Trustwave SpiderLabs Report: LockBit 3.0 Ransomware Vs. the Manufacturing Sector
As the manufacturing sector continues its digital transformation, Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition..
Overview of the Cyberwarfare used in Israel – Hamas War
On October 7, 2023, the Palestinian organization Hamas launched the biggest attack on Israel in years, resulting in numerous casualties and hostages taken. Israel responded with a..
The 2023 Retail Services Sector Threat Landscape: A Trustwave Threat Intelligence Briefing
The annual holiday shopping season is poised for a surge in spending, a fact well-known to retailers, consumers, and cybercriminals alike. The latter group, however, is poised to..
Pwning Electroencephalogram (EEG) Medical Devices by Default
Overall Analysis of Vulnerability Identification – Default Credentials Leading to Remote Code Execution During internal network testing, a document was discovered titled the “XL..
Hidden Data Exfiltration Using Time, Literally
I was looking at my watch last week and my attention was moved towards the seconds over at the right of the watch face, incrementing nicely along as you’d expect. Now, I don’t..
Unveiling the CAPTCHA Escape: The Dance of CAPTCHA Evasion Using TOR
In this era, threat actors have proven to be tireless in their pursuit of exploiting vulnerabilities and gaining unauthorized access to online platforms using anything from simple..
HTTP/2 Rapid Reset
A recent vulnerability tracked as Rapid Reset (CVE-2023-44487) in the HTTP/2 protocol was recently disclosed by researchers and vendors. It was exploited in the wild from August..
2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies
Cyberattacks striking the financial services industry are more prevalent, dangerous, and hitting faster than ever.
Patch Tuesday, October 2023
Halloween is arriving and with it, Trustwave’s return to Patch Tuesday reports.
Amazon (AWS) S3 Bucket Take Over
Let’s try something a bit different and take a look at some of Trustwave SpiderLabs’ Open Source Intelligence (OSINT) research findings, and exploitation of vulnerable buckets and..
Multiple Command and Control (C2) Frameworks During Red Team Engagements
When conducting Red Team engagements, more than one Command and Control (C2) framework would typically be used as part of our delivery process and methodology. We would be..
Stealthy VBA Macro Embedded in PDF-like Header Helps Evade Detection
In the ever-evolving landscape of malware threats, threat actors are continually creating new techniques to bypass detection. A recent discovery by JPCERT/CC sheds light on a new..
To OSINT and Beyond!
Open-Source Intelligence (OSINT) can be valuable for an organization and penetration testing engagements in several ways. Today, let me highlight two areas: Leaked Credentials and..
Trustwave SpiderLabs Releases Actionable Cybersecurity Intelligence for the Hospitality Industry
The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying..
A Bucket of Phish: Attackers Shift Tactics with Cloudflare R2 Public Buckets
In our previous blog, we found a lot of phishing and scam URLs abusing Cloudflare services using pages.dev and workers.dev domains, respectively. We’re now seeing a lot of..
Threat-Loaded: Malicious PDFs Never Go Out of Style
Introduction In the realm of cybersecurity, danger hides where we least expect it and threats never, ever, go out of style!
The Evolution of Persistent Threats: From Chernobyl to BlackLotus
In this blog post, we will explore how the computer security landscape has expanded to reach below the operating system levels, aiming to address areas that are often overlooked..
Think Before You Scan: The Rise of QR Codes in Phishing
QR Codes, the square images that contain coded information that can be scanned by a smartphone, are becoming increasingly popular. With the number of smartphone users reaching..