry is facing a major shortage of expertise, with industry estimates suggesting that more than one million unfilled security jobs exist worldwide.
Coping with Malware-as-a-Service and other emerging security challenges has become a huge problem. Here's a look at some of the latest cyber-security trends.
The 10 products we tested in this review go beyond proactive monitoring and endpoint protection and look more closely at threats. They evaluate these threats in a larger ecosystem, combining the best aspects from network intrusion detection and examining the individual process level on each computer.
No longer are business email compromise scams just about getting organizations to send money; now some such attacks are sending fraudulent CEO emails to deliver malware payloads.
Lenovo has fixed two high severity vulnerabilities in its Lenovo Solution Center support tool that is preinstalled on many laptop and desktop PCs.
That ransomware is a problem cannot be doubted. Whether the current level of media coverage, fuelled by vendor press releases, is doing more harm than good is more open to debate..
Market forces are beginning to have an effect on zero days, evidenced by a new drop in the price of a significant zero-day.
Trustwave and CounterTack recently announced a new alliance to help businesses minimize the impact of data security breaches by speeding incident...
Part of the secret sauce behind current-day Chicago's success as a tech ecosystem is its long history of fostering innovative tech companies backed by solid business fundamentals. In fact, many of Chicago's biggest tech companies are over 20 years old.
A zero-day being sold on the Russian cybercriminal underground "could affect almost all Windows machines on the planet." If the local privilege escalation (LPE) vulnerability truly does exist in all versions of Microsoft Windows, from Windows 2000 up to Windows 10, then it could potentially impact "over 1.5 billion Windows users."
How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows?
Cybercrime is one of the most talked-about and least understood topics in the news today, but the truth is that cybercrime operates much like any legitimate business. There are integrated marketing campaigns, risk and cost analysis, R&D, even Black Friday deals--all of the things you would normally associate with any company trying to win over customers.
Data breaches are inevitable, companies large and small are getting attacked, and those same companies under attack are failing to detect and deal with numerous threats. This paints a worrying picture of today's data landscape.
Trustwave found that the pressure on practitioners is growing, a cyber-security skills gap is becoming worse, and assembling the right strategy and collection of solutions is more difficult than ever. Consequently, the things security professionals most fear as a result of a breach are damage to the company's reputation and finances, and losing their job.
The PCI Data Security Standard version 3.2 not only includes new requirements to safeguard payment data, including multifactor authentication, but also “advocates that organizations focus on people, process and policy, with technology playing an important role in reducing the overall cardholder data footprint.”
Cyber criminals are increasingly making use of malware-as-a-service, an issue of concern given that 97% of applications tested by Trustwave in 2015 had at least one vulnerability, note findings from the 2016 Trustwave Global Security Report.
Cyber crime is an increasingly serious business and a new report released by Trustwave looks at the top trends from the past year based on real-world data from data breach investigations.
Contrary to popular belief, cybercriminals are not all solo-operating, pizza-eating basement dwellers. Cybercrime is a global business with sky-high margins, and many of the most popular tools used by cybercriminals are developed by professional (though shady) software and services companies competing for market share.
Data breaches affecting corporate and internal networks increased considerably in 2015 compared to the previous year, according to the 2016 Global Security Report published by Trustwave on Tuesday.
Cybercrime continues to be a moneymaker, but whom hackers target — and how — is changing, according to a report on trends in cybersecurity released Tuesday by Chicago-based firm Trustwave.
Data about cybercrime appears to grow worse and the warnings more apocalyptic. Yet the Trustwave Global Security Report, released Tuesday, offers some small nuggets of hope.
Karl Sigler is threat intelligence manager at Chicago-based cybersecurity company Trustwave. Sigler said the team tests the USB attack frequently — they drop USBs in the parking lot, the bathroom, the lobby — and it’s almost guaranteed that someone will plug them in.
Badlock was announced with much fanfare on 22 March with a dedicated domain and webpage, a cool icon and a codename, but there were no details about the nature of the bug.
Collectively, the so-called "Badlock" vulnerability, would allow an attacker to listen in on traffic, trigger a session downgrade, and hijack a session. Simply put, an attacker may be able to reveal user passwords and other sensitive information on an affected server.
