SYS01 Infostealer and Rilide Malware Likely Developed by the Same Threat Actor
Drawing on extensive proprietary research, Trustwave SpiderLabs believes the threat actors behind ...
Read MoreMultiple Cross-Site Scripting (XSS) Vulnerabilities in REDCap (CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396)
Trustwave SpiderLabs uncovered multiple stored cross-site scripting (XSS) vulnerabilities ...
Read MoreKnowing your Enemy: Situational Awareness in Cyber Defenses
Most homeowners know that a lock is a good idea as a basic defense against invaders, and leaving ...
Read MoreCloudy with a Chance of Hackers: Protecting Critical Cloud Workloads
If you've been following along with David's posts, you'll have noticed a structure to the topics: ...
Read MoreTrustwave Rapid Response: CrowdStrike Falcon Outage Update
Trustwave is proactively assessing and monitoring our clients who may have been impacted by ...
Read MoreUsing AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys
When working with Amazon Web Services (AWS), we often find that various AWS services need to store ...
Read MoreFacebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01
The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use ...
Read MoreTips for Optimizing Your Security Operations Framework
Building an effective Security Operations framework that provides the right balance of people, ...
Read MoreNetwork Isolation for DynamoDB with VPC Endpoint
DynamoDB is a fully managed NoSQL database service offered by Amazon Web Services (AWS). It is ...
Read MoreThe Underdog of Cybersecurity: Uncovering Hidden Value in Threat Intelligence
Threat Intelligence, or just TI, is sometimes criticized for possibly being inaccurate or outdated. ...
Read MoreClockwork Blue: Automating Security Defenses with SOAR and AI
It’s impractical to operate security operations alone, using manual human processes. Finding ...
Read MoreProfessional Services Sector Under Attack - Trustwave SpiderLabs Report 2024
Recent research by Trustwave SpiderLabs, detailed in their newly published report "2024 ...
Read MoreAtlas Oil: The Consequences of a Ransomware Attack
Overview Atlas Oil, a major player in the oil and fuel distribution industry, fell victim to a ...
Read MoreScanning the Matrix: SIEM Best Practices
(A thought from The Matrix: Neo likely used a SIEM before he took the red pill and could see the ...
Read MoreFare Thee Well ModSecurity: End-of-Life and Last Commercial Rules Update for June 2024
A Fourteen-Year Journey Comes to an End In June 2010, Trustwave acquired Breach Security, which ...
Read MoreSecure Access Service Edge: Another Multi-Tool for the SOC
Over the years, several security defense architectures have merged into a single solution. Endpoint ...
Read MoreSearch & Spoof: Abuse of Windows Search to Redirect to Malware
Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows ...
Read MoreThe Sentinel’s Watch: Building a Security Reporting Framework
Imagine being on shift as the guard of a fortress. Your job is to identify threats as they approach ...
Read MoreFake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor
During a recent client investigation, Trustwave SpiderLabs found a malicious version of the ...
Read MoreThreat Advisory: Snowflake Data Breach Impacts Its Clients
Executive Summary On May 20, 2024, Live Nation discovered and disclosed an unauthorized activity in ...
Read MoreCyber Exterminators: Monitoring the Shop Floor with OT Security
Pressure is increasing on manufacturers to monitor their shop floors for malicious activity to ...
Read MoreImportant Security Defenses to Help Your CISO Sleep at Night
This is Part 13 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read More2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies
Trustwave SpiderLabs’ 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing ...
Read MoreHow to Create the Asset Inventory You Probably Don't Have
This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreGuardians of the Gateway: Identity and Access Management Best Practices
This is Part 10 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreProtecting Zion: InfoSec Encryption Concepts and Tips
This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreEDR – The Multi-Tool of Security Defenses
This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreThe Invisible Battleground: Essentials of EASM
Know your enemy – inside and out. External Attack Surface Management tools are an effective way to ...
Read More