Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


How Cybercriminals Use Breaking News for Phishing Attacks

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social engineering scheme to convince people to open malicious phishing emails or fall for other types of attacks. Using this news cycle is nothing new.

Trustwave Named in 2024 Gartner Market Guide for Managed Detection and Response (MDR)

For the second consecutive year, Trustwave has been named a Representative Vendor in the 2024 Gartner Market Guide for Managed Detection and Response. "We are honored Gartner has yet again named Trustwave a Representative Vendor for MDR," said Trustwave CEO Eric Harmon. "It is well understood that organizations today face a wide variety of threats that are best combatted by a world-class team of analysts and researchers like Trustwave SpiderLabs.

6 Steps on How to Respond to a Data Breach Before it Ruins Your Business

Too many consumers have awoken one morning to find messages from a retailer or their bank detailing purchases made through their account of which they were unaware. While the realization that they have been hacked will cause some well-deserved panic for the account holder, it usually only takes a few phone calls to cancel purchases, change a password, and cancel a credit card to put a stop to the problem.

Using AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys

When working with Amazon Web Services (AWS), we often find that various AWS services need to store and manage secrets. AWS Secrets Manager is the go-to solution for this. It's a centralized service designed to help manage sensitive information securely, significantly reduce the risk of credential compromise, and facilitate your credential management process. However, there's more to it than just storing secrets.

Latest AT&T Data Breach Highlights the Need to Double Down on Cybersecurity Basics

AT&T reported on July 12 that an internal investigation had revealed that the telecommunication provider had been victimized by a third-party breach,resulting in the compromise of records of calls and texts of nearly all of AT&T’s cellular customers. An AT&T spokesperson confirmed to a news source that the breach resulted from of the data stolen from cloud storage firm Snowflake.

Facebook Malvertising Epidemic - Unraveling a Persistent Threat: SYS01

The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use Facebook for malicious activity has uncovered a new version of the SYS01 stealer. This stealer is designed to take over Facebook accounts, steal credential information from affected users' browsers, and then leverage legitimate accounts to further the spread of the malware.

Unlock Zero Trust: Why Database Security is the Missing Piece

As organizations consider their journey to establishing a strong Zero Trust culture, they must adopt a data-centric approach, and this begins with ensuring database security. Data, or more specifically, knowing your data, is at the heart of Zero Trust. This means databases must be considered critical assets with the appropriate security considerations applied.

Network Isolation for DynamoDB with VPC Endpoint

DynamoDB is a fully managed NoSQL database service offered by Amazon Web Services (AWS). It is renowned for its scalability, dependability, and easy connection with other AWS services. Notwithstanding its manifold advantages, organizations continue to place a high premium on guaranteeing the security of data stored in DynamoDB. By default, DynamoDB can be accessed over the public network using HTTPS, ensuring secure communication with SSL/TLS encryption.