Media Coverage

Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there’s evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China.

Trustwave is for the first time allowing VARs, MSPs and agent partners to directly resell the company’s managed threat detection and response and professional services.

The tax software was legitimate, but embedded inside it was a nasty surprise, according to a new report by a private security firm: A sophisticated piece of malware that gave attackers complete access to the company's network.

When a U.K.-based technology vendor started doing business in China, it hired a cybersecurity firm to proactively hunt for any digital threats that could arise as part of doing business in the country. The firm discovered a problem, one with such major implications that it alerted the FBI.

A US cyber security firm has discovered a new form of malware potentially targeting foreign companies operating in China, which has been embedded in compulsory tax software and installs a hidden backdoor to allow remote access to computer systems.

Even as stores reopen in many parts of the country, people are still shopping online more than ever. And that includes using new sites set up by their favorite small businesses attempting to stay afloat through perilous economic times.

Sextortion is evolving into nastier ways to try to extort people. To date, the basic template for this cybercrime has been to claim people's accounts have been hacked, with the criminals saying they have video proof – usually via webcam – of a person watching sexual content. The criminals demand immediate payment in Bitcoin – which gives the extortionist anonymity – or they will release the video to the public.

A series of phishing campaigns using Google Firebase storage URLs have surfaced, showing that cybercriminals continue to leverage the reputation of Google’s cloud infrastructure to dupe victims and skate by secure email gateways.

Many on the dark web are expressing the same thoughts and fears about COVID-19 as everyone else, while others are looking for ways to profit from it, says Trustwave.

Trustwave’s Global OT/IoT security research team uncovered the flaws in Schneider’s SoMachine Basic v1.6 and Schneider Electric M221, firmware version 1.6.2.0, Programmable Logic Controller (PLC).

Researchers have found another vulnerability in software made by Schneider Electric that is similar to the one exploited by the notorious Stuxnet malware.

Attackers are using this time of crisis to go after victims with targeted campaigns. The biggest threats are phishing attacks related to COVID-19.

As most generic spam now gets blocked, attackers have turned to more targeted, personalized phishing emails to reel in their victims, according to security firm Trustwave.

Analysis of more than a trillion security events over the past year and hundreds of breach investigations by researchers at cybersecurity company Trustwave found that ransomware attacks have become the most common security incident.

Cyber criminals are taking advantage of the worldwide level of concern surrounding the COVID-19 coronavirus to launch an insidious new round of attacks that are much more effective than previous cyber-attacks.

Researchers from security firm Trustwave said they discovered a new malspam campaign that sends Excel 4.0 xls 97-2003 files with a compromised macro in email messages. The ploy is predictable and attempt to dupe users with themes ranging from fake invoices to COVID-19 related lures.

Hackers are exploiting vulnerabilities stemming from the global coronavirus pandemic, including distracted workers and stretched-thin IT staff, as cybersecurity attorneys say the spread of COVID-19 has also brought with it a spike in data security incidents.

Businesses often have a contingency plan — a Plan B — in case workers can’t get to the office when there’s a power outage, natural disaster or extraordinary circumstances, like in Chicago last winter when a polar vortex plunged temperatures far below zero. But few companies expected their backup plans to be deployed for a worldwide pandemic.

Turla, the highly-sophisticated and long established cyber espionage threat actor, shows no sign of slowing down.

An email campaign that purports to be a popular tax return software provider is the latest scam to make the rounds. The corrupted email is quickly spreading, in an effort to catch people who use the tax program.

Trustwave, a managed security services provider based in Chicago, took the wraps off a new line of consulting and security services for Palo Alto Networks Prisma Cloud.

Hackers are using the public’s fear of the coronavirus to steal passwords and spread malware, according to multiple cybersecurity firms and computer security experts.

Telco Security Alliance members AT&T, Singtel, and Telefónica are now sharing threat intelligence and indicators of compromise (IoCs) to help fight global attack campaigns that are launched against their customers.

As the death toll from the coronavirus outbreak continues to rise, online scammers are using email phishing schemes in an attempt to profit on people's confusion and fear surrounding the virus.

A week on from the U.S. killing of Iran’s Qasem Soleimani on January 3, media warnings around the cyber threat now facing the U.S. and its allies show no signs of diminishing.

Hackers behind the ransomware attack on New Year's Eve claimed to have stolen customer data including credit card information, and threatened to publish it online if they weren’t paid the money within seven days.

Smart cities, connected cars and other emerging technology trends fueled by IoT-enabled devices are likely to further gain pace from 2020 onwards – so here are some of the major IoT trends today and what to expect in the year ahead.

Iranian hackers are likely planning social engineering and phishing efforts as retaliation for the U.S. military’s killing of Iranian military chief Qasem Soleimani, according to security experts in government and the private sector.

If you’re anything like me, you’ll be traveling with all of your devices this holiday season. But according to Trustwave, you need to do a quick security check-up.

You wouldn’t purchase an expensive sports car if you couldn’t use it properly. So, why make a pricey security investment before knowing it fits into your ecosystem?