The most popular Trustwave blog posts in 2023 were a roadmap of what concerned our readers during the year. Top of mind was learning how to develop a strong cyber defense and there was a great deal of interest in Trustwave SpiderLabs’ threat intelligence reports facing the healthcare, financial, retail, manufacturing, and hospitality industries.
Not every organization's security apparatus is built or funded at the same level. For smaller organizations or those with other needs competing for budget, here are some points that show it's possible to do more with less. To drive meaningful progress and ensure a robust security posture, it's the C-suite and the board must collaborate and focus on three key areas: coverage, consolidation, and assurance.
The digital world relies on data, which because of its considerable value, is constantly targeted by skilled cybercriminals who have spent years developing methods and tools to gain access to even the most secure databases.
Determining and establishing the appropriate policies, roles, accountability, workflow, mitigations, reporting, and ongoing management will set all stakeholders on a course to achieve your program goals.
Trustwave SpiderLabs analyzed the threat actors active in attacking the retail sector, including Royal, Bian Lian, LockBit, Clop, BlackCat, Play, 8BASE, and RasomedVC. These groups have a deep arsenal of well-tried hacking tools at their disposal to gain access, move laterally inside their target, and then exfiltrate data. The most prevalent tactics are email-borne malware, phishing, BEC, and vulnerability exploitation, among others.
Cyberattacks striking the financial services industry are more prevalent, dangerous, and hitting faster than ever.
Trustwave and Trellix have entered a strategic partnership that will see the two premier cybersecurity companies deliver best-in-class Managed Detection and Response (MDR) solutions to enterprise-class organizations.
The partnership will begin with Trustwave's innovative MDR services on Trellix EDR products, which will result in these clients receiving unrivaled threat visibility and the ability to detect and respond to threats faster and more precisely.
One piece of data Trustwave SpiderLabs uncovered in its research that stands out is that Lockbit 3.0 is the predominant ransomware strain used to attack manufacturers, being used in 36% of all such attacks.
The exploitation of the CitrixBleed vulnerability in Netscale by a variety of ransomware groups has led to a widespread disruption of services across several industry sectors, including financial services, healthcare and real estate. These organizations could have avoided this situation if they had taken the time to conduct tabletop exercises. While these exercises would not reveal any specific vulnerabilities, they would have given each firm hands-on practice to react properly when confronted with a worst-case scenario.
Tribal governments are among the most underserved organizations in the US when it comes to cybersecurity preparation, with threat actors striking multiple tribes with a variety of cyberattacks.
To help alleviate this issue, the 2023 Department of Homeland Security (DHS) has created the Tribal Cybersecurity Grant Program (TCGP), this $18.2 million is designed to distribute money to tribal authorities enabling them to boost the cybersecurity and resilience of tribally owned or operated information systems.
The attack last week on the Municipal Water Authority in Aliquippa, Penn., that gave threat actors access to a portion of the facility’s pumping equipment has spurred the Cybersecurity & Infrastructure Security Agency (CISA)and WaterISAC to each issue incident reports and raised multiple questions regarding the site’s security and potential danger to similar plants.
Trustwave has deep insight into properly protecting operational technology (OT) and critical infrastructure, which we will discuss shortly, but first let’s take a look at what took place.