Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails
Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that ...
Read More
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
How Threat Actors Conduct Election Interference Operations: An Overview
The major headlines that arose from the three most recent US presidential election cycles ...
Read MoreFeline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)
Introduction In the perpetually evolving field of cybersecurity, new threats materialize daily. ...
Read MorePronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader
Trustwave's Threat Intelligence team has discovered a new malware dubbed Pronsis Loader, with its ...
Read MoreWhat We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177
On September 26, 2024, security researcher Simone Margaritellidisclosed the details of four ...
Read MoreShedding Light on Election Deepfakes
Contrary to popular belief, deepfakes — AI-crafted audio files, images, or videos that depict ...
Read MoreHTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content
HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ ...
Read MoreWhy Do Criminals Love Phishing-as-a-Service Platforms?
Phishing-as-a-Service (PaaS) platforms have become the go-to tool for cybercriminals, to launch ...
Read MoreSpam With A Political Twist: Fraudsters Are Exploiting The Election Season
The US election is less than 70 days away and threat actors are busy crafting malicious spam that ...
Read MoreDistributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media
With the US election on the horizon, it’s a good time to explore the concept of social media ...
Read MoreTrustwave SpiderLabs Research: 20% of Ransomware Attacks in Financial Services Target Banking Institutions
The 2024 Trustwave Risk Radar Report: Financial Services Sector underscores the escalating threat ...
Read MoreExploring an Experimental Windows Kernel Rootkit in Rust
Around two years ago, memN0ps took the initiative to create one of the first publicly available ...
Read MoreHypervisor Development in Rust for Security Researchers (Part 1)
In the ever-evolving field of information security, curiosity and continuous learning drive ...
Read MoreYour Money or Your Data: Ransomware Readiness Planning
Today’s blog installment brings us to the end of our 30-week journey that covered 30 cybersecurity ...
Read MoreExposed and Encrypted: Inside a Mallox Ransomware Attack
Recently, a client enlisted the support of Trustwave to investigate an unauthorized access incident ...
Read MoreThe Willy Wonka World of Application Security Defenses
One doesn’t have to be a magician to understand how to track the hundreds, if not thousands, of ...
Read MoreThe Bug Stops Here: Using DevSecOps Workflows for Pest-Free Applications
Developers and cybersecurity have an interesting relationship. Developers have no problem with ...
Read MoreDeep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928
In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It ...
Read MoreTrustwave Rapid Response: Mitigate Windows TCP/IP RCE Vulnerability (CVE-2024-38063)
Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that ...
Read MoreThe Art of Deception: Turning the Tables on Attackers with Active Defenses
Once an attacker enters your network, one of their first actions will be to try and hide their ...
Read MoreSentinels of Ex Machina: Defending AI Architectures
The introduction, adoption, and quick evolution of generative AI has raised multiple questions ...
Read MoreSYS01 Infostealer and Rilide Malware Likely Developed by the Same Threat Actor
Drawing on extensive proprietary research, Trustwave SpiderLabs believes the threat actors behind ...
Read MoreMultiple Cross-Site Scripting (XSS) Vulnerabilities in REDCap (CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396)
Trustwave SpiderLabs uncovered multiple stored cross-site scripting (XSS) vulnerabilities ...
Read MoreKnowing your Enemy: Situational Awareness in Cyber Defenses
Most homeowners know that a lock is a good idea as a basic defense against invaders, and leaving ...
Read MoreCloudy with a Chance of Hackers: Protecting Critical Cloud Workloads
If you've been following along with David's posts, you'll have noticed a structure to the topics: ...
Read MoreTrustwave Rapid Response: CrowdStrike Falcon Outage Update
Trustwave is proactively assessing and monitoring our clients who may have been impacted by ...
Read MoreUsing AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys
When working with Amazon Web Services (AWS), we often find that various AWS services need to store ...
Read More