Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2024

Find open source vulnerabilities in containers with Black Duck Binary Analysis | Black Duck

Discover how to identify open source components and vulnerabilities in various software binaries including container images, mobile apps, and embedded software with Black Duck Binary Analysis What’s covered?

Zero Trust in 2025: 5 Sensitive Areas to Prioritize

From external collaboration and compliance to key financial info and intellectual property, here are five areas that need Zero Trust as a priority. In mid 2024, Gartner research found that 63% of global organizations had fully or partially-implemented a Zero Trust strategy, but these strategies only covered a small portion of the organization’s environment and that many enterprises were still “not sure what the top practices are for Zero Trust implementations.”

From Retail Rampages to 2FA Fails: Trustwave's Wild Ride Through the 2024 Cybersecurity Circus

As always in cybersecurity, hardly a dull day went by in 2024. So much happened we thought it might be helpful to remind everyone what went down over the last 12 months. At least from a Trustwave SpiderLabs perspective. Here are the top SpiderLabs’ blogs, as voted by viewer readership analytics: Trustwave SpiderLabs would like to thank all its readers and we hope we informed, inspired and maybe made you laugh a few times in 2024. See you all next week in 2025.

December Release Rollup: Audio Input in Egnyte Copilot, Procore Integration - Photos and Metadata Sync, and More

We’re excited to share new updates and enhancements for December, including: For more information on these updates and others, please read the complete list below and follow the links for more detailed articles.

A Simple Guide to Building a Discord Bot! (Part 3)

This is the third video of our series 'How to Build a Discord Bot'. In this video, we will be focussing on data storage and setting up a database to store our Wordle results in. Stay tuned for the next video where we will be deploying the bot, which will be able to run 24/7! Each video will be published one week from the previous.

What Is Digital Forensics? A Key to Solving Cybercrimes

Digital forensics, which is sometimes called the "science of the digital age," is very important for finding digital proof and solving cybercrimes. Because of how connected everything is these days and how almost everything leaves a digital trail, digital forensics gives us the methods and tools to find, collect, study, and keep data for future investigations.

Importance of Password Encryption for Data Protection

In this digital age, where cyber threats are always evolving, keeping private data safe has become important for both people and businesses. Encrypting passwords is an important part of data security because it keeps user information hidden from attackers who shouldn't have access to them. Advanced algorithms are used to encrypt passwords into unreadable form. This makes encryption a strong defense against breaches and identity theft.

Security Bulletin: Critical Remote Code Execution Vulnerability in Apache Struts [CVE-2024-53677]

A newly discovered critical vulnerability, CVE-2024-53677, in Apache Struts enables remote code execution (RCE) and is actively exploited in the wild using a publicly available Proof-of-Concept (PoC). Apache Struts is an open-source framework for building Java-based web applications. It helps developers create scalable software solutions, that powers everything from e-commerce websites to financial systems and government platforms.

What You Need to Know About 2025 Data Privacy Regulations in the U.S.

In an era where data breaches make headlines almost weekly and cybercrime costs businesses billions annually, states across the U.S. are taking decisive action to protect their residents’ sensitive information. From California’s groundbreaking privacy laws to New York’s rigorous cybersecurity requirements for financial institutions, state-level regulations are rapidly evolving to address the complex challenges of digital data protection.

A White Hat's 2024 Reflections: Cybersecurity Insights and Lessons

As 2024 comes to a close, today, I’m reflecting on some of the key events and trends that shaped my offensive security research this year. From publishing my first book to writing regular blogs on some of cybersecurity’s hottest topics, each piece has contributed to a clearer understanding of the evolving digital landscape.