Badlock is actually a series of vulnerabilities, including CVE-2016-2118 in Samba and CVE-2016-0128 on Windows. The vulnerabilities could potentially enable man-in-the middle (MITM) as well as denial-of-service (DoS) attacks against vulnerable Windows or Samba users.
“I can’t say that this vulnerability rises to any level that deserves the focus that a dedicated website and three weeks of buildup have given Badlock,” Karl Sigler wrote on Trustwave’s web site.
The pressure is on for IT departments to secure businesses’ digital assets, but the enterprise seems to have trouble keeping up. The 2016 Security Pressures Report from Trustwave shows how to tackle the various factors affecting security challenges.
Security experts warn companies need to brace for new harder-to-detect and more determined variants of the Locky ransomware spotted recently in the wild. The news comes just as reported Locky ransomware attacks have waned in recent weeks.
The sheer quantity of digital information available today makes storing, organizing and analyzing data extremely difficult. The issue is compounded by the fact that databases and big data stores are a prime target for hackers due to the amount of sensitive information residing within.
Lawrence Munro weighs in on the perils of hiring ex-hackers, after a notorious former member of LulzSec becomes a legitimate security advisor.
If you missed the March 17-issued patch for shopping cart application Zen Cart, get busy, because among other things it fixed serious cross-site scripting (XSS) vulnerabilities. Trustwave, which turned up the bug last September, made it public last Friday.
Most of us are familiar with ransomware, at least in theory, if not from personal experience, but other than complaints of paying for data held hostage, we haven’t seen how damaging ransomware can be.
In a blog post on Friday, Trustwave researchers from the SpiderLabs Research team said the company discovered multiple XSS-based vulnerabilities in the application and have been working with Zen Cart since September 2015 to fix a swath of bugs.
Oliver Pinson-Roxburgh, systems engineering manager for EMEA at Trustwave, looks at some of the steps hospitality business owners can take to protect their hotels, restaurants and pubs from the increasing risk of cyber crime.
Zen Cart on Friday released an updated version of the popular online open source shopping cart application to address multiple Cross-Site Scripting (XSS) vulnerabilities. The security issues were discovered by Trustwave and are said to affect Zen Cart 1.5.4 and potentially prior versions.
It's generally accepted that hackers are smart and sneaky, but we got another big reminder last weekend when several major sites, including the New York Times, BBC, MSN, Answers.com, AOL.com and thousands of other sites were used to serve malicious ads.
Brian Hussey, global director of incident response and computer forensics at Trustwave, is a volunteer mentor with LifeJourney, which helps students test drive careers in cybersecurity.
Malvertising is the use of malicious adverts to spread malware. Many Internet domains rely on adverts supplied by third-party ad networks in order to generate enough revenue to stay afloat, and unfortunately, sometimes fraudulent and fake adverts slip through the net.
Analysis by Trustwave researchers suggested the attack managed to put ads on so many sites because the perpetrators behind it gained ownership of a web domain that used to supply legitimate adverts.
Mainstream websites are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.
Security vendor Trustwave detected a large malvertising campaign involving the Angler exploit kit, a software package that probes a computer for software vulnerabilities in order to deliver malware.
Trustwave says it has discovered an advertising campaign that has succeeded in putting ads that redirect to the Angler exploit kit on to “very popular websites” around the world.
Over the past 30 days, Trustwave experts said they recorded concentrated bursts of ransomware activity and at one point a peak of 200,000 emails hit their servers in a single hour.
The Dridex botnet operators have recently changed the delivery mechanism in their spam campaigns, as well as the payload, to deliver the Locky ransomware, researchers at Trustwave warn.
Trustwave reported that a version of Locky produced two weeks ago is now the second most prevalent form of ransomware it sees. The US, France and Japan were the top targets for the gang behind Locky, statistics suggested.
Locky, a new family of ransomware that emerged in the last few weeks, has quickly made a mark for itself. Trustwave said on Wednesday that 18 percent of 4 million spam messages it collected in the last week were ransomware-related, including many linked to Locky.
Business decisions are driving the adoption of cloud computing. Often, however, decisions to move to the cloud are made without considering the security risks associated with it, and information security teams are bypassed.
