The threats facing databases today are numerous and constantly evolving as the perimeter continues to fall away in favor of multi-cloud environments. This change means organizations must adopt an in-depth, data-centric security approach that includes a program designed from the ground up to protect databases.

Email security is not a simple check-box item. The need to have a strong email security solution in place has never been greater. Email is ubiquitous, and the average employee receives so many emails on a daily basis that they often open and click on messages without giving a second thought to any potential problem they might pose. This means an organization must have an email security solution in place to find and block suspicious emails before someone mistakenly clicks on a link.

As we approach the one-year anniversary of the Colonial Pipeline ransomware attack, it is an excellent time to reflect upon what took place and how that incident can serve as a teaching point for any organization interested in preventing a ransomware attack. First, here is a quick refresher on what transpired.

There is a bit of serendipity associated with World Password Day 2022. This year the day falls on May 5, the day before the first anniversary of the devastating Colonial Pipeline ransomware attack, which was initiated through a compromised password. The combination of National Password Day and the Colonial Pipeline anniversary should help remind everyone that password security is incredibly important and ever evolving.

Ladies and gentlemen of all ages and security roles, let us dive head-first into this newish thing called XDR. There is no shortage of vendors, and researchers, providing you their definition on what XDR actually represents so it becomes is there one you agree with or not. Taking a slightly different tact to explore what does XDR mean to you, and your security team.

As part of our regular Dark Web and cybercriminal research, Trustwave SpiderLabs has uncovered and analyzed postings from a politically motivated, pro-Russian ransomware group named Stormous. The group has recently proclaimed support for Russia in its war with Ukraine, attacking the Ukraine Ministry of Foreign Affairs and allegedly obtaining and making public phone numbers, email addresses, and national identity cards.

There are a variety of methods that an organization can implement to test its ability to withstand a cyberattack or another type of catastrophic situation. One such technique is to conduct a crisis simulation. The term crisis simulation is somewhat generic and seems awfully similar to other types of exercises organizations run to test their level of preparedness.

Gartner has recognized Trustwave as a Representative Vendor in the analyst firm’s March 2022 Market Guide for Managed Security Services (MSS). In addition, Gartner previously recognized Trustwave as a leader in its MSS solution in its 2019 Gartner “Magic Quadrant for Managed Security Services, Worldwide.”

The overnight move to remote and hybrid work models instantly created a more complex infrastructure for many organizations as they shifted their workers from corporate offices to their homes. The threat surface expanded exponentially as devices moved off-prem and into potentially unsecured environments and grew again as workers added their own devices to the mix.

We've recently been inundated with news of increased cyberattacks and a general increase in cyber threats online. Hackers - both bad and good, government related or private groups - have their hands full every day as never before and compounding the situation is the Russia-Ukraine (UA) war which has sparked a cyber storm. This made us just more curious about Internet attacks on the UA telecom infrastructure.