On March 29, a massive supply chain compromise in 3CX software resulted in malware being installed globally across multiple industries. It is similar to the other high-profile supply chain attacks (like SolarWinds and Kaseya) in that rather than targeting a single organization, the criminals target a popular service or software provided to many large organizations. With one single compromise of the supplier, dozens and potentially hundreds of organizations may fall in turn.

The Trustwave SpiderLabs research team has been tracking a new threat group calling itself Anonymous Sudan, which has carried out a series of Distributed Denial of Service (DDoS) attacks against Swedish, Dutch, Australian, and German organizations purportedly in retaliation for anti-Muslim activity that had taken place in those countries.

John Kevin Adriano, Trustwave SpiderLabs Security Researcher Tax season is a busy time of year for taxpayers and threat actors. Consumers and businesses focus on filing their taxes and getting excited over possible refunds, while cybercriminals roll out both their tried-and-true tax scams along with implementing new efforts.

Gartner’s newly released 2023 Market Guide for Managed Detection and Response Services offers detailed advice to organizations on what capabilities an MDR provider must deliver in order to keep its clients secure. The guide reinforces the notion that a MDR provider must come to the table with a portfolio of strong supporting solutions to deliver an effective and comprehensive security product.

Trustwave has inked a channel partnership deal with Intelisys, one of the nation's leading providers of technology services and solutions, that will allow its network of more than 1,700 sales partners to offer Trustwave security consulting, managed detection and response (MDR), threat hunting, co-managed SOC, database security, and email security to their client base.

Since it was first released to the public late last year, ChatGPT has successfully captured the attention of many. OpenAI’s large language model chatbot is intriguing for a variety of reasons, not the least of which is the manner in which it responds to human users. ChatGPT’s language usage resembles that of an experienced professional. But while its responses are delivered with unshakeable confidence, its content is not always as impressive.

The United States Patent and Trademark Office (USPTO) is the repository for a wealth of knowledge dating back to the nation's founding. The information behind many of the world's greatest inventions ranging from the light bulb, iPhone, Maglev trains to the zipper are housed and protected by the USPTO. A task that is now considerably more difficult as the primary storage medium moves from paper to on-premises and into the cloud.

Trustwave’s MailMarshal received a major update this month with the addition of PageML to the Blended Threat Module. The BTM enables the email security solution to conduct in-depth, real-time scans when a URL in an email is clicked to determine if the URL is malicious. PageML boosts the BTM’s ability to detect malicious URLs by one-third by applying machine learning techniques to page content in real time. The new scanning feature is named PageML, short for Page Machine Learning.

The well-respected industry analyst firm Gartner named Trustwave as a Representative Vendor in its just released 2023 Market Guide for Managed Detection and Response Services.

Ensuring employees operate securely regardless of location has grown in importance over the last several years as the number of people working remotely has exploded. These workers are most likely operating within a software-defined wide area network (SD-WAN). They use SD-WAN to work with data that is now processed more and more in many different cloud services.

Trustwave and Trellix have entered a strategic partnership that will see the two premier cybersecurity companies deliver best-in-class Managed Detection and Response (MDR) solutions to enterprise-class organizations. The partnership will begin with Trustwave's innovative MDR services on Trellix EDR products, which will result in these clients receiving unrivaled threat visibility and the ability to detect and respond to threats faster and more precisely.

Trustwave SpiderLabs “noted” in Part 1 and Part 2 of our OneNote research that OneNote has been used as a malware delivery mechanism now we will shift gears and focus on several OneNote decoy notes SpiderLabs has discovered that deliver malware families like Qakbot, XWorm, Icedid, and AsyncRAT. While the malware payload can change, the techniques have generally been the same.

In part one, we examined how threat actors abuse a OneNote document to install an infostealer. Part 2 of this series discusses an AsyncRAT infection chain while detailing important parts of the code. We’ll also quickly analyze other notable malware strains such as Qakbot and RemcosRAT.

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files. Once clicked, an attacker can use the embedded code for various malicious purposes, such as stealing data or installing ransomware on victims' systems.

Australia is renowned for our willingness to adopt IT efficiencies! The ongoing shift to cloud computing both worldwide and here, seen recently in Amazon’s expansion to a second data center in Melbourne, shows that Australians are not afraid of outsourcing workloads to shared data center.

President Joe Biden took the next step in the nation's ongoing effort to combat cyber threats by issuing the National Cybersecurity Strategy on March 2, which focuses on growing the public-private sector security partnership needed to protect critical infrastructure, dismantle threat groups, and increase resiliency.

Trustwave Government Solutions (TGS), a wholly-owned subsidiary of Trustwave Holdings, Inc., which supports the public sector with market-leading Managed Detection and Response (MDR) cybersecurity services, has achieved Palo Alto Networks Cortex eXtended Managed Detection and Response (XMDR) Specialization.