Trustwave today is proud to share that we have officially closed the deal that sees The MC² Security Fund, the private equity fund of The Chertoff Group, acquire Trustwave. Today’s news marks a significant milestone for us and endorses our continuing industry leadership. I am thrilled to be leading the team that will take Trustwave into the next phase of our cybersecurity journey.

The Iranian government has made the claim that a cyber threat group, identified as Gonjeshke Darande or "Predatory Sparrow" in Persian, is linked to Israel and has taken responsibility for the disruption of gasoline pumps throughout Iran on December 18, 2023. Gonjeshke Darande’s (Predatory Sparrow) Telegram channel statement claiming an attack against Iranian gas pumps. In many instances, statements and claims of this nature often prove to be unsubstantiated.

Trustwave SpiderLabs tested a couple of Android OS-based mobile devices to conduct the research on privilege escalation scenarios. Specifically, we wanted to show a straightforward process attackers may use to exploit vulnerabilities in an Android device’s system services and systems. The testing revealed that, in some cases, exploiting the issues we found were very easy.

Threat actors constantly improve their tactics and are always on the hunt for technical or social vulnerabilities they can exploit. The pandemic-induced Great Resignation, massive layoffs, continuous company restructuring, and upcoming holidays make this a very busy time of changes in the labor force. Due to this upheaval, employees are always on the lookout for any updates from their Human Resources (HR) department, as HR often sends updates or notifications via company-wide email.

There is every reason to believe that 2024 will be an interesting year in the cybersecurity space, making it difficult to foresee what might transpire. However, Trustwave’s leadership is up to the task. In Trustwave 2024 Predictions Part 1, we looked at what might hold in store for the upcoming US election cycle and AI.

Recently, we noticed another strain of Instagram “Copyright Infringement” phishing emails in our spam traps. In this version, in addition to targeting Instagram credentials, the cybercriminals also aim to obtain the victim’s Instagram backup codes. This campaign is an enhanced version of what we reported on the SpiderLabs blog titled “Insta-Phish-A-Gram”.

There is every reason to believe that 2024 may be an interesting year in the cybersecurity space, making it difficult to foresee what might transpire. However, Trustwave's leadership is up to the task. There are several issues that Trustwave already knows will be at the core of many challenges that the world will have to face next year.

When it comes to securing the manufacturing sector, the consensus is that these organizations should focus on securing their operational technology (OT) from cyberattacks, but this isn’t the full picture. Trustwave SpiderLabs researchers found that the average cybercriminal group would rather target conventional IT environments in manufacturing.

The exploitation of the CitrixBleed vulnerability in Netscale by a variety of ransomware groups has led to a widespread disruption of services across several industry sectors, including financial services, healthcare and real estate. Dozens of companies are now trying to recover from these attacks, with some being unable to conduct operations due to the severity of the attack. The other reason could be they did not have a good incident response and recovery plan in place.

In the vast world of cybersecurity, as technologies evolve, so do the methods attackers employ to compromise systems. One such intriguing method that recently surfaced is MySQL servers, leveraging SQL commands to stealthily infiltrate, deploy, and activate malicious payloads. Let's delve deeper into the MySQL bot infection process and explore the intricacies of its operation.