The Trustwave SpiderLabs team's recent in-depth look at the threats facing the retail landscape has uncovered a wide array of adversaries actively attacking this sector along with their tried-and-true methods of gaining access, moving laterally, and finally exfiltrating valuable data. This information is thoroughly detailed in the Trustwave Threat Intelligence Briefing: The 2023 Retail Services Sector Threat Landscape.

There’s been a “precipitous rise” in QR code phishing campaigns in 2023, according to Matthew Tyson at CSO. “For the attacker, QR codes bring a number of benefits, including some appreciated by legitimate businesses: they are easy to create and easy to use,” Tyson writes.

This is a cautionary tale of both how your data can legally end up in the hands of an organization you never intended and how victims can be largely left in the dark post-breach. Normally when there’s a press release from an organization hit by a data breach, there are at least a few details that let customers know the company has a handle on what transpired, that the breach has been mitigated, and what customers impacted should do to protect themselves.

With security team workloads increasing year-on-year, it’s no surprise that practitioners are selective about the cybersecurity events and conferences they attend. But despite reporting high levels of understaffing and burnout, most security pros find the time to attend these events. According to the 2023 Voice of the SOC report, which surveyed 900 practitioners in the US and Europe, 81% have attended at least one conference in the past two years.

In the ever-evolving landscape of cybersecurity, staying ahead of potential threats is a perpetual challenge for businesses. One recent vulnerability that has sent shockwaves through the corporate world is the MOVEit vulnerability. This flaw, discovered in widely used file transfer software, has had a profound impact on companies across various industries.

The integration of artificial intelligence (AI) into various domains has become ubiquitous. One area where AI’s influence is particularly pronounced is in cybersecurity. As the digital realm expands, so do the threats posed by cybercriminals, making it imperative to employ advanced technologies to safeguard sensitive information.

In recent years, the landscape of cyber threats has witnessed a dramatic shift, with ransomware emerging as a formidable and ever-evolving menace. As organizations and individuals become increasingly dependent on digital infrastructure, cybercriminals are quick to adapt their tactics, making it crucial to stay abreast of the latest trends in ransomware.

Redefining Cybersecurity Perimeters Traditional security models that rely on a defined perimeter are proving to be inadequate in protecting sensitive data and systems. The increasing sophistication of cyber threats demands a more proactive and robust approach. Enter Zero Trust Architecture (ZTA), a paradigm shift in cybersecurity that challenges the conventional notion of trust within network boundaries.

Biometric authentication has emerged as a cutting-edge technology that promises to enhance the accuracy and efficiency of identity verification. Biometrics involves the use of unique physical or behavioral characteristics to confirm a person’s identity, and its applications range from unlocking smartphones to securing sensitive government facilities.

The Internet of Things (IoT) has emerged as a transformative force, connecting devices, sensors, and systems to enable seamless communication and data exchange. From smart homes to industrial processes, IoT has revolutionized the way we live and work. However, with this proliferation of connected devices comes a significant challenge: ensuring the security of the IoT ecosystem.