Media Coverage

Scrolling down a jumbo screen Trustwave’s Loop office is a list of personal information. There are emails, names, passwords, credit card numbers and expiration dates – a gold mine for anyone trying to steal someone’s identity.

We’ve all heard the stories in the news about cyberattacks enabled by unwitting consumers: fraudsters hacking into individuals’ email accounts and sending messages to their contacts requesting money; consumers providing payment information to phony websites; cybercriminals pretending to be relatives “in urgent needs of funds.”

Turning virtual cash into real money without being caught is a big problem for successful cyber-criminals. They often have to get creative when “cashing out” or laundering the money they have stolen, according to a security expert.

Researchers have found a cross-site scripting (XSS) flaw in Apache ActiveMQ that could enable a remote attacker with no privileges to launch an array of attacks against visitors to compromised websites.

At a time when cyberattacks and threats are on a sharp rise both in frequency and severity, Chris Schueler has been a driving force in shaping how large organizations incorporate the managed security model.

Cybercriminals have chosen one of Microsoft’s lesser known Office document creation apps Publisher (.pub) as the vehicle for distributing password stealing malware intended for employees at thousands of banks around the word.

From Facebook overshares to accidental password posts on Twitter, there are many ways in which Web personas leak things of use to malicious hackers.

Researchers at Trustwave released a new open-source tool called Social Mapper, which uses facial recognition to track subjects across social media networks.

Somewhere out there a cybercriminal is lining his or her pockets with cryptocurrency. Whoever it is isn’t using powerful computer to do the mining. Instead, this individual is using an ever-growing army of enslaved routers to do the dirty work.

According to Trustwave researcher Simon Kenin, on July 31, a surge in Coinhive activity was detected which indicated that a malicious cryptocurrency mining operation was underway.

More than 200,000 routers hit with a sophisticated cryptomining attack that appears to be spreading.

A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.

A vulnerability first detected and “resolved” years ago in Oracle’s Unix OS, Solaris, has resurfaced, necessitating a fix in Big Red’s latest quarterly patch batch.

A vulnerability in some versions of the Oracle Solaris enterprise OS could allow attackers to edit code in the memory and exploit it to gain full root control over a machine.

The recently-discovered DataBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB.

The European Parliament’s industry committee wants to give ENISA more power and create a rulebook for connected devices.

In the 2018 Trustwave Global Security Report, which looks at a wide range of computing and internet threats, risks and vulnerabilities across more than a dozen industries and 21 countries, cryptocurrency has a starring role.

Not only has cryptojacking hit the big time, but now attackers are moving to target Linux.

As companies adopt new technologies in short timeframes, they are increasingly turning to outsourcing resulting in third-party providers having access to sensitive data more than ever before.

The EFF’s new STARTTLS Everywhere initiative aims to secure email as it transits the internet between mail servers to prevent mass surveillance, as well as email spoofing.

The cryptocurrency market has seen an incredible amount of attention and hype over the last year, culminating with Bitcoin values soaring by more than 1,300 percent in 2017.

From connected devices to insider threats, the modern-day cybersecurity professionals has their hands full when it comes to ensuring their organization measurably reduces risk.

Just because you’re not yet using IPv6 doesn’t mean you’re safe from the protocol’s attack vectors.

What you can’t see is that these cyber criminals behave among one another in much the same way legit businesses behave to legit customers, a security researcher tells Business Insider.

Finding out you’re a data breach victim is bad enough. But the process of canceling credit cards and checking statements for suspicious activity will likely be an even bigger headache.

What will be the most significant threat to cybersecurity teams in 2018? According to a May 2018 survey from information security company Trustwave, 22 percent of full-time information technology (IT) professionals said preventing malware, including ransomware, was their biggest obligation for 2018.

GDPR has been in play for less than 24 hours and several lawsuits have already been filed in the EU against Facebook and Google claiming each in not abiding by the new privacy regulations.

Trustwave released the 2018 Security Pressures Report based on a global survey of 1,600 full-time IT professionals who are security decision makers or security influencers within their organization.

A new Trustwave survey shows information security executives and practitioners are under increasing pressure from trying to keep up with threats and compliance mandates.

Newly published research reveals the poor state of enterprise cloud security, as evidenced by the advance of cryptojacking within these environments.