Trustwave Launches New Cyber Risk Assessment Tool
August 06, 2021
Trustwave launched a first-of-its-kind cyber supply chain assessment solution for enterprises and SMBs in the Pacific region.
Warning: Telegram Self-Destruct Messages Don’t Always Destroy Everything
August 05, 2021
Researchers with Trustwave SpiderLabs warn Telegram users of two privacy flaws found in the Self-Destruct feature of Telegram MacOS.
Telegram for Mac bug lets you save self-destructing messages forever
August 05, 2021
New bugs discovered by Reegun Richard Jayapaul, Trustwave SpiderLabs' Lead Threat Architect, allow Telegram for Mac users to save self-destructing messages and attachments forever.
MacOS Flaw in Telegram Retrieves Deleted Messages
August 05, 2021
Reegun Richard Jayapaul, Trustwave SpiderLabs Lead Threat Architect, discovered the flaw in the Self-Destruct feature of Telegram MacOS, which is part of the Secret-Chats aspect of the messaging app that uses end-to-end encryption.
14 Top Cybersecurity Trends To Expect At Black Hat Conference
August 03, 2021
Bill Rucker, president at Trustwave Government Solutions discusses why a zero-trust approach is vital to ensure that sensitive data doesn’t become vulnerable.
What To Do After a Ransomware Attack [Q&A]
July 26, 2021
Ed Williams, EMEA director of Trustwave SpiderLabs, discusses how organizations should respond after the aftermath of a ransomware attack.
Trustwave Joins CISA’s Cyber Information Sharing and Collaboration Program
July 26, 2021
Trustwave Government Solutions, the wholly-owned subsidiary of Trustwave Holdings, Inc., joined the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Information Sharing and Collaboration Program (CISCP).
Top Enterprises are Normalising Data Leaks
July 20, 2021
In this podcast, Derek Taylor, Vice President, EMEA Head of Consulting & Professional Services, discusses the danger of the normalisation of data leaks.
Rising Email Threats Require an Evolution in Business Defences
July 15, 2021
Ziv Mador, VP of Security Research at Trustwave SpiderLabs, explores the changing nature of email threats and outlines some of the best ways of combating them.
Why It’s So Difficult To Bring Ransomware Attackers to Justice
July 08, 2021
Trustwave SpiderLabs research on the Kaseya ransomware attack was featured by CNN.
Code in Huge Ransomware Attack Written To Avoid Computers That Use Russian Says New Report
July 07, 2021
Trustwave SpiderLabs released a new threat analysis blog on the Kaseya ransomware attack, which was featured by NBC.
Phishing attack's unusual file attachment is a double-edged sword
June 24, 2021
In a new report by Trustwave, researchers explain how a threat actor has begun to utilize WIM (Windows Imaging Format) attachments to distribute the Agent Tesla remote access trojan.
VPN exploitation rose in 2020 organizations slow to patch critical flaws
June 18, 2021
Remote access made business continuity possible throughout the pandemic. But according to Trustwave's 2021 Network Security Report, VPN exploitation rose as hackers scanned for unpatched VPNs, including easily exploitable vulnerabilities.
Thousands of publicly accessible VMware vCenter Servers vulnerable to critical flaws
June 15, 2021
Trustwave researchers found that thousands of VMWare vCenter servers that are reachable from the internet remained vulnerable to attacks, even after VMware released patches for this critical vulnerability.
Thousands of VMware vCenter Servers Remain Open to Attack Over the Internet
June 15, 2021
Trustwave researchers discovered thousands of instances of VMware vCenter Servers with two recently disclosed vulnerabilities that remained publicly accessible on the Internet three weeks after the company urged organizations to immediately patch the flaws.
Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched
June 15, 2021
Trustwave have warned that thousands of internet-facing VMWare vCenter servers still harbor critical vulnerabilities weeks after patches were released.
REvil Hits US Nuclear Weapons Contractor: Report
June 11, 2021
David Bishop, CISO at Trustwave, explains the need for more serious repercussions for attacks like the recent REvil attack on Sol Oriens, a government contractor that works for the DOE on nuclear weapons issues.
Bad building blocks: a new and unusual phishing campaign
June 05, 2021
Karl Sigler of Trustwave's SpiderLabs joins host Dave Bittner to talk about Trustwave’s research: ""Hidden Phishing at Free JavaScript Site,"" which details an email phishing campaign containing malicious attachments.
Huawei fixes serious LTE USB stick security flaw
June 04, 2021
Trustwave have discovered a code execution vulnerability in one of Huawei’s LTE USB dongles.
The normalization of data leaks and the privacy paradox [Q&A]
May 10, 2021
Derek Taylor, Lead Principal Security Consultant at Trustwave, explains why we shouldn't accept data breaches as the norm and how the user’s privacy calculus around data disclosure decisions can easily be manipulated.
The pen testing guide you never thought you needed until now…
May 07, 2021
Ed Williams, Director EMEA of SpiderLabs, Trustwave, shares his essential guide to penetration testing, helping businesses invest in the right security strategy.
New Pingback Malware Using ICMP Tunneling to Evade C&C Detection
May 04, 2021
Trustwave SpiderLabs discovered a novel malware that uses a variety of tricks to stay under the radar and evade detection while stealthily capable of executing arbitrary commands on infected systems.
Tax email text scams to watch out for
April 20, 2021
Ziv Mador, VP of Security Research, Trustwave SpiderLabs, encourages taxpayers to be wary of email phishing tax scams, showing examples of how fraudsters can lure victims into sharing personal information.
Fraudsters Use HTML Legos to Evade Detection in Phishing Attack
April 08, 2021
Trustwave SpiderLabs researchers warn Microsoft 365 users of a phishing campaign that employs ""HTML Lego"" to deliver a fake login page.
Hafnium’s China Chopper: a ‘slick’ and tiny web shell for creating server backdoors
March 15, 2021
Trustwave SpiderLabs provides insight into China Chopper, a web shell used by the state-sponsored Hafnium hacking group.
This crafty email scam smuggles malware behind .zipx files
March 13, 2021
Trustwave SpiderLabs researchers identify a new email scam that applies a number of crafty techniques to bypass security filters and infect victims with NanoCore malware.
More exploitable flaws found in SolarWinds software says cybersecurity firm
February 03, 2021
Ziv Mador, VP of Security Research, discusses the importance of the three new and severe vulnerabilities in SolarWinds products found by Trustwave and the need for organizations to implement a strong penetration testing strategy.
‘Severe’ SolarWinds Vulnerabilities Allow Hackers To Take Over Servers
February 03, 2021
Forbes details the latest SolarWinds product vulnerabilities discovered by Trustwave and protection recommendations.
4 ways to minimize the risk of IT supply chain attacks
January 25, 2021
Mark Whitehead, Global Vice President, SpiderLabs Consulting at Trustwave breaks down the importance of taking a zero-trust cybersecurity approach when it comes to protecting networks and data accessible by third-party partners.
This new phishing attack uses an odd lure to deliver Windows trojan malware
January 06, 2021
Trustwave discovered a new phishing campaign that attempts to lure victims into downloading malware that gives cybercriminals full control over infected Microsoft Windows machines.