Media Coverage

The ""2017 Trustwave Global Security Report"" [registration required] examines trends over 2016 in the areas of cybercrime, data breaches and security. The era of acting defensively is over. It is time to approach cybersecurity proactively, the report stated.

Attackers are developing new methods of stealing sensitive information every day, making retail breaches an all-too-common occurrence. But an important line of defense for merchants are their payment facilitators, which, when armed with the right knowledge, can act as digital bodyguards for these brands.

News headlines continue to call our attention to the latest cyber attacks -- something that provides IT and security professionals with the daunting task of remaining steadfast on the unpredictable security battlefield. In fact, 53 percent of IT professionals felt more pressure to secure their organization last year, compared to 2015, according to the 2017 Security Pressures Report from Trustwave. However, contrary to what you would expect, the pressures are not just coming from the C-suite.

Trustwave, the Chicago-based information security firm that helps businesses protect against cyberattacks, unveiled its expanded headquarters and announced an internship program with the City Colleges of Chicago Monday at an event with Mayor Rahm Emanuel.

Chicago Mayor Rahm Emanuel joins Trustwave to open the company's new and expanded headquarters, plus helps to mark the start of the City Colleges of Chicago's (CCC) inaugural Cyber Security Boot Camp.

The relationship between a manufacturer or vendor and security researchers can be filled with tension and unease, and it's most often put to the test during the vulnerability disclosure process. Although their intentions are pure, researchers often feel they are being shut out of the process, while vendors may see disclosure deadlines as a threat from researchers looking to produce headlines.

Trustwave looks to put more business through the channel as it broadens out from traditional compliance business

As organizations wade deeper into digital technology, the pressure grows on IT and security professionals to keep systems up and running. What's more, as budgets shrink and the time required to manage and maintain security systems swells, the stress levels keep rising. A recent report from Trustwave, ""2017 Security Pressures Report,"" offers some perspective on how organizations are addressing these issues, and how IT and security teams are faring.

FRANKFURT (Reuters) - Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.

Two-thirds of those caught up in the past week's global ransomware attack were running Microsoft's Windows 7 operating system without the latest security updates, a survey for Reuters by security ratings firm BitSight found.

Tom Bain, vice president of marketing at CounterTack, believes organizations want to ""collapse the stack"" and move to fewer providers and platform offerings. They want less agents and ultimately not as many providers under the hood. “Taking technologies into a managed deployment gives an enormous advantage to MSSPs who can remove the burden from operators, monitoring and responding to threats on their behalf,” he said.

In the past year, Trustwave has hired 160 people in Chicago, increasing headcount here about 30 percent to more than 500 people. Worldwide, Trustwave is up to 1,650 employees. It's a workforce heavy on engineering talent. McCullen doesn't expect the growth to slow down. The company has 50 open positions in Chicago. There isn't enough talent anywhere in tech, but the challenge is particularly steep in cybersecurity. ""We need really skilled people,"" he said. ""Even our customers can't find them.""

Ever wondered who these ‘hush-hush’ people are that help to keep our networks safe? Here we talk to Lawrence Munro, director of SpiderLabs EMEA for Trustwave, about the role of the ‘White Hat hacker’.

A sophisticated hacking group with suspected ties to cybercrime gangs operating in Eastern Europe is now actively targeting and breaching prominent brand-name restaurants in the U.S.

The race to become the most innovated and tech-savvy hotel is on. Hotels have increasingly begun working with technology companies to offer more innovative and enhanced guest experiences. Guests at many hotels can now bypass the need to go to the front desk by using their mobile devices to select a room, check-in, receive texts when their room is ready, and even unlock the door to their room. Guests can also customize their stay by requesting items, ordering room service, planning activities, or purchasing upgrades. Everything a guest may want is only a few clicks or taps away, and soon, the data collected by these programs will allow hotel operators to anticipate guests’ requests and needs.

The Carbanak group, also known as Anunak, was exposed in 2015 after it managed to steal an estimated $1 billion from more than 100 banks across 30 countries. In early 2016, the group continued to target banks, mainly in the Middle East and U.S.

To understand why Carbanak is one of the Internet's most skilled and successful criminal groups, consider the recent spear-phishing campaign it used to infect computers in the hospitality and restaurant industries with malware that steals banking credentials.

With Australia’s mandatory data breach notification laws set to take effect by 23 February 2018, protecting sensitive information and data privacy has moved up the burgeoning list of an organisation’s IT security priorities.

The risk of cybersecurity compromise has become ubiquitous across business and government sectors, with new figures suggesting that nine out of every 10 Australian organisations dealt with an attempted or successful cybersecurity breach during fiscal 2015-16 – and that 58 percent had been successfully compromised.

IT Professionals Feel Security Pressure From Cloud, Others’ Breaches

According to Trustwave’s 2017 Security Pressures Report, the answer is yes, a shift is happening, especially in who is putting the pressure on staff for improving cybersecurity efforts. Security is becoming more personal, the report said, with 24 percent of respondents citing pressure exerted by oneself to deal with cybersecurity, which is up 13 percent over last year’s report. Nearly half of the respondents did admit that they feel the pressure from executives and boards of directors, but that number is down 13 percent from last year.

Cybersecurity company Trustwave, which has its Canadian headquarters in Waterloo, released the results of its fourth annual Security Pressures Report on Wednesday. The survey is based on interviews with 1,600 IT and cybersecurity professionals around the world.

The majority of tech professionals are pressured to roll out projects before they’ve undergone necessary security audits and hardening, according to a new security pressures survey from the security firm Trustwave.

Security professionals are feeling less pressure from management, less pressure to approve IT projects early, and are less worried about emerging technologies, according to a report released this morning. But they are also putting more pressures on themselves.

This issue includes: Identity and access management strategy: Time to modernize? Strong authentication methods: Are you behind the curve? Start redrawing your identity and access management roadmap

It’s bad enough when black hat hackers insert malicious backdoors into systems and software after vendors/makers have sold these into the marketplace. It is another matter when the vendors who create these devices and programs unwittingly or purposely leave backdoors inside their products.

We all know that what we mean by hacker around here and what the world at large thinks of as a hacker are often two different things. But as our systems get more and more connected to each other and the public Internet, you can’t afford to ignore the other hackers — the black-hats and the criminals. Even if you think your data isn’t valuable, sometimes your computing resources are, as evidenced by the recent attack launched from unprotected cameras connected to the Internet.

The built-in backdoor discovered by Trustwave in IoT devices enables access by the manufacturer and leaves the devices open to exploitation by others, which despite Trustwave following the responsible disclosure process, has repeatedly been left exposed by the vendor.

IoT devices from a Chinese vendor contain a weird backdoor that the vendor is refusing to fix, we're told. The vulnerability was discovered in almost all devices produced by VoIP specialist dbltek, and appears to have been purposely built in as a debugging aid, according to researchers at TrustWave. The infosec biz says that it followed a responsible disclosure process, but claims the manufacturer responded only with modifications to its firmware that leave access open

The cybersecurity industry wrestles with why the Internet isn’t safer after $75 billion in annual spending and how to handle ransomware at one of its marquee annual events.