Welcome to the second part of our investigation into the Rockstar kit, please check out part one here. This blog tackles real-world Rockstar 2FA email examples incorporating noteworthy techniques.

Trustwave SpiderLabs has been actively monitoring the rise of Phishing-as-a-Service (PaaS) platforms, which are increasingly popular among threat actors. In our previous blog, we explored the appeal of these platforms and discussed various major phishing kits today. In this two-part blog, we'll focus on a phishing kit named ‘Rockstar 2FA’ that is linked to widespread adversary-in-the-middle (AiTM) phishing attacks.

Resilience strategies are failing. Despite their known importance, why is it so difficult to implement them effectively? Resilience is not a new concept, but it is one we talk about individually and through the lens of business that is often difficult to demonstrate. In today’s digital world, resilience strategies are being challenged more frequently, include more scope, and are being defeated by intentional and unintentional actions—users, third-party partners, and criminals.

Finding the exact price of any product is now easier than ever. A quick check with your favorite online retailer will show that a GE Profile Dryer goes for $989, a 10-pack of Play-Doh can be had for $7.99, and a loaf of Pepperidge Farm Farmhouse Hearty White Sliced Bread is $3.59. Unfortunately, a glance at certain less legitimate online sites on the Dark Web is just as easy.

While most security professionals recognize the value of penetration testing, they too often conduct pen tests only sporadically – maybe quarterly at best. Pen Testing as a Service (PTaaS) is a way to change that equation, enabling companies to conduct pen tests more regularly, or whenever a particular need arises. That’s important because of the crucial role pen testing plays in providing offensive security –finding problems before bad actors do.

The holiday season starts on Black Friday and is the busiest time of year for retailers, but it’s also a peak period for cybercriminals who look to exploit vulnerabilities in business of all sizes.

The holiday season is here, and with it comes the thrill of Black Friday deals and holiday shopping sprees. But it's not just shoppers who are gearing up – cybercriminals are ready to take advantage of the holiday rush, hoping to catch unsuspecting consumers off guard. While Trustwave generally focuses on protecting enterprises from cyberattacks and scams, we feel it’s important to help consumers, as well. After all, many people use work devices for online shopping and accessing social media.

There is no doubt about the value of conducting Managed Vulnerability Scanning. Trustwave has posted multiple blogs on the topic, (just check here, here, and here) for a look at how Trustwave approaches this very important cybersecurity procedure. One point we have not covered is exactly what kind of vulnerabilities Trustwave SpiderLabs’ analysts find during a scan. Are they truly dangerous? What would happen if the client had opted to give a pass to an MVS occurrence?

Trustwave has been named a Leader in the IDC MarketScape: Asia/Pacific (APAC) Managed Security Services (MSS) 2024 Vendor Assessment (IDC, September 2024) and a Major Player in the IDC MarketScape: Asia/Pacific Professional Security Services 2024 Vendor Assessment (IDC, September 2024). "Trustwave is proud to be recognized as a Leader and a Major Player respectively by the IDC MarketScape in MSS and PSS across APAC", said Trustwave CEO Eric Harmon.

Let’s take a look at how traditional vulnerability assessment (VA) tools compare to those built specifically to assess database security. General vulnerability assessment tools have been in use for more than 25 years, so the technology is mature. However, there are significant differences in the tools available and their specific purposes regarding database security management. Many VA solutions on the market offer general vulnerability assessments, focusing on a wide range of IT assets.

In today’s complex cybersecurity landscape, addressing the controls within the Australian Government’s Information Security Manual (ISM) and the Essential Eight (E8) is critical when seeking to build rapport and work with the Australian Government. Australian cybersecurity regulations like the ISM and E8 outline foundational steps, including cybersecurity best practices and controls for data protection strategies.

Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team was hard at work investigating potential risks and threats to the election system, from disinformation campaigns to nation-state actors looking to exploit vulnerabilities. No information that may have potentially affected the election process was discovered at any time during the research. If it had, Trustwave SpiderLabs would have immediately disclosed its findings to the proper authorities.

I am thrilled to share some monumental news that marks a significant milestone in our journey of fortifying the cybersecurity landscape. Today, Trustwave is announcing a definitive merger agreement with Cybereason, a leader in Endpoint Detection and Response (EDR), to offer a comprehensive and expanded suite of cybersecurity solutions.

Cybersecurity and operational resilience are paramount for organizations, especially those handling sensitive information. Three prominent compliance standards— the US CMMC 2.0, the Australian CORIE, and the EU’s DORA —address these needs in different sectors and regions. This blog will compare and contrast these standards, highlighting their unique features, similarities, and differences.

This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. Retailer databases are chock-full of information that makes them highly attractive targets for ransomware gangs, as highlighted by Trustwave SpiderLabs in its recent 2024 Trustwave Risk Radar Report: Retail Sector.

Trustwave has further solidified its partnership with Microsoft by achieving Microsoft FastTrack Ready partner status for Microsoft 365 and being named a Microsoft Verified Managed Extended Detection and Response (MXDR) solution provider for the Asia Pacific (APAC) region. This recognition underscores Trustwave's commitment to empowering organizations across Australia and the wider APAC region with advanced cybersecurity solutions.

Artificial intelligence has a significant role to play in cybersecurity, and Microsoft CoPilot for Security is a great example of its promise, with its ability to help even novice security professionals process threat data more quickly and accurately. However, it can also benefit seasoned security pros, including managed detection and response (MDR) service providers.

With the rise in cyberattacks and ransomware incidents, healthcare organizations face an increasing risk of data breaches that threaten patient privacy and HIPAA compliance. The recent $500,000 settlement between the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR), and Plastic Surgery Associates of South Dakota highlights the critical importance of robust cybersecurity defenses in healthcare.