Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

Our Top Blogs of 2020

2020 was truly a troubling year for the world – and a consequential one for the field of cybersecurity. From the sudden and massive shift to working from home because of the COVID-19 pandemic, to the discovery of one of the biggest cyber-attacks in history, the events of 2020 and their consequences will be long remembered.

Those groundbreaking developments were reflected in the writing on the Trustwave and Trustwave SpiderLabs blogs, which covered some of the most significant and far-reaching discoveries our teams have ever made, including a massive malware operation that targeted organizations doing business in China and our U.S. voter database discovery. Look below to recap our top blog posts of the year.

#1        The Golden Tax Department and the Emergence of GoldenSpy Malware

This discovery of a new malware family called GoldenSpy, embedded in tax payment software that a Chinese bank required corporations to install, made news around the world and trended on social media under the hashtag #GoldenSpy.

#2        Massive US Voters and Consumers Databases Circulate Among Hackers  

As covered by the N.Y. Times, NBC News and others, the Trustwave SpiderLabs team discovered massive databases with detailed information about U.S. voters and consumers offered for sale on several hacker forums – right before the U.S. election.


2020 Trustwave Global Security Report

The 2020 Trustwave Global Security Report is a window into the latest developments in the world of cybercrime. Featuring data and analysis from Trustwave systems and security experts, it is a comprehensive review of the phenomena, trends and statistics that are shaping cybersecurity. Use it to help your organization gain insights on the tricks and techniques that cybercriminals have developed, with updated statistics on data compromise, email threats, exploits and malware, and database and network security. Armed with this knowledge, your organization will be better prepared to defend itself against ever evolving cyber threats – this year and beyond.

Download Now

#3        25 Years of Threats: How Cybersecurity Has Evolved Since 1995

As Trustwave celebrated its 25th year anniversary, we looked back at how cybersecurity has evolved and changed by interviewing Ziv Mador, leader of the Trustwave SpiderLabs research team, whose fascinating career started with Microsoft R&D in 1996 and covered some of the biggest cyber scams in history. 

#4        Would You Exchange Your Security for a Gift Card?

A letter supposedly from a major retailer contained a gift card and a USB device. Spoiler alert… it was a scam. Thankfully our Trustwave SpiderLabs teams detected the hack and helped warn the public and the proper authorities.

#5        Vaccine for COVID-19 and Other Scams on the Dark Web

When the world suddenly shifted to a massive work from home posture, Trustwave SpiderLabs researchers began monitoring the Dark Web to see how cyber criminals would respond. As expected, the scams began immediately – and even included fake vaccine offers.

#6        What COVID-19 Has Taught Us About Cybersecurity

What lessons should organizations learn from the COVID-19 event? Are there any benefits, like possible cost-savings, that will carry through to the future? To find out, we interviewed a top cybersecurity thought leader.

#7        Phishing in a Bucket: Utilizing Google Firebase Storage

This phishing threat leveraged the reputation and service of the Google Cloud infrastructure and embedded Google firebase storage URLs in phishing emails. This blog post exposed the scam and offered remediation recommendations.

#8        10 Essential Cybersecurity Tips for Businesses

This downloadable infographic – presented by the global Telco Security Alliance – offered key insights that can benefit almost every organization.

#9        Getting MDR Right: How to Prepare Your Organization for Effective Managed Detection and Response

Managed Detection and Response (MDR) is growing rapidly, and this blog post helped organizations learn what they should do to prepare for effective endpoint detection and response and what to look for in an MDR provider.

#10      GO SMS Pro Vulnerable to Media File Theft

The Go SMS Pro messenger app was exposing sensitive data – including personal photos – to the Internet. Some of that data was found for sale on hacker forums. This exclusive Trustwave SpiderLabs  discovery was covered by hundreds of major media outlets around the world.