CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

New Trustwave SpiderLabs Research Exposes Unique Cybersecurity Threats Facing Education Industry

Chicago – February 22, 2024Trustwave, a leading cybersecurity and managed security services provider, today released comprehensive research uncovering unique cybersecurity threats faced by education institutions. The report, “2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,” explores industry-specific risks and equips cybersecurity leaders in the education sector with actionable insights and strategies to strengthen their defenses.

Primary school systems handle sensitive data concerning minors, while higher education institutions must safeguard intellectual property data, making them prime targets for cyberattacks. These attacks not only threaten the safety and security of teachers and administrators, but they put the privacy of students, staff, and other associated entities at risk.

Trustwave SpiderLabs' latest research delves into the attack flow employed by threat groups, shedding light on their tactics, techniques, and procedures. The education sector faces significant cybersecurity risks, ranging from job offer scams targeting students to the critical exposure of networked devices due to vulnerabilities in public-facing applications.

“The education sector faces an incredible challenge in navigating a diverse and fluid attack surface with increasing financial pressures, leaving little room for error as digital leaders aim to sustain resilience to threats,” said Trustwave CISO Kory Daniels. “Student, staff, alumni, and professor data each provide different lures and motivators for threat actors to maliciously target the institution, or the individuals affiliated. Our latest threat briefing serves as a vital resource for cyber defenders, equipping them with actionable insights in navigating the latest threats and defenses of their students, staff, and data.”

The Trustwave SpiderLabs report analyzes threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. A few key findings from the report include:

  • The threat group LockBit accounted for 30% of ransomware incidents targeting the education sector.
  • Apache Log4j (CVE-2021-44228) continues to be the most common exploit attempt against educational institutions, accounting for 74% of attempts.
  • There is significant exposure of critical systems and devices with 1.8M devices related to the education industry being publicly exposed.

To access the full Trustwave SpiderLabs threat report, "2024 Education Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies," please click here.

 

About Trustwave

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats.

Trustwave’s comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes its client’s cyber investment, and improves security resilience. Trusted by thousands of organizations worldwide, Trustwave leverages its world-class team of security consultants, threat hunters, and researchers, and its market-leading security operations platform to decrease the likelihood of attacks and minimize potential impact.

Trustwave is an analyst-recognized leader in managed detection and response (MDR), managed security services (MSS), cyber advisory, penetration testing, database security, and email security. The elite Trustwave SpiderLabs team provides industry-defining threat research, intelligence, and threat hunting, all of which are infused into Trustwave services and products to fortify cyber resilience in the age of inevitable cyber-attacks.

For more information about Trustwave, please visit: https://www.trustwave.com/en-us/.

 
Contact

Devon Swanson
devon.swanson@trustwave.com

Latest News Releases

Trustwave Named a Major Player in New IDC MarketScape on Worldwide Cybersecurity Consulting Services

CHICAGO – April 3, 2024 – Trustwave, a leading cybersecurity and managed security services provider, was named a Major Player in the IDC MarketScape: Worldwide Cybersecurity Consulting Services 2024...

Read More

Trustwave Adds Threat Intelligence as a Service to its Offensive Security Offering Portfolio

CHICAGO – April 2, 2024 – Trustwave , a global cybersecurity and managed security services leader, today announced the launch of Trustwave Threat Intelligence as a Service (TIaaS). Trustwave TIaaS...

Read More

Trustwave Welcomes General Availability of Microsoft Copilot for Security

Chicago — April 1, 2024 — Trustwave, a leading cybersecurity and managed security services provider, today celebrates the general availability (GA) of Microsoft Copilot for Security. Trustwave was a...

Read More