Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

On September 26, 2024, security researcher Simone Margaritellidisclosed the details of four ...

Read More

Shedding Light on Election Deepfakes

Contrary to popular belief, deepfakes — AI-crafted audio files, images, or videos that depict ...

Read More

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content

HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ ...

Read More

Why Do Criminals Love Phishing-as-a-Service Platforms?

Phishing-as-a-Service (PaaS) platforms have become the go-to tool for cybercriminals, to launch ...

Read More

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season

The US election is less than 70 days away and threat actors are busy crafting malicious spam that ...

Read More

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media

With the US election on the horizon, it’s a good time to explore the concept of social media ...

Read More

Trustwave SpiderLabs Research: 20% of Ransomware Attacks in Financial Services Target Banking Institutions

The 2024 Trustwave Risk Radar Report: Financial Services Sector underscores the escalating threat ...

Read More

Exploring an Experimental Windows Kernel Rootkit in Rust

Around two years ago, memN0ps took the initiative to create one of the first publicly available ...

Read More

Hypervisor Development in Rust for Security Researchers (Part 1)

In the ever-evolving field of information security, curiosity and continuous learning drive ...

Read More

Your Money or Your Data: Ransomware Readiness Planning

Today’s blog installment brings us to the end of our 30-week journey that covered 30 cybersecurity ...

Read More

Exposed and Encrypted: Inside a Mallox Ransomware Attack

Recently, a client enlisted the support of Trustwave to investigate an unauthorized access incident ...

Read More

The Willy Wonka World of Application Security Defenses

One doesn’t have to be a magician to understand how to track the hundreds, if not thousands, of ...

Read More

The Bug Stops Here: Using DevSecOps Workflows for Pest-Free Applications

Developers and cybersecurity have an interesting relationship. Developers have no problem with ...

Read More

Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928

In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It ...

Read More

Trustwave Rapid Response: Mitigate Windows TCP/IP RCE Vulnerability (CVE-2024-38063)

Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that ...

Read More

The Art of Deception: Turning the Tables on Attackers with Active Defenses

Once an attacker enters your network, one of their first actions will be to try and hide their ...

Read More

Sentinels of Ex Machina: Defending AI Architectures

The introduction, adoption, and quick evolution of generative AI has raised multiple questions ...

Read More

SYS01 Infostealer and Rilide Malware Likely Developed by the Same Threat Actor

Drawing on extensive proprietary research, Trustwave SpiderLabs believes the threat actors behind ...

Read More

Multiple Cross-Site Scripting (XSS) Vulnerabilities in REDCap (CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396)

Trustwave SpiderLabs uncovered multiple stored cross-site scripting (XSS) vulnerabilities ...

Read More

Knowing your Enemy: Situational Awareness in Cyber Defenses

Most homeowners know that a lock is a good idea as a basic defense against invaders, and leaving ...

Read More

Cloudy with a Chance of Hackers: Protecting Critical Cloud Workloads

If you've been following along with David's posts, you'll have noticed a structure to the topics: ...

Read More

Trustwave Rapid Response: CrowdStrike Falcon Outage Update

Trustwave is proactively assessing and monitoring our clients who may have been impacted by ...

Read More

Using AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys

When working with Amazon Web Services (AWS), we often find that various AWS services need to store ...

Read More

Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01

The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use ...

Read More

Tips for Optimizing Your Security Operations Framework

Building an effective Security Operations framework that provides the right balance of people, ...

Read More

Network Isolation for DynamoDB with VPC Endpoint

DynamoDB is a fully managed NoSQL database service offered by Amazon Web Services (AWS). It is ...

Read More

The Underdog of Cybersecurity: Uncovering Hidden Value in Threat Intelligence

Threat Intelligence, or just TI, is sometimes criticized for possibly being inaccurate or outdated. ...

Read More