Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

July 2023

CEO Fraud Scams and How to Deal With Them at the Email Gateway

Email scams known as "CEO Fraud" are very common right now. They are a type of "Business Email Compromise" (BEC). There have been numerous recent cases reported in the media, and we too, are seeing many reports by our customers. One customer described these attacks as 'rampant'. The US FBI recently put the estimate of losses in 2015 associated with BEC frauds in the hundreds of millions of dollars.

Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector

The healthcare sector has been under constant threat from cybercriminals due to the sensitive nature of patient data and the valuable information held by healthcare providers. This blog analyzes the ransomware landscape for the healthcare sector for the years 2022-2023. This report uses data compiled for the recently released Trustwave SpiderLabs research: Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape report.

Attack Surface Management: Challenges, Myths, and Solutions

In the modern era of interconnectedness and digitalization, the risk of cyber threats has increased in complexity and persistence. Organizations must adopt a proactive and strategic approach to security to safeguard their assets and minimize the likelihood of cyberattacks. One essential strategy in this regard is attack surface management. It enables businesses to identify and address potential vulnerabilities and exposures comprehensively.

SEC: Public Companies Must Disclose Material Cybersecurity Incidents Within 4 Days

The US Securities and Exchange Commission (SEC) adopted new rules for cybersecurity risk management, strategy, governance, and incident disclosure by public companies on July 26, requiring public companies to disclose material cybersecurity incidents within four days of an attack. Additionally, registrants must annually report their process, if any, for assessing, identifying, and managing material risks from cybersecurity threats.

ModSecurity v3: DoS Vulnerability in Four Transformations (CVE-2023-38285)

ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. This blog post discusses an issue with four transformation actions that could enable a Denial of Service (DoS) attack by a malicious actor. The issue has been addressed with fixes in v3.0.10. ModSecurity v2 is not affected.

Trustwave Partners With Tech Advisory Firm Bridgepointe

Trustwave has achieved supplier status with Bridgepointe, a tech advisory firm that helps mid-market and enterprise companies transform tech investments into unrivaled business results. The Bridgepointe deals connects Trustwave to Bridgepointe’s expansive network to provide Trustwave security consulting, managed detection and response, threat hunting, co-managed SOC, database security, and email security services to their set of clients.

Stopping Threat Actors from Gaining Initial Access

The recent Trustwave SpiderLabs report, Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape, offers a detailed look at the typical attack flow used in a variety of cyberattacks. The attack flow discussed in the report focused on what a healthcare organization might face, but for the most part, attack flows stay the same regardless of the vertical being attacked.

Trustwave Named a Leader in ISG Provider Lens for Cybersecurity Solutions and Services

For the second consecutive year, Information Security Group (ISG) named Trustwave a Rising Star in Managed Security Services (MSS) for U.S. Large Accounts and for the first time as a Leader in MSS for U.S. Midmarket in its 2023 Provider Lens™ Quadrant Report. ISG recognized Trustwave for its holistic offering with enhanced visibility, continuous threat monitoring and hunting, and its elite partnerships.

Offensive Security and the Misconceptions Surrounding Enterprise Penetration Testing

The concept of Offensive Security is often misunderstood by clients who often confuse it with penetration testing, but these two solutions, while both vital, are in fact quite different. Offensive Security is a popular industry umbrella term for all things pertaining to an organization's strategy surrounding cybersecurity, whereas penetration testing is more singular involving security teams attempting to break into a client’s systems.

Trustwave SpiderLabs Research: Cybersecurity in the Healthcare Industry

The Trustwave SpiderLabs team conducted a months-long investigation into the cyber threats facing the healthcare industry and has provided a roadmap displaying how threat actors conduct an attack, methodologies used, and what organizations can do to protect themselves from specific types of attacks.

Cybersecurity in the Healthcare Industry: Trustwave SpiderLabs Report

In their latest report titled "Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape," the Trustwave SpiderLabs team reveals the data from a months-long investigation focusing on the cyber threats the healthcare industry is currently grappling with.

Honeypot Recon: Enterprise Applications Honeypot - Unveiling Findings from Six Worldwide Locations

To obtain a better perspective of attacks worldwide, Trustwave has implemented a network of honeypots located in multiple countries across the globe. By distributing honeypots in such a manner, we can gather a reliable set of information on the methods and techniques used by attackers and their botnets. In our pursuit to explore the current threat landscape, we established a honeypot sensors network across six countries: Russia, Ukraine, Poland, UK, China, and the United States.

How Trustwave Uses Workforce Skills Frameworks to Assemble Effective Cybersecurity Teams

Building and maintaining a strong, diverse, and technically effective cybersecurity workforce can prove difficult, but one method of simplifying this task is using a cybersecurity workforce skills framework to review the composition of an organization's current cybersecurity function.