In May 2021, President Joe Biden signed the 30 - page Executive Order (EO) on Improving the Nation’s Cybersecurity covering a host of cybersecurity issues. It mandates that Executive branch agencies deploy multifactor authentication, endpoint detection and response, and encryption. It also describes how government agencies should evaluate the software they buy and calls for these agencies to adopt "zero trust" architectures and more secure cloud services.

Modern healthcare is amazing. Hundreds of people, devices, and gigabytes of data are all harmonized to save lives and keep people healthy. Unfortunately, the very pieces that help keep us well provide a perfect hunting ground for threat actors. Threat actors are attracted to the data rich environments in healthcare organizations.

Frost & Sullivan analysts investigated 70 market participants and recognized Trustwave as one of 15 Innovators in the field. The report noted that Trustwave’s Fusion platform allows clients to manage and view their cybersecurity status, and elite SpiderLabs are driving factors behind being honored. “Trustwave Fusion, a security operations platform that integrates and enriches data from over 750 third-party sources, including cloud, network, endpoints, and email.

For the price of a Starbuck’s Caramel Frappuccino Grande and a cheese Danish, about $8, a cybercriminal can obtain all the information needed to max out a person’s stolen credit card and possibly steal their identity. This is just one example dredged from the Dark Web by the elite Trustwave SpiderLabs team while it was conducting research for an exhaustive study into what cybercriminals charge for stolen records.

A few months ago, we reported on an interesting site called the Chameleon Phishing Page. These websites have the capability to change their background and logo depending on the user’s domain. The phishing site is stored in IPFS (InterPlanetary File System) and after reviewing the URLs used by the attacker, we noticed an increasing number of phishing emails containing IPFS URLs as their payload.

The typical life of a consultant working in the field of governance, risk and compliance is often not deeply technical, but we have to be aware of new technology and the risks it poses; this is very true when it comes to Cloud, and with the massive adoption of Cloud as the vast majority of organizations now use cloud services on some level.

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company. However, there is more to being a Red team member than just signing up.

One of the lesser-known but extremely important roles the Trustwave Fusion portal, known as the Fusion Security Testing Suite (STS) plays is as a conduit for our clients when running a penetration testing program.

Leadership and teamwork personally and professionally have long been a passion of mine, while we all interpret and digest the concepts differently, I usually find the strongest parallels in team sports. Over the last couple of months there has been no shortage of sport available to watch – tennis, cricket tests, state of origin, rugby (mostly look forward to the seeing the Springboks play) and I guess AFL requires an obligatory mention.

From the outside, it might appear as if Trustwave MailMarshal is a stand-alone solution that on its own is able to effectively defend email systems from a wide variety of phishing, malware, and business email compromise (BEC) attacks. The truth is MailMarshal is backed not only by one of the best trained, most experienced cybersecurity research teams in the industry but also by a technology stack that has been decades in the making.