Trustwave achieves verified MXDR solution and FastTrack ready partner status from Microsoft. Learn More

Request a Demo

Trustwave achieves verified MXDR solution and FastTrack ready partner status from Microsoft. Learn More

Request a Demo
Services
Capture
Managed Detection & Response

Eradicate cyberthreats with world-class intel and expertise

twi-cloud-lock-color-svg
Managed Security Services

Expand your team’s capabilities and strengthen your security posture

twi-briefcase-color-svg
Consulting & Professional Services

Tap into our global team of tenured cybersecurity specialists

twi-dashboard-color-svg
Penetration Testing

Subscription- or project-based testing, delivered by global experts

twi-database-color-svg
Database Security

Get ahead of database risk, protect data and exceed compliance requirements

twi-email-color-svg
Email Security & Management

Catch email threats others miss with layered security & maximum control

twi-managed-portal-color
Co-Managed SOC (SIEM)

Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce cyber risk

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
A focus on threat detection and response
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Researchers, ethical hackers and responders
Trustwave Fusion Platform
Unprecedented security visibility and control
SpiderLabs Fusion Center
Our cybersecurity command center
Security Operations Centers
Distributed worldwide defense nodes
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
BLOGS

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

ChatGPT: Emerging AI Threat Landscape

ChatGPT has been available to the public since November 30, 2022. Since then, it has made headlines – from being temporarily banned from Stack Overflow because, “while the answers..

Read More

Trustwave Action Response: Zero-Day Vulnerability in Citrix ADC (CVE-2022-27518)

On Tuesday, December 13, a joint announcement from the United States NSA and Citrix announced a zero-day vulnerability in Citrix ADC. The vulnerability (CVE-2022-27518) is a..

Read More

Meta-Phish: Facebook Infrastructure Used in Phishing Attack Chain

Meta has two of the largest social media platforms today, Facebook and Instagram. These platforms became the modern gateway for people not just to socialize and eavesdrop on the..

Read More

Trojanized OneNote Document Leads to Formbook Malware

Cybercriminals have long used Microsoft documents to pass along malware and they are always experimenting with new ways to deliver malicious packages. As defenders, Trustwave..

Read More

Going Mobile: BEC Attacks Are Moving Beyond Email

Recently, we’ve noticed an increase in user reports of SMS-based Business Email Compromise (BEC) messages. This seems to be part of a wider trend as phishing scams via text..

Read More

Bypassing 2FA Authentication with Evilginx2

Due to the increasing number of cyberattacks, particularly zero days, organizations are scrambling to obtain the best security services available. While even the smallest..

Read More

‘Tis the Season for Online Shopping and Phishing Scams

The 2022 holiday shopping season is here. Retailers’ discounts are kicking off early, and shoppers are eager to spend, especially with big price markdowns to come as the season..

Read More

Killnet Claims Attacks Against Starlink, Whitehouse.gov, and United Kingdom Websites

Pro-Russian threat actor group Killnet claims to have launched DDoS attacks against Starlink and the United States’ government website whitehouse.gov. Starlink is a satellite..

Read More

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program

Read More

Automating RDS Security Via Boto3 (AWS API)

When it comes to security in AWS, there is the shared responsibility model for AWS services, which is divided into AWS responsibility ‘security of the cloud’ and customer..

Read More

Development of the Ukrainian Cyber Counter-Offensive

Overview Russia’s military incursion against Ukraine began on February 24, 2022, with a massive ground attack supported by several cyber incidents. This activity set the stage for..

Read More

Denial of Service and RCE in OpenSSL 3.0 (CVE-2022-3786 and CVE-2022-3602)

Overview On November 1 the OpenSSL Project released patches addressing the previously rated "Critical" vulnerability that was pre-announced last week. The "Critical" rating has..

Read More

Insta-Phish-A-Gram

Following Trustwave SpiderLabs’ blog on social media-themed phishing on Facebook, comes another flavor of ‘infringement’ phishing. In this case, the targets, still under the..

Read More

Archive Sidestepping Self-Unlocking Password-Protected RAR

Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in password-protected archives with about 96% of these being spammed by the Emotet Botnet. In the..

Read More

ModSecurity Request Body Parsing: Recent Bypass Issues

Overview ModSecurity is an open-source web application firewall (WAF) engine maintained by Trustwave. This blog post discusses multiple input interpretation weaknesses in the..

Read More

HTML File Attachments: Still A Threat

Introduction This past month, Trustwave SpiderLabs observed that HTML (Hypertext Markup Language) file attachments had become a common occurrence in our spam traps, which is not..

Read More

Post-Exploitation Persistent Email Forwarder in Outlook Desktop

There is an exploitation method that can automatically forward emails CC’d to external addresses via an Outlook Desktop rule, even when this action is prevented on the corporate..

Read More

Trustwave Action Response: Zero Day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019

Update Oct. 4: Microsoft released Security Update Guides for these two vulnerabilities.

Read More