Google Workspace is a popular productivity suite, and its broad collection of apps (such as Gmail, Drive, Calendar, and Docs) can give attackers a central point of entry for accessing sensitive and valuable data if they compromise an account. Learning how to identify malicious activity in your Workspace environment enables you to stop threats before they become more serious. In this post, we’ll look at a few ways attackers gain access to and take advantage of Google Workspace.

As we reflect on the past year, we're incredibly proud to share that Trustwave has been recognized by some of the most respected industry analyst firms. These accolades, spanning a variety of security services and global regions, solidify our position as a global leader in cybersecurity.

Cybersecurity is a complex business, and there are numerous standards and frameworks meant to help businesses achieve some level of security and protection in a hostile world. Among those programs is CMMC, the Cybersecurity Maturity Model Certification. With a new final rule in the finishing stages, it’s critical to know the details if it’s important to your business. CMMC is an initiative and a framework developed and maintained by the United States Department of Defense.

A threat actor is abusing HubSpot’s Free Form Builder service to craft credential-harvesting phishing pages, according to Palo Alto Networks’ Unit 42. The campaign has targeted at least 20,000 users at European companies in the automotive, chemical, and industrial compound manufacturing sectors. The attacks are designed to steal credentials in order to compromise victims’ Microsoft Azure cloud services.

Configuration management tools like Ansible, Chef, and Puppet offer various methods for handling secrets, each with inherent trade-offs. The article explores these approaches alongside modern OIDC-based solutions that enable short-lived authentication tokens for automated processes.

The cloud has enabled faster, more reliable and more scalable software delivery for organizations. Alongside these improvements come greater complexity and security considerations, all of which have implications when preparing for cloud security audits. Like all security audits, cloud security audits help ensure that data is kept safe from unauthorized access and theft.

Welcome to the most prestigious event in the world of cyber trickery: the annual Avast Phishing Awards! Join us as we unveil the most noteworthy, side-eye-inducing, and downright dubious email headlines that made this such a year to remember.

White-box fuzz testing has proven highly effective in finding critical bugs and vulnerabilities. Tech giants like Google and Microsoft uncover thousands of issues using this method. But why doesn’t every company adopt fuzz testing as part of their testing strategy? The main barrier is the high level of manual effort and the extensive time required to properly set it up and maintain it.

Find out how unpatched software can compromise your security and discover strategies to mitigate these risks effectively.

In today’s IT environment, the only certainty is uncertainty. This adage holds true across nearly every sector and industry, especially in the ever-evolving tech world, where uncertainty and change are constant. Organizations that fail to adapt quickly risk being left behind. As the saying goes, “past behavior or actions are often a good predictor of future behavior or actions”. To stay one step ahead it is essential understanding the past, present, and future trends.