During a recent penetration test, Trustwave SpiderLabs researchers discovered a weak input validation vulnerability in the CrushFTP application which caused the deletion of all users. CrushFTP is a secure high- speed file transfer server that runs on almost any OS. It handles a wide array of protocols, and security options. CrushFTP stores details of registered users within the filesystem in the users/MainUsers directory.
Cybersecurity is a complex term, it’s become all-encompassing and constantly evolving to include new and emerging technologies, attacks, actors, and a myriad of other points. What this means for organizations large, medium, and small is that each must have a cybersecurity plan in place. An interesting point, however, is despite the mindshare cybersecurity now enjoys, the industry itself is still in its relative infancy.
Trustwave’s recent revamp of its Advanced Continual Threat Hunt (ACTH) platform was inspired by the need to scale to meet a growing client base amid an ever-increasing threat landscape. Now with a patent-pending methodology, the SpiderLabs Threat Hunt team can conduct significantly more hunts and has an unprecedented ability to find more threats.
Trustwave’s new Rapid Action Program (RAP) security solution is designed to help clients quickly answer the question: “do we have any obvious security weaknesses that must be addressed quickly?” In the current environment of ubiquitous attacks and breaches, every company wants comfort that they at least have the basics covered.
The International Association of Privacy Professionals (IAPP) has partnered with the National Cybersecurity Alliance to promote International Data Privacy Day 2023 on January 28, an event dedicated to teaching everyone from major enterprises to the average Internet user how to protect their sensitive personal information.
Trustwave is proud to announce it has attained status as a Microsoft Cloud Solutions Partner for Security with a specialization in Threat Protection.
Trustwave is relaunching its Advanced Continual Threat Hunt (ACTH) platform with a new patent-pending methodology that enables Trustwave researchers to conduct significantly more human-led threat hunts, resulting in a 3x increase in behavior-based threat findings. These discoveries might otherwise go undetected by current EDR tools.
Trustwave has updated its Fusion Platform mobile app, for Apple iOS or Android, adding a bundle of new features and enhancements designed to make monitoring an organization’s security status at any time or place even easier. The Trustwave Fusion platform is a cloud-based cybersecurity platform that serves as the foundation for Trustwave’s managed security services, products, and other cybersecurity offerings.
Trustwave SpiderLabs has found a vulnerability in the Sinilink XY-WFT1 Remote WiFi home Thermostat. When running firmware V1.3.6, it allows an attacker to replay the same data or similar data, possibly allowing an attacker to control the device attached to the relay without requiring authentication.
There is a good chance that 2023 will go down as the year when consumer privacy and data protection finally took a much-needed leap forward in the United States.
