Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.
When conducting Red Team engagements, more than one Command and Control (C2) framework would typically be used as part of our delivery process and methodology. We would be..
In the ever-evolving landscape of malware threats, threat actors are continually creating new techniques to bypass detection. A recent discovery by JPCERT/CC sheds light on a new..
The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying..
In our previous blog, we found a lot of phishing and scam URLs abusing Cloudflare services using pages.dev and workers.dev domains, respectively. We’re now seeing a lot of..
Introduction In the realm of cybersecurity, danger hides where we least expect it and threats never, ever, go out of style!
In this blog post, we will explore how the computer security landscape has expanded to reach below the operating system levels, aiming to address areas that are often overlooked..
QR Codes, the square images that contain coded information that can be scanned by a smartphone, are becoming increasingly popular. With the number of smartphone users reaching..
As the world shifted into remote work and distant learning during the pandemic lockdown, e-commerce accelerated as more consumers turned to online shopping apps and websites...
Business Email Compromise (BEC) remains a lucrative threat vector for attackers. The FBI’s IC3 reported that in 2022, they received 21,832 complaints with adjusted losses of over..
Introduction Recently, we’ve seen a noticeable surge in malware cases linked to a malicious payload delivery system known as Gootloader. The group behind this malware is believed..
Trustwave SpiderLabs discovered a new version of the Rilide Stealer extension targeting Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera. This..
Intro Since Redis is becoming increasingly popular around the world, we decided to investigate attacks on the Redis instance. We didn’t have to wait long for the first results of..
Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector
The healthcare sector has been under constant threat from cybercriminals due to the sensitive nature of patient data and the valuable information held by healthcare providers...
ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. This blog post discusses an issue with four transformation actions that could enable a..
In their latest report titled "Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape," the Trustwave SpiderLabs team reveals the data..