Trustwave achieves verified MXDR solution and FastTrack ready partner status from Microsoft. Learn More

Request a Demo

Trustwave achieves verified MXDR solution and FastTrack ready partner status from Microsoft. Learn More

Request a Demo
Services
Capture
Managed Detection & Response

Eradicate cyberthreats with world-class intel and expertise

twi-cloud-lock-color-svg
Managed Security Services

Expand your team’s capabilities and strengthen your security posture

twi-briefcase-color-svg
Consulting & Professional Services

Tap into our global team of tenured cybersecurity specialists

twi-dashboard-color-svg
Penetration Testing

Subscription- or project-based testing, delivered by global experts

twi-database-color-svg
Database Security

Get ahead of database risk, protect data and exceed compliance requirements

twi-email-color-svg
Email Security & Management

Catch email threats others miss with layered security & maximum control

twi-managed-portal-color
Co-Managed SOC (SIEM)

Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
A focus on threat detection and response
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Researchers, ethical hackers and responders
Trustwave Fusion Platform
Unprecedented security visibility and control
SpiderLabs Fusion Center
Our cybersecurity command center
Security Operations Centers
Distributed worldwide defense nodes
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
BLOGS

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Amazon (AWS) S3 Bucket Take Over

Let’s try something a bit different and take a look at some of Trustwave SpiderLabs’ Open Source Intelligence (OSINT) research findings, and exploitation of vulnerable buckets and..

Read More

Multiple Command and Control (C2) Frameworks During Red Team Engagements

When conducting Red Team engagements, more than one Command and Control (C2) framework would typically be used as part of our delivery process and methodology. We would be..

Read More

Stealthy VBA Macro Embedded in PDF-like Header Helps Evade Detection

In the ever-evolving landscape of malware threats, threat actors are continually creating new techniques to bypass detection. A recent discovery by JPCERT/CC sheds light on a new..

Read More

To OSINT and Beyond!

Open-Source Intelligence (OSINT) can be valuable for an organization and penetration testing engagements in several ways. Today, let me highlight two areas: Leaked Credentials and..

Read More

Trustwave SpiderLabs Releases Actionable Cybersecurity Intelligence for the Hospitality Industry

The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying..

Read More

A Bucket of Phish: Attackers Shift Tactics with Cloudflare R2 Public Buckets

In our previous blog, we found a lot of phishing and scam URLs abusing Cloudflare services using pages.dev and workers.dev domains, respectively. We’re now seeing a lot of..

Read More

Threat-Loaded: Malicious PDFs Never Go Out of Style

Introduction In the realm of cybersecurity, danger hides where we least expect it and threats never, ever, go out of style!

Read More

The Evolution of Persistent Threats: From Chernobyl to BlackLotus

In this blog post, we will explore how the computer security landscape has expanded to reach below the operating system levels, aiming to address areas that are often overlooked..

Read More

Think Before You Scan: The Rise of QR Codes in Phishing

QR Codes, the square images that contain coded information that can be scanned by a smartphone, are becoming increasingly popular. With the number of smartphone users reaching..

Read More

Behind the Invite: The Rise of Google Group Fake Order Fraud Emails

As the world shifted into remote work and distant learning during the pandemic lockdown, e-commerce accelerated as more consumers turned to online shopping apps and websites...

Read More

BEC Trends: Payroll Diversion Dominates and Sneaky Multi-Persona Attacks Emerge

Business Email Compromise (BEC) remains a lucrative threat vector for attackers. The FBI’s IC3 reported that in 2022, they received 21,832 complaints with adjusted losses of over..

Read More

Gootloader: Why your Legal Document Search May End in Misery

Introduction Recently, we’ve seen a noticeable surge in malware cases linked to a malicious payload delivery system known as Gootloader. The group behind this malware is believed..

Read More

WormGPT and FraudGPT – The Rise of Malicious LLMs

As technology continues to evolve, there is a growing concern about the potential for large language models (LLMs), like ChatGPT, to be used for criminal purposes. In this blog we..

Read More

New Rilide Stealer Version Targets Banking Data and Works Around Google Chrome Manifest V3

Trustwave SpiderLabs discovered a new version of the Rilide Stealer extension targeting Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera. This..

Read More

Honeypot Recon: New Variant of SkidMap Targeting Redis

Intro Since Redis is becoming increasingly popular around the world, we decided to investigate attacks on the Redis instance. We didn’t have to wait long for the first results of..

Read More

Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector

The healthcare sector has been under constant threat from cybercriminals due to the sensitive nature of patient data and the valuable information held by healthcare providers...

Read More

ModSecurity v3: DoS Vulnerability in Four Transformations (CVE-2023-38285)

ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. This blog post discusses an issue with four transformation actions that could enable a..

Read More

Cybersecurity in the Healthcare Industry: Trustwave SpiderLabs Report

In their latest report titled "Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape," the Trustwave SpiderLabs team reveals the data..

Read More