Cybercriminals have long used Microsoft documents to pass along malware and they are always experimenting with new ways to deliver malicious packages. As defenders, Trustwave SpiderLabs’ researchers are always looking out for new or unusual file types, and through this ongoing research, we uncovered threat actors using a OneNote document to move Formbook malware, an information stealing trojan sold on an underground hacking forum since mid-2016 as malware-as-a-service.

Recently, we’ve noticed an increase in user reports of SMS-based Business Email Compromise (BEC) messages. This seems to be part of a wider trend as phishing scams via text messages surge. The Federal Communications Commission (FCC) observed an increase in unsolicited text messages, with 2022 practically tripling the number of phishing texts reported to the FCC in 2019. Phishing scams are prevalent in the SMS threat landscape, and now, BEC attacks are also going mobile.

Trustwave has been named as a Major Player in the IDC MarketScape: Asia/Pacific Professional Security Services Vendor Assessment (doc #AP49101123e, October 2022). According to the report, “Trustwave has established itself as a reputable and reliable player in the market and plans to continually invest in enhancing its service offerings with a focus on global scalability, platform delivery models, and interconnection between MSS and PSS services.”

Trustwave SpiderLabs is among the most well-respected teams in the cybersecurity industry, having gained a reputation for conducting cutting-edge research, plying the foggy corners of the darkweb for information, and detecting and hunting down threats. What is less well known is how Trustwave’s SpiderLabs’ various teams’ function and then pull together to create the formidable force that is the backbone of all Trustwave’s offerings.

The 2022 holiday shopping season is here. Retailers’ discounts are kicking off early, and shoppers are eager to spend, especially with big price markdowns to come as the season progresses. And with the COVID-19 pandemic still a concern to shoppers, more people are expected to shop online this season. What this also means is that as consumers whip themselves into a shopping frenzy, cybercriminals have activated their seasonal scams to try and steal money or personal information.

Due to the increasing number of cyberattacks, particularly zero days, organizations are scrambling to obtain the best security services available. While even the smallest organization might feel that implementing Two-Factor Authentication (2FA) will keep its data secure, a targeted attack from a nefarious threat actor could lure an employee into clicking and opening a malicious document.

Operational Technology (OT) security has been thrown into the spotlight in the wake of several recent high-profile supply chain attacks targeting critical infrastructure. Security incidents such as the Colonial Pipeline attack have re-established the critical significance of Operational Technology Security, especially for the global power and energy sector.

Trustwave has been named as a Leader the IDC MarketScape: Asia/Pacific Managed Security Services 2022 Vendor Assessment (doc #AP4910122e, October 2022). According to the IDC MarketScape, “Trustwave has been aggressively working with enterprises and midmarket customers to offer effective MDR services that are easy and simple to implement with affordable pricing options.”

Pro-Russian threat actor group Killnet claims to have launched DDoS attacks against Starlink and the United States’ government website whitehouse.gov. Starlink is a satellite internet service company operated by SpaceX. In 2019, SpaceX began launching Starlink satellites, and as of September 2022 is reported to have launched more than 3,000 satellites into low-Earth orbit (LEO).

Evolution of the SOC – From the Dark Ages to Enlightenment, shifting to an agile threat informed cyber defense program How important is the Security Operations Center (SOC) to a business and a security leader's overall success? The answer is a bit cloudier than one would believe, given the length of time the SOC has been part of our security program lexicon.