Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2025

Trustwave

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing

Feb 28, 2025 By Trustwave In Trustwave
When it comes to choosing a manufacturer to target for attack, threat groups have a healthy list of tools from which to choose. All of which are made more powerful due to this industry’s complex cybersecurity posture, driven by the increasing integration of IT/OT environments.
Read Post
Trustwave

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing

Feb 27, 2025 By Trustwave In Trustwave
The line between Information Technology (IT) and Operational Technology (OT) has been blurring for years and what once were two distinct realms — IT managing data and networks, and OT controlling physical processes on the production floor — are now converging to drive smarter, more efficient manufacturing.
Read Post
Trustwave

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing

Feb 26, 2025 By Trustwave In Trustwave
As the manufacturing sector continues to modernize and develop deeper and wider connections to the Internet, the industry has opened itself up to a broad range of sophisticated cyberattacks designed to take advantage of this sector’s still-developing cyber defenses. Trustwave SpiderLabs explains these and other issues facing manufacturers in its just released 2025 Trustwave Risk Radar Report: Manufacturing Sector, and offers a list of protective mitigations organizations can adopt.
Read Post
Trustwave

Attacks Against Government Entities, Defense Sector, and Human Targets

Feb 25, 2025 By Pawel Knapczyk and Nikita Kazymirskyi In Trustwave
In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we gave a brief look at our major findings as well as the main differences between how Russia and Ukraine wage attacks in the digital frontlines. In this part of our series, we shed light on how both countries target government entities, defense organizations, and even human targets as part of their overall strategy to win the war.
Read Post
Trustwave

How the Trustwave NIS2 Maturity Accelerator Can Help Navigate NIS2 Compliance

Feb 25, 2025 By Trustwave In Trustwave
The European Union (EU) Network and Information Security Directive 2 (NIS2) introduces stricter cybersecurity requirements than its predecessor, the original NIS Directive. With the compliance deadline fast approaching, in-scope organizations must take proactive steps to ensure they have enacted NIS2 requirements, thereby strengthening their security posture.
Read Post
Trustwave

Be the First to Receive the 2025 Trustwave Risk Radar Report: Manufacturing Sector

Feb 21, 2025 By Trustwave In Trustwave
Trustwave is set to unveil the 2025 Trustwave Risk Radar: Manufacturing Sector - a deep dive into the most pressing cybersecurity risks facing the industry - on February 26 as part of Trustwave SpiderLabs’ multi-year research into the particularly unique set of cybersecurity threats positioned against the manufacturing sector. Pre-register now to be among the first to receive this comprehensive research plus additional deep dives and expert-led webinar overviews of the materials.
Read Post

Trustwave is FedRAMP Authorized

Feb 20, 2025 By Trustwave In Trustwave
Trustwave is officially the first pure-play MDR provider to attain FedRAMP authorization! This milestone isn’t just a win for us, it’s a game-changer for federal and commercial organizations. With a continuously vetted security operations platform, parity across global regions, and a commitment to next-gen cloud security, we're setting the bar higher than ever. Hear from Trustwave Government Solutions President, Bill Rucker, on what this means for security, compliance, and the future of managed detection and response.
View Video
Trustwave

Trustwave Becomes First Pure-Play MDR Provider to Achieve FedRAMP Authorization

Feb 20, 2025 By Trustwave In Trustwave
Trustwave has attained authorized status by the Federal Risk and Authorization Management Program (FedRAMP) for its Government Fusion platform. This announcement follows Trustwave being named last year as an official StateRAMP-authorized vendor. These achievements cap a multi-year journey through the FedRAMP process and make Trustwave the only pure-play Managed Detection and Response (MDR) provider recognized by FedRAMP.
Read Post
Trustwave

Unlock the Full Potential of Microsoft FastTrack with Trustwave

Feb 19, 2025 By Trustwave In Trustwave
There was once a famous advertising tagline used in TV commercials. "But wait, there's more!" This line was used to sell knives that could cut through a soda can and stay sharp enough to slice a tomato, but now there is a more up-to-date situation where the line is still applicable. "You bought Microsoft 365, great!
Read Post
Trustwave

