On October 15, 2024, SolarWinds released a hotfix for CVE-2024-28988, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an IT service management software widely used across various industries for tracking and managing support tickets. This vulnerability arises from a Java deserialization flaw, which could enable a remote unauthenticated attacker to execute arbitrary code on vulnerable hosts.

The main difference between an attack vector and an attack surface is that an attack vector is the specific way a cybercriminal can take advantage of an entry point, whereas an attack surface is the total number of entry points that a cybercriminal could potentially exploit.

If you’re a firm that works with foreign governments, in addition to certifications like ISO 27001 that you will generally need to achieve, you will also have to have processes in place for handling foreign government information or FGI. It’s not enough that your internal network is classified and access controlled; you need specific handling processes and procedures for managing FGI separately from other confidential or classified data you may have.

The integration of AI, especially Gen AI, into healthcare has been transforming the industry, enabling providers to enhance patient care, streamline operations, and reduce costs. Below is an overview of the most promising AI use cases in healthcare that are reshaping the industry.

Bumblebee is a highly sophisticated downloader malware cybercriminals use to gain access to corporate networks and deliver other payloads such as Cobalt Strike beacons and ransomware. The Google Threat Analysis Group first discovered the malware in March 2022 and named it Bumblebee based on a User-Agent string it used. The Netskope Threat Labs team discovered what seems to be a new infection chain leading to Bumblebee malware infection, and our findings corroborate those shared by other researchers.

The CREST Cyber Security Incident Response (CSIR) accreditation is an esteemed certification designed to assure that an organisation has the necessary processes, skills, and capabilities to support clients in mitigating, responding to, and recovering from cyber incidents. CREST, a globally recognised accreditation body, sets the benchmark for high standards in cyber security, ensuring that accredited companies deliver excellence in every facet of cyber response services.

As the January 2025 deadline approaches, financial institutions across the European Union prepare to increase their financial data security by meeting regulatory compliance standards with the Digital Operational Resilience Act (DORA). But what exactly is DORA, and why does it matter for your organisation? Let’s take a closer look.

At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. Instead of waiting an extra couple of months, we thought why not get ahead of the curve, pretend that ransomware will again be an issue, because it will, and proceed to the part of the story where we go through the problem and mitigation methods.

The Human Risk Summit has concluded for another year, showcasing an exciting new theme focused on the personalization of security. This year’s discussions highlighted the importance of tailoring security measures to individual needs, with a strong focus on AI, social engineering tactics, and actionable steps organizations can take to strengthen their security strategy.

Our Threat Intelligence team has observed an emerging obfuscation technique, specifically used to make Natural Language Processing (NLP) detection capabilities less effective. Broadly, malicious actors are adding additional characters, break lines, and legitimate links to the end of a phishing email in an attempt to disguise their malicious payloads amongst the noise and evade NLP detection.