Most of you that are familiar with Secure Email Gateway products know the MailMarshal name and know that its name was changed to Trustwave Secure Email Gateway almost ten years ago when Trustwave acquired M86 Security.  Over the years, MailMarshal, known for its email threat protection and detection accuracy, continues to be recognized by many across the industry and has retained a decades-long and loyal client base.

COVID-themed phishing attacks surged more than 40 percent in the early months of the pandemic and an estimated $100 million in COVID-related goods and services were offered for sale,

According to IDC, in 2020, 64.2 zettabytes (ZB) of data was created or copied due to the increase in rich data exchanges and remote working during the COVID-19 pandemic. IDC also predicts that the amount of data created over the next five years will be greater than twice the amount of data created since the advent of digital storage.

Trustwave was named a Strong Performer and one of the top 9 "Providers That Matter Most" to clients in terms of current capability in the first-ever Forrester Wave for Managed Detection and Response (MDR). Trustwave is also recognized in the Q3 2020 Forrester Wave for Global Managed Security Services Providers as a market leader in "Strength of Current Offering for MSSPs" – positioning us to strongly execute in the pure-play MDR market and, with our leadership in MSS, excel in crossover MDR/MSS service offerings.

Hundreds of thousands of organizations are reported to have been affected by the Microsoft Exchange Server attacks. HAFNIUM, an advanced threat actor group assessed to be state-sponsored, and numerous other threat actors across the globe have been attacking organizations by exploiting critical zero-day vulnerabilities in Microsoft Exchange Servers.

As the world celebrates International Women’s Day, it’s an unfortunate reality that cybersecurity, like many other industries, is often thought of as a male dominated field. Despite the obstacles, many female cybersecurity professionals are breaking barriers and setting new precedents, like the 5 amazing women interviewed here.

While most of us assume – or at least hope – that nuclear power plants are hardened targets that should be protected by the most advanced digital security possible, is that actually the case? In this interview with Charles Hamilton, Principal Security Consultant for Trustwave SpiderLabs, we discuss his experience conducting a penetration testing exercise for a nuclear power plant.

COVID-19 has been disrupting CISO’s cybersecurity programs and changing their priorities. While no one knows when the coronavirus impact will end, although the recent vaccine developments have given us all some hope, we are getting a good perspective on what the new normal will look like – but I am going to talk to 4 key stages in the transformation to a new resilient digital nomad way of workers lives. But what will it change?

Many organizations have rushed to a remote working environment, with no time to prepare and plan a secure course of action, which inevitably leads to gaps in security – and we’ve seen this happen. Clearly and without question, the driver for this “second wave of digital transformation” has been COVID-19. Digging a little deeper, we’ve seen first-hand how quickly some organizations pivoted to the new norm of remote working. Fortunately, Trustwave SpiderLabs has been providing remote penetration testing for a number of years so we were well set for this shift and have been able to carry on with keeping our customers secure.

With the recent takedown of the notorious botnet known as Emotet, we thought it would be a good time to pause to reflect on the long history of this malware strain and cybercrime operation. To do that, we asked for a perspective from Phil Hay, Research Manager at Trustwave SpiderLabs, who has spent decades tracking and thwarting the Emotet threat.

With its recent discovery of three new vulnerabilities in SolarWinds products, the Trustwave SpiderLabs team created quite a stir. To get a better understanding of why this finding was so significant, we interviewed Karl Sigler, Threat Intelligence Manager at Trustwave SpiderLabs, to break down what the discoveries were and what organizations should do to protect themselves. Find that video interview in this post.

What should organizations do to help keep data private and risks properly mitigated? Listed in this post are a few best practices, with links to resources that can help you learn more about this vital subject matter.

We all know that cybersecurity is an industry that lends itself to the occasional overuse of acronyms – and sometimes even buzzwords. When it comes to threat hunting, which is one of the most potent weapons an organization has to find and eliminate breaches, it’s important to be able to separate fact from the fiction. What are the aspect of threat hunting that are really impactful for organizations? To get a grounded perspective, we talked with Shawn Kanady, Director of Threat Fusion & Hunt at Trustwave SpiderLabs and former Director of Digital Forensics and Incident Response.

Is cybersecurity actively being discussed at a board level? Can we identify and understand any trends – for example, are specific industries really good at acknowledging all things cyber while others aren’t? To find out, we analyzed every annual report of each Financial Times Stock Exchange 100 (FTSE100) company.

As somebody who regularly speaks to CISOs across different industries, sectors and levels of cyber maturity, Ed Williams, Director of Trustwave SpiderLabs EMEA, has seen first-hand where the headaches exist and what causes these headaches. While all organizations are different and have different risks, finding solutions for those headaches is possible. Here’s what he recommends.

Office 365 offers unparalleled productivity features that most employees simply can’t do without. But that widespread adoption also makes the platform a big target for malicious actors, who continue to find clever ways to attack organizations. While Office 365 has good built-in security features, is there a way to add even more protection? According to Phil Hay, senior research manager at Trustwave, the answer is yes.

In the year 2020, cybersecurity was thrust into the spotlight in an unprecedented way thanks to what’s being called the FireEye Data Breach & SolarWinds Orion Compromise. In this perspective, we argue that the incident represents a tipping point not only for cybersecurity, but possibly for the world, as threats to information security and data will have an ever-increasing effect on the course of human affairs.

With the start of a new year, organizations hoping to do business with the U.S. Department of Defense (DoD) need to be more aware than ever of Cybersecurity Maturity Model Certification (CMMC) requirements. This interview below with Darren Van Booven, Lead Principal Consultant at Trustwave, CMMC Registered Practitioner, and former CISO of the U.S. House of Representatives, can help.

2020 was a year like no other – and that was reflected in the writing on the Trustwave and Trustwave SpiderLabs blogs, which covered some of the most significant and far-reaching discoveries our teams have ever made, including a massive malware operation that targeted organizations doing business in China. Check out our top blog posts of the year.

Looking back on the year in cybersecurity, Ziv Mador, VP of Security Research at Trustwave SpiderLabs, offers his key insights – and analysis of trends that organizations should prepare for in 2021. #cybersecurity #infosec