Building a Sustainable PCI DSS 4.0 Compliance Culture

Feb 18, 2025 By Craig Searle In Trustwave
The Payment Card Industry Data Security Standard (PCI DSS) has long been recognized as the gold standard for payment security, establishing rigorous protocols for organizations that handle credit and debit card data. Designed to bolster defenses and minimize the risk of costly data breaches, PCI DSS is now poised for a major evolution. With the introduction of PCI DSS 4.0, new compliance requirements will become mandatory starting March 31, 2025.
Read Post
Trustwave

The Rise of Email Marketing Platforms for Business Email Compromise Attacks

Feb 18, 2025 By Maria Katrina Udquin In Trustwave
In a statistical report published in September 2024 by the Federal Bureau of Investigation (FBI), it was revealed that more than US$55 billion was lost to business email compromise (BEC) attacks between October 2013 and December 2023. This profitability drives attackers to further their techniques and adapt to security filters. BEC is a highly sophisticated and researched scam that aims to bait a specific type of employee or department in a company.
Read Post
Trustwave

The Threat Within: Understanding the Role of Malicious Insiders in Cyberattacks

Feb 13, 2025 By Trustwave In Trustwave
The Financial Industry Regulatory Authority (FINRA) recently released the 2025 FINRA Annual Regulatory Oversight Report, which observed an increase in the variety, frequency, and sophistication of insider threats by threat groups.
Read Post
Trustwave

How AI-powered Secure Email Gateways Fight Back vs. AI-armed Bad Actors

Feb 12, 2025 By Trustwave In Trustwave
As bad actors use artificial intelligence to step up their phishing game, mounting an effective defense means using a secure email gateway that likewise employs AI to detect even the most cleverly crafted phishing emails and the fraudulent websites to which the emails attempt to direct recipients. The concern is not just with generative AI (GenAI) tools like ChatGPT, which has some (rather limited) guardrails to prevent nefarious use.
Read Post
Trustwave

Cyber and Physical Security Considerations for Returning to the Office

Feb 11, 2025 By Kory Daniels In Trustwave
When remote work became mandatory in the wake of the 2020 COVID pandemic, organizations had to quickly dispatch staffers to their homes with all the equipment, and services, they would need to do their jobs. However, as organizations ranging from the US government to JP Morgan Chase to Amazon, have all put out a call for their workers to return to the office, security issues will again become paramount.
Read Post
Trustwave

Trustwave Named a Top 100 Security MSP by CRN for 6th Consecutive Year

Feb 10, 2025 By Trustwave In Trustwave
For the sixth consecutive year, the leading channel publication CRN named Trustwave to its 2025 Managed Service Provider (MSP) 500 list in its Security 100 category. The Trustwave Global Channel Partner Program earned this honor by providing one of the industry's most extensive collections of security products and services. These offerings cater to enterprise requirements in threat detection and response, as well as vulnerability and risk management.
Read Post
Trustwave

Will the UK's Ransomware Proposal Work? Trustwave Weighs in on the Potential Impact

Feb 6, 2025 By Trustwave In Trustwave
The recent UK Home Office proposal designed to hinder and disrupt ransomware operations through several proposed measures, including a targeted ban on ransomware payments, has again brought this question into the public square. The question of whether to pay a ransom demand is a decades-long argument with ardent opinions on both sides.
Read Post
Trustwave

Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity

Feb 5, 2025 By Trustwave In Trustwave
While Chief Information Security Officers (CISOs) know how crucial a consistent enterprise penetration testing program is to their cybersecurity program, convincing their fellow leaders and board members to invest in pen testing amid other budget demands can be challenging. The key is to speak to these leaders in terms they readily understand, focusing largely on risk.
Read Post
Trustwave

Trustwave SpiderLabs: Examining How New Ransomware Groups Emerge

Feb 4, 2025 By Trustwave In Trustwave
Two newcomers have made their way onto the ransomware threat group stage, becoming the biggest threat to the energy and utilities sector in 2025. According to the most recent data from Trustwave SpiderLabs’ Energy and Utilities Sector Deep Dive: Ransomware Threat Groups, Hunters International and Qilin (pronounced Chee Lin) displaced LockBit as the most active group attacking these sectors.
Read Post
Trustwave

Beyond the Chatbot: Meta Phishing with Fake Live Support

Feb 4, 2025 By Mike Casayuran and John Kevin Adriano In Trustwave
In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals exploit Facebook Messenger chatbots to execute social engineering attacks, deceiving users into falling victim to scams and phishing schemes. These attacks often rely on the perceived legitimacy of automated systems to manipulate users into sharing sensitive information.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.