Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Request a Demo

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Request a Demo
Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP

The Year in Review: Looking Back at the Top Trustwave Blog Posts

4 Minute Read

The most popular Trustwave blog posts in 2021 were indicative of the year itself in cyber. There was a steady drumbeat of cybersecurity headlines along with several widespread attacks that caught mainstream news attention. Organizations also increased their understanding of how managed detection and response services can help protect critical data in the age of advanced threats and complex cloud environments.

Check out the 2021 year in review through the top Trustwave blogs:

Trustwave's Action Response: Log4j Zero-Day Vulnerabilities CVE-2021-44228 and CVE-2021-45046

Just as we thought we might escape 2021 without another major exploit, Trustwave security and engineering teams became aware of the Log4j zero-day CVE-2021-44228 on December 9. They then found the additional CVE-2021-45046 vulnerability on December 14. We immediately investigated the vulnerabilities and potential exploits. Trustwave's infrastructure was not adversely affected by the vulnerability / exploit and our teams immediately jumped into action to protect our clients and inform them of the threat.

How I Hacked A Nuclear Power Plant

In a Q&A blog posted in March, Charles Hamilton, Principal Security Consultant at Trustwave SpiderLabs, discussed how he hacked into a nuclear power plant while conducting a penetration test. The pentest found several vulnerabilities, including the facility using long-outdated Windows NT 4.0 management software and having weak security on a WIFI hotspot. The latter issue allowed Hamilton to access the corporate network gaining domain-level privilege.

Trustwave's Action Response: Kaseya VSA Zero-Day Ransomware Attack

On the afternoon of July 2, reports indicated that the REvil ransomware gang was actively targeting managed service providers (MSPs) who use Kaseya Virtual System/Server Administrator (VSA) with a zero-day attack. Trustwave immediately jumped into action to protect our clients, actively responded to threats, and shared top mitigations.

The Trustwave SpiderLabs team quickly followed up with a further analysis of the attack.

The Aftermath of a Ransomware Attack: How to Recover and Better Prepare

The Kaseya VSA ransomware attack in July compromised about 60 Managed Service Providers and 1,500 of their respective clients' systems, resulting in more than 1 million individual lockups. Shawn Kanady, Director, Threat Fusion & Hunt at Trustwave, blogged just after the attack that Kaseya's situation should have given all organizations ample reason to remain vigilant and be prepared to handle an attack and its aftermath. In the blog, he listed three steps companies should keep in mind while they recover from an incident.

Nobelium Targeting Resellers and Service Provers

In October, the Russia-based cyber gang Nobelium, which analysts believe to be responsible for the December 2020 SolarWinds attack, was on the move again, targeting resellers and IT service providers attempting to infiltrate their customers' systems, according to a Microsoft report. Karl Sigler, Senior Security Research Manager at Trustwave, found it interesting that during this recent spate of attacks Nobelium no longer used a vulnerability to gain initial access. Instead, the group resorted to more common tactics such as password spraying and phishing to steal legitimate credentials and gain privileged access.

What You Need To Know About the New Essential 8 Mitigation Strategies

In July 2021, the Australian Cyber Security Centre (ACSC) released that agency's Essential 8 (the E8) maturity model. This notification was an update of a list originally published in 2017. In a September blog post, Trustwave Principal Security Advisors Arun Raghu and Eder Plansky looked at the key changes made in the new list. These include redefining the E8 maturity levels, moving to a stronger risk-based approach to implementation, and applying the mitigation strategies as a package.

Defining EDR, XDR and MDR: Understanding the Components Behind Threat Detection and Response

Leaders must have a firm understanding of what tools are available to implement proper security at their organization. To that end, in a June blog, Trustwave broke down Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), and Managed Detection and Response (MDR) to help facilitate and inform decision-makers.

World-Class MSS DNA Makes MDR All the More Powerful

Tom Powledge, Chief Product Officer and Senior Vice President of Managed Security Services at Trustwave, in a March blog, discussed Trustwave being named a leader in the Forrester Wave for Managed Security Services. He noted that the key component of this leadership position is due to the company's ability to successfully integrate its elite Trustwave SpiderLabs team and its world-class threat intelligence into our core MSS offerings.

Trustwave 2021 Email Threat Report Highlights Critical Trends in Email Security in the Age of Advanced Threats

In May, Trustwave issued its 2021 Email Threat Report. Some highlights included:

  • Microsoft Excel file attachments were the single most significant attachment type utilized by attackers in 2020, representing 39% of malicious attachments, up from 7 percent in 2019.
  • 43% of malicious Excel attachments made use of Excel 4.0 macros.
  • Longer-term attacks seem to lead as the preferred method of email attack.
  • Over 50% of BEC emails come from Gmail accounts.
  • Phishers increasingly used free cloud infrastructure to host phishing pages and files for sending emails, hosting phishing pages, storing files and more.

Trustwave 2021 Network Security Report Shows How Threats Have Evolved in a Remote Workforce World

The COVID-19 pandemic created enormous challenges for businesses worldwide – and cybersecurity challenges were prominent among them. Employees transitioning to a remote work environment created new vulnerabilities in network systems designed for a centralized, in-office workforce. As a result, there was a subsequent spike in cybercriminal activity, as bad actors hastened to take advantage of the situation, along with an increase in malware attacks and other network security threats.

To give organizations a better view of how the network security landscape has evolved, Trustwave SpiderLabs utilized its internal and external network vulnerability scanning systems and threat intelligence to discover which threats were most pervasive. They compiled their findings in the 2021 Network Security Report.

18002_2021-network-security-report-cover
RESEARCH REPORT

2021 Network Security Report

There’s been no shortage of malicious attacks and bad actors the past year – and no signs of the threat landscape slowing down. Trustwave compiled a report of popular network attack methods and suggested mitigation tactics for organizations to prepare their defenses. Read our 2021 Network Security Report for an overview of the prevalent threats over the last several months and proactive security measures you should take.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Perspectives

Latest Intelligence

A House of Cards: Third-Party Risks Are Undermining Businesses Resilience Strategies
How Prices are Set on the Dark Web: Exploring the Economics of Cybercrime
Upping An Offensive Security Game Plan with Pen Testing as a Service

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo