Multiple security flaws let hackers infiltrate D-Link routers
December 17, 2020
Five major vulnerabilities have been discovered affecting D-Link routers by cybersecurity researchers working as part of Trustwave’s SpiderLabs team.
Security Automation: Time for a new playbook
December 16, 2020
Jesse Emerson, VP of Managed Security Services at Trustwave talks security automation in the cloud and IoT era.
Trustwave’s Bill Rucker: Agencies Need Unified Platform to Ensure Security of Mission-Critical Data
December 15, 2020
Bill Rucker, president of Trustwave Government Solutions discusses security in cloud and on-prem environments and the importance of unified platforms.
Hackers can use WinZip insecure server connection to drop malware
December 10, 2020
Trustwave SpiderLabs discovers a security vulnerability in WinZip 24 that could lead to a malware infection.
What's in Store for Privacy in 2021
November 24, 2020
Changes are coming to the privacy landscape, including more regulations and technologies.
Messaging app Go SMS Pro exposed millions of users’ private photos and files
November 19, 2020
Go SMS Pro, one of the most popular messaging apps for Android, is exposing photos, videos and other files sent privately by its users.
This messaging app uploads every file you send to the internet which is bad
November 19, 2020
Messaging app Go SMS Pro, which has over 100 million installs from the Google Play store, has a massive security flaw that potentially allows people to access the sensitive content you’ve sent using the app.
Encryption Vulnerabilities Allow Hackers to Take Control of Schneider Electric PLCs
November 12, 2020
A total of four vulnerabilities were discovered in Modicon M221 PLCs by researchers at industrial cybersecurity firm Claroty. Three of them were identified independently by employees of cybersecurity company Trustwave.
Survey: Cybersecurity Skills Shortage is ‘Bad’ But There’s Hope
November 02, 2020
Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.
Cybersecurity Company Finds Hacker Selling Info on 186 Million U.S. Voters
October 21, 2020
A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million.
Iran and Russia Seek to Influence Election in Final Days U.S Officials Warn
October 21, 2020
Iran and Russia have both obtained American voter registration data, top national security officials announced late on Wednesday, providing the first concrete evidence that the two countries are stepping in to try to influence the presidential election as it enters its final two weeks.
Hybrid Cloud is Driving Digital Transformation
October 21, 2020
The hybrid cloud model is increasingly used in digital transformation and data storage according to a new report from Trustwave. Of over 950 IT professionals surveyed, 55 percent use both on-premises and public cloud to store data with 17 percent using public cloud only.
Open Source Threat Intelligence Searches for Sustainable Communities
October 07, 2020
As long as a community is strong, so will be the intelligence it shares on open source feeds. But if that community breaks down ...
Spammers Add Random Text to Shortened Links to Evade Detection
October 01, 2020
Spammers are using a new technique of generating URLs to evade detection by humans and spam filters alike. This technique comprises adding random, unused text bits to shortened links, to disguise them as full-sized URLs and bypass the scrutiny of email gateways.
Spammers Use Hexadecimal IP Addresses To Evade Detection
September 18, 2020
A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk in RFC791 — a standard that describes the Internet Protocol (IP).
Trustwave Fusion Platform Launches on AWS GovCloud
September 16, 2020
Threat detection and response services provider Trustwave has launched its Trustwave Fusion platform on Amazon Web Services GovCloud – letting Federal agencies and government contractors take advantage of the cloud-native cybersecurity platform to combat ever-changing security threats.
How a CISO’s Approach To Security Strategy Can Be Shaped by Philosophy
September 15, 2020
“Philosophy?” the conversation usually begins – “that’s an odd background for cybersecurity, isn’t it?” “Funnily enough,” comes my well-rehearsed reply, “not at all”. I have been surprised how often the skills of one field can be easily applied to the other.
Contactless Credit Card Popularity Soars During Pandemic but Stay Vigilant for Scammers
September 11, 2020
Contactless credit cards have become an extremely popular way to pay during the COVID-19 pandemic, according to industry experts. The technology allows you to wave your credit and debit cards over a device and pay without touching anything at the register. But consumers should still be vigilant for scammers.
Shared Memory Vulnerability in IBM's Db2 Database Could Let Nefarious Insiders Wreak Havoc
August 21, 2020
A bug-hunter has uncovered a vulnerability in IBM's popular enterprise database which, if left unpatched, could allow a local user to access data and kick off a denial-of-service attack.
Experts Reported Security Bug in IBM's Db2 Data Management Software
August 20, 2020
Cybersecurity researchers today disclosed details of a memory vulnerability in IBM's Db2 family of data management products that could potentially allow a local attacker to access sensitive data and even cause a denial of service attacks.
Businesses Opt to Outsource Cybersecurity Services
August 20, 2020
According to research, there is a lack of in-house expertise in the area of digital risk protection – the ability to monitor risks, threats and breaches outside the network. The research found 80% of respondents stated their teams lack skills and knowledge in this area.
Hackers Can Abuse Microsoft Teams Updater to Install Malware
August 05, 2020
Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location.
Microsoft Teams Vulnerable to Patch Workaround Researchers Report
August 05, 2020
Security researchers have discovered a way to use the Microsoft Teams Updater to download malware, bypassing a patch released earlier this year and flying under security teams' radar.
Chinese Tax Software Hides Nasty Spyware
July 16, 2020
The cybersecurity firm Trustwave has released a new report detailing its discovery of a new type of malware hidden inside Chinese tax software.
Cybersecurity Firm Finds More Malware Hidden in Chinese Tax Software
July 14, 2020
Analysts at cybersecurity firm Trustwave say they have discovered a new type of malware they say was embedded in sales tax software — a different, older malicious tool than the previous one they found.
Malware Stashed in China-Mandated Software is More Extensive Than Thought
July 14, 2020
Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there’s evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China.
Trustwave Allows Partners To Resell Services For The First Time
July 08, 2020
Trustwave is for the first time allowing VARs, MSPs and agent partners to directly resell the company’s managed threat detection and response and professional services.
Spyware Hidden in Chinese Tax Software Was Probably Planted by a Nation-State Say Experts
June 25, 2020
The tax software was legitimate, but embedded inside it was a nasty surprise, according to a new report by a private security firm: A sophisticated piece of malware that gave attackers complete access to the company's network.
Hidden Back Door Embedded in Chinese Tax Software Firm Says
June 25, 2020
When a U.K.-based technology vendor started doing business in China, it hired a cybersecurity firm to proactively hunt for any digital threats that could arise as part of doing business in the country. The firm discovered a problem, one with such major implications that it alerted the FBI.
Malware found in Chinese tax program may have been targeting Ministry of Defence
June 25, 2020
A US cyber security firm has discovered a new form of malware potentially targeting foreign companies operating in China, which has been embedded in compulsory tax software and installs a hidden backdoor to allow remote access to computer systems.