Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Top 10 Trustwave Blog Posts: Industry Threat Reports, Developing Robust Security Top of Mind for 2023

The most popular Trustwave blog posts in 2023 were a roadmap of what concerned our readers during the year. Top of mind was learning how to develop a strong cyber defense and there was a great deal of interest in Trustwave SpiderLabs’ threat intelligence reports facing the healthcare, financial, retail, manufacturing, and hospitality industries.

1. Focus on these 3 Areas to Develop a Strong Cybersecurity Posture With Fewer Resources

Not every organization's security apparatus is built or funded at the same level. For smaller organizations or those with other needs competing for budget, here are some points that show it's possible to do more with less. To drive meaningful progress and ensure a robust security posture, it's the C-suite and the board must collaborate and focus on three key areas: coverage, consolidation, and assurance.

2. 10 Dynamic Principles for Crafting a Robust Database Security Strategy

The digital world relies on data, which because of its considerable value, is constantly targeted by skilled cybercriminals who have spent years developing methods and tools to gain access to even the most secure databases.
Determining and establishing the appropriate policies, roles, accountability, workflow, mitigations, reporting, and ongoing management will set all stakeholders on a course to achieve your program goals.

3. The 2023 Retail Services Sector Threat Landscape

Trustwave SpiderLabs analyzed the threat actors active in attacking the retail sector, including Royal, Bian Lian, LockBit, Clop, BlackCat, Play, 8BASE, and RasomedVC. These groups have a deep arsenal of well-tried hacking tools at their disposal to gain access, move laterally inside their target, and then exfiltrate data. The most prevalent tactics are email-borne malware, phishing, BEC, and vulnerability exploitation, among others.

4. The 2023 Financial Services Sector Threat Landscape

Cyberattacks striking the financial services industry are more prevalent, dangerous, and hitting faster than ever.
To provide much needed guidance and recommended mitigation measures the elite Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the financial services sector and released the report 2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies.

5. Trustwave and Trellix Enter into a Strategic Managed Detection and Response Partnership

Trustwave and Trellix have entered a strategic partnership that will see the two premier cybersecurity companies deliver best-in-class Managed Detection and Response (MDR) solutions to enterprise-class organizations.
The partnership will begin with Trustwave's innovative MDR services on Trellix EDR products, which will result in these clients receiving unrivaled threat visibility and the ability to detect and respond to threats faster and more precisely.

6. Trustwave SpiderLabs: LockBit 3.0 Ransomware Most Common Malware Used to Attack the Manufacturing Sector

The 2023 Manufacturing Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies explores the dangers facing this sector, conveying data culled from Trustwave SpiderLabs' extensive research that includes the most prevalent types of attacks, threat actor methodology, and recommendations on how to mitigate these threats.
One piece of data Trustwave SpiderLabs uncovered in its research that stands out is that Lockbit 3.0 is the predominant ransomware strain used to attack manufacturers, being used in 36% of all such attacks.


7. Tabletop Exercises: The Key to Recovering From a Devastating Cyberattack

The exploitation of the CitrixBleed vulnerability in Netscale by a variety of ransomware groups has led to a widespread disruption of services across several industry sectors, including financial services, healthcare and real estate. These organizations could have avoided this situation if they had taken the time to conduct tabletop exercises. While these exercises would not reveal any specific vulnerabilities, they would have given each firm hands-on practice to react properly when confronted with a worst-case scenario.


8. How Trustwave Can Assist Tribal Governments Applying for $18 Million in DHS Cybersecurity Grants

Tribal governments are among the most underserved organizations in the US when it comes to cybersecurity preparation, with threat actors striking multiple tribes with a variety of cyberattacks.
To help alleviate this issue, the 2023 Department of Homeland Security (DHS) has created the Tribal Cybersecurity Grant Program (TCGP), this $18.2 million is designed to distribute money to tribal authorities enabling them to boost the cybersecurity and resilience of tribally owned or operated information systems.

9. Trustwave’s Observations on the Recent Cyberattack on Aliquippa Water Treatment Plant

The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity & Infrastructure Security Agency (CISA)and WaterISAC to each issue incident reports and raised multiple questions regarding the site’s security and potential danger to similar plants.
Trustwave has deep insight into properly protecting operational technology (OT) and critical infrastructure, which we will discuss shortly, but first let’s take a look at what took place.

10. SEC: Public Companies Must Disclose Material Cybersecurity Incidents Within 4 Days

The US Securities and Exchange Commission (SEC) adopted new rules for cybersecurity risk management, strategy, governance, and incident disclosure by public companies on July 26, requiring public companies to disclose material cybersecurity incidents within four days of an attack. Additionally, registrants must annually report their process, if any, for assessing, identifying, and managing material risks from cybersecurity threats.

Latest Trustwave Blogs

Trustwave eBook Now Available: 8 Experts on Offensive Security

It is now obvious that defensive measures alone are no longer sufficient to protect an organization from cyberattacks. Threat actors are increasing their capacity at such a rate that merely sitting...

Read More

Upcoming Trustwave Webinar: Top Security Considerations When Moving from Microsoft E3 to E5

Upgrading licensing from Microsoft 365 E3 to E5 is more than just an incremental step—it's a strategic move that can significantly enhance your organization’s security, compliance, and productivity....

Read More

How Trustwave Protects Your Databases in the Wake of Recent Healthcare Data Breaches

The recent cyberattack on Ascension Medical, Change Healthcare and several UK hospitals is a stark reminder of the vulnerabilities within the healthcare sector.

Read More