2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies
Trustwave SpiderLabs’ 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing ...
Read MoreHow to Create the Asset Inventory You Probably Don't Have
This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreGuardians of the Gateway: Identity and Access Management Best Practices
This is Part 10 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreProtecting Zion: InfoSec Encryption Concepts and Tips
This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreEDR – The Multi-Tool of Security Defenses
This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreThe Invisible Battleground: Essentials of EASM
Know your enemy – inside and out. External Attack Surface Management tools are an effective way to ...
Read MoreFake Dialog Boxes to Make Malware More Convincing
Let’s explore how SpiderLabs created and incorporated user prompts, specifically Windows dialog ...
Read MoreThe Secret Cipher: Modern Data Loss Prevention Solutions
This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreCVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway
UPDATE: Palo Alto Networks confirmed on Tuesday (4/16) that disabling device telemetry is no longer ...
Read MoreCNAPP, CSPM, CIEM, CWPP – Oh My!
We all know the cybersecurity industry loves its acronyms, but just because this fact is widely ...
Read MorePhishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region
Recently, we observed a phishing campaign targeting the Latin American region. The phishing email ...
Read MoreZero Trust Essentials
This is Part 5 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreWhy We Should Probably Stop Visually Verifying Checksums
Hello there! Thanks for stopping by. Let me get straight into it and start things off with what a ...
Read MoreAgent Tesla's New Ride: The Rise of a Novel Loader
Malware loaders, critical for deploying malware, enable threat actors to deliver and execute ...
Read MoreEvaluating Your Security Posture: Security Assessment Basics
This is Part 4 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreTrustwave SpiderLabs: Artificial Intelligence Playing a Prime Role in BEC and Phishing Attacks
Criminals have historically been quick to embrace cutting-edge technology for their financial gain. ...
Read MoreThe Inevitable Threat: AI-Generated Email Attacks Delivered to Mailboxes
Generative AI exploded in popularity not too long ago but its influence on text and media creation ...
Read MoreCybersecurity Documentation Essentials
This is Part 3 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts.
Read MoreUkrainian Intelligence Claims Successful Compromise of the Russian Ministry of Defense
On March 4, 2024, the Telegram channel of the Main Directorate of Intelligence of the Ministry of ...
Read MoreCost Management Tips for Cyber Admins
As anyone who has filled out an expense report can tell you, cost management is everyone's ...
Read MoreResurgence of BlackCat Ransomware
Updated March 8: Based on our experience, we believe that BlackCat's claim of shutting down due to ...
Read MoreCloud Architecture, Frameworks and Benchmarks
At any point in your cloud security journey, you should consider practical architectures, ...
Read MoreHunting For Integer Overflows In Web Servers
Allow me to set the scene and start proceedings off with a definition of an integer overflow, ...
Read MoreWelcome to Adventures in Cybersecurity: The Defender Series
I’m happy to say I’m done chasing Microsoft certifications (AZ104/AZ500/SC100), and as a result, ...
Read MoreTrustwave SpiderLabs: Insights and Solutions to Defend Educational Institutions Against Cyber Threats
Security teams responsible for defending educational institutions at higher education and primary ...
Read MoreBreakdown of Tycoon Phishing-as-a-Service System
Just weeks after Trustwave SpiderLabs reported on the Greatness phishing-as-a-service (PaaS) ...
Read MoreTrustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising
During an Advanced Continual Threat Hunt (ACTH) investigation that took place in early December ...
Read MoreTrustwave SpiderLabs Guide: Jailbreaking Apple iOS 17 and Above
PLEASE NOTE: Jailbreaking any phone has the potential to permanently damage your device. Even if ...
Read More