Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns
Earlier this year SpiderLabs observed an increase in mass scanning, credential brute forcing, and ...
Read MoreStay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
Proton66 Part 1: Mass Scanning and Exploit Campaigns
Trustwave SpiderLabs continuously tracks a range of malicious activities originating from Proton66 ...
Read MorePixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks
Ever thought an image file could be part of a cyber threat? The Trustwave SpiderLabs Email Security ...
Read MoreTycoon2FA New Evasion Technique for 2025
The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past ...
Read MoreInside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse
In February 2025, the cybersecurity community witnessed an unprecedented leak that exposed the ...
Read MoreBabuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’
An investigation that started with a tip from one of our threat intel sources about the revival of ...
Read More2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures
Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare ...
Read MoreTrustwave SpiderLabs Threat Review: Alleged Oracle Compromise
On March 20, a relatively unknown user on Breach Forums posted the allegation that Oracle had ...
Read MoreWhy Principle of Least Privilege Matters More Than Ever in a World of Backdoored Large Language Models (LLMs)
The concept of “principle of least privilege” has been around for a long time. In fact, it is older ...
Read MoreFort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster, we ...
Read MoreFort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1
Picture this: an always-awake, never-tired, high-speed librarian that instantly finds the exact ...
Read MoreResurgence of a Fake Captcha Malware Campaign
During an Advanced Continual Threat Hunt (ACTH) investigation in early February 2025, Trustwave ...
Read MoreThe Russia-Ukraine Cyber War Part 4: Development in Group Attributions for Russian State Actors
This is the final installment of Trustwave SpiderLabs Russia-Ukraine digital battlefield series, ...
Read MoreA Deep Dive into Strela Stealer and how it Targets European Countries
Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, ...
Read MoreThe Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure
This post is the third part of our blog series that tackles the Russia-Ukraine war in the digital ...
Read More2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector
2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key ...
Read MoreThe Russia-Ukraine Cyber War Part 2: Attacks Against Government Entities, Defense Sector, and Human Targets
In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we gave a brief look at ...
Read MoreThe Russia-Ukraine Cyber War Part 1: Three Years of Cyber Warfare
As the third anniversary of the start of the Russia-Ukraine war approaches, Trustwave SpiderLabs ...
Read MoreThe Rise of Email Marketing Platforms for Business Email Compromise Attacks
In a statistical report published in September 2024 by the Federal Bureau of Investigation (FBI), ...
Read MoreBeyond the Chatbot: Meta Phishing with Fake Live Support
In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals exploit Facebook Messenger ...
Read MoreCracking the Giant: How ODAT Challenges Oracle, the King of Databases
In the past decade, Oracle Database (Oracle DB) has reigned supreme in the competitive arena of ...
Read MoreTrustwave SpiderLabs 2025 Trustwave Risk Radar Report: Energy and Utilities Sector
The energy sector plays a crucial role in national security by ensuring the delivery of essential ...
Read MoreThe New Face of Ransomware: Key Players and Emerging Tactics of 2024
As we step into 2025, the high-impact, financially motivated ransomware landscape continues to ...
Read MoreCVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day
In late November and December 2024, Arctic Wolf observed evidence of a mass compromise of Fortinet ...
Read MoreThe Database Slayer: Deep Dive and Simulation of the Xbash Malware
In the world of malware, common ransomware schemes aim to take the data within databases ...
Read MoreThe State of Magecart: A Persistent Threat to E-Commerce Security
Trustwave SpiderLabs first blogged about Magecart back in 2019; fast forward five years and it is ...
Read MoreEmail Bombing: Why You Need to be Concerned
Over the last few months, the topic of email bombing has been brought to our attention multiple ...
Read More