Researchers from Trustwave pointed out an exploit during the regular Patch Tuesday blog, which would allow attackers to execute code with kernel privileges by inserting a specially crafted USB device into the target computer.
MSPs are pushing beyond traditional services such as patch and firewall management as they look to stand out from other companies offering managed IT security services.
As the need for enterprise data and technology grows, it only widens the skills gap for security professionals. That means, security professionals are feeling the pressure to get more done with less.
A shortage of security expertise is now the third biggest pressure security professionals face, up from eighth last year, according to a new report. Advanced security threats and the adoption of emerging technologies are the two concerns ahead of the shrinking pool of security experts.
Extendoffice.com has fixed a security hole in its site that was redirecting thousands of users to the Angler exploit kit which was dropping TeslaCrypt ransomware.
On Wednesday, a California hospital announced that it had paid hackers a ransom in bitcoin — an anonymous digital currency — to regain access to their locked systems. For almost a week, the hospital was thrown into the dark ages, relying on paper charts and fax machines to care for its patients.
Cybersecurity experts worry that the $17,000 a Los Angeles hospital paid hackers to regain control of its computers could signal a troubling escalation of the growing "ransomware" threat.
Hospital staff noticed on Feb. 5 that they couldn’t share communications electronically. Using an attack called ransomware, attackers locked down that system to make it unusable and demanded 40 bitcoins, equivalent to about $17,000, to bring it back.
The number of IT professionals who already utilize or plan to utilize a managed service provider for their security needs has risen over the past year due to mounting pressure to secure enterprise assets and a general lack of in-house security expertise.
A new study looking at the various pressures on IT security professionals has found that many are on the rise, especially those related to dealing with the board and with having enough skilled employees.
The report, based on a survey of 1,414 in-house information security professionals, found that 63 percent of infosec professionals felt more under pressure in doing their jobs, and 65 percent said that it would get worse in the year ahead, up 9 and 8 percent respectively compared to last year.
IT security professionals are feeling the pressure from the explosion in cyberthreats, static security budgets, shortage of security expertise, and fear of losing their jobs in the aftermath of a breach.
The Security Pressures Report from Trustwave, now in its third year, explored the professional and personal pressures faced by cybersecurity professionals in the U.S., Canada, U.K., Australia, and Singapore (Professionals in Australia and Singapore were added to the survey this year).
The developers of the Neutrino exploit kit have added a new feature designed to reduce exposure to automated scans and security researchers’ analysis attempts. Researchers at Trustwave discovered the new feature after observing a drop in Neutrino exploit kit instances in their lab environment.
Trustwave's SpiderLabs division found computers they were using for research couldn't make a connection with servers that delivered the Neutrino exploit kit.
Jonathan Yarema's mom likes knitting -- not computers. But she figured out something was wrong with a shopping website she visited because her son warned her to look for the padlock icon in the upper-left corner of the website.
As more things connect to the Internet, it seems security is taking a back seat to cost for manufacturers. Manufacturers do not want to shoulder the cost of putting security implements in their products to keep production cost low, thus resulting in unsecured devices.
Trustwave’s CTO Larry Podmolik, whose tenure at the cybersecurity giant began over eight years ago, leads a rockstar tech team who have built products and services that millions of businesses the world over depend on to secure their information and assets.
With firewalls no longer seen as enough of a defense against security breaches, companies are looking at new tools to foil hackers trying to enter a computer network.
Char Yarema is of the generation of parents who did not grow up using technology, so her son, Jonathan Yarema, security consultant at Trustwave, has impressed upon her the importance of using caution and patience when surfing the web.
Demand is up for these 10 professions, which land at the top of the Bureau of Labor Statistics' ranking for growth over the next decade. The hottest industries, no surprise, are health care and tech.
The Payment Card Industry Data Security Standard (PCI DSS) is one of the key components of security compliance, and it's set to improve in 2016. Among the areas of PCI DSS focus for the new year will be improved guidance on how organizations can comply with requirement for continuous monitoring and logging.
Data center costs shouldn’t factor into your budget the same way it did last year, when outsourcing certain functions could add savings and security.
Canadian businesses can take two months to detect a breach due to a lack of tools and resources, according to the 2015 Trustwave Global Security Report.