Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01
The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use ...
Read More
Tips for Optimizing Your Security Operations Framework
Building an effective Security Operations framework that provides the right balance of people, ...
Read MoreNetwork Isolation for DynamoDB with VPC Endpoint
DynamoDB is a fully managed NoSQL database service offered by Amazon Web Services (AWS). It is ...
Read MoreThe Underdog of Cybersecurity: Uncovering Hidden Value in Threat Intelligence
Threat Intelligence, or just TI, is sometimes criticized for possibly being inaccurate or outdated. ...
Read MoreClockwork Blue: Automating Security Defenses with SOAR and AI
It’s impractical to operate security operations alone, using manual human processes. Finding ...
Read MoreProfessional Services Sector Under Attack - Trustwave SpiderLabs Report 2024
Recent research by Trustwave SpiderLabs, detailed in their newly published report "2024 ...
Read MoreAtlas Oil: The Consequences of a Ransomware Attack
Overview Atlas Oil, a major player in the oil and fuel distribution industry, fell victim to a ...
Read MoreScanning the Matrix: SIEM Best Practices
(A thought from The Matrix: Neo likely used a SIEM before he took the red pill and could see the ...
Read MoreFare Thee Well ModSecurity: End-of-Life and Last Commercial Rules Update for June 2024
A Fourteen-Year Journey Comes to an End In June 2010, Trustwave acquired Breach Security, which ...
Read MoreSecure Access Service Edge: Another Multi-Tool for the SOC
Over the years, several security defense architectures have merged into a single solution. Endpoint ...
Read MoreSearch & Spoof: Abuse of Windows Search to Redirect to Malware
Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows ...
Read MoreThe Sentinel’s Watch: Building a Security Reporting Framework
Imagine being on shift as the guard of a fortress. Your job is to identify threats as they approach ...
Read MoreFake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor
During a recent client investigation, Trustwave SpiderLabs found a malicious version of the ...
Read MoreThreat Advisory: Snowflake Data Breach Impacts Its Clients
Executive Summary On May 20, 2024, Live Nation discovered and disclosed an unauthorized activity in ...
Read MoreCyber Exterminators: Monitoring the Shop Floor with OT Security
Pressure is increasing on manufacturers to monitor their shop floors for malicious activity to ...
Read MoreImportant Security Defenses to Help Your CISO Sleep at Night
This is Part 13 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read More2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies
Trustwave SpiderLabs’ 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing ...
Read MoreHow to Create the Asset Inventory You Probably Don't Have
This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreGuardians of the Gateway: Identity and Access Management Best Practices
This is Part 10 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreProtecting Zion: InfoSec Encryption Concepts and Tips
This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreEDR – The Multi-Tool of Security Defenses
This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreThe Invisible Battleground: Essentials of EASM
Know your enemy – inside and out. External Attack Surface Management tools are an effective way to ...
Read MoreFake Dialog Boxes to Make Malware More Convincing
Let’s explore how SpiderLabs created and incorporated user prompts, specifically Windows dialog ...
Read MoreThe Secret Cipher: Modern Data Loss Prevention Solutions
This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreCVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway
UPDATE: Palo Alto Networks confirmed on Tuesday (4/16) that disabling device telemetry is no longer ...
Read MoreCNAPP, CSPM, CIEM, CWPP – Oh My!
We all know the cybersecurity industry loves its acronyms, but just because this fact is widely ...
Read MorePhishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region
Recently, we observed a phishing campaign targeting the Latin American region. The phishing email ...
Read MoreZero Trust Essentials
This is Part 5 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read More