Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The hospitality industry’s cybersecurity posture is approaching an inflection point. Businesses are increasingly having to balance cost pressures in a challenging economic environment, while balancing technological innovation with escalating threats. Australia’s regulatory reforms, including heightened penalties and critical infrastructure protections, provide a framework for resilience; yet enforcement gaps will remain.

As more details of the April ransomware attack on UK retailer Marks and Spencer are made public, we are directly witnessing the cascading repercussions that organizations face when victimized by a well-thought-out and properly executed attack. In the specific case of M&S, the UK retailer is dealing with a supply chain attack, as M&S CEO Stewart Machin confirmed in a published report.

The industry analyst firm Gartner has named Trustwave a Representative Vendor in its latest publication, 2025 Gartner Market Guide for Third-Party Risk Management Technology Solutions. Trustwave believes the report is a guide for organizations considering third-party risk management (TPRM) technology solutions from vendors that will best suit their needs.

Since September 2023, Trustwave’s Threat Intelligence Team has been tracking a large-scale phishing campaign distributed via email, attributed to "Storm-1575". Storm-1575 is known for developing and distributing a PhaaS platform with adversary-in-the-middle (AiTM) capabilities, known as "Dadsec". The team’s recent investigations have revealed that the infrastructure used by Dadsec is also connected to a new campaign leveraging the "Tycoon2FA" Phishing-as-a-Service (PhaaS) platform.

It's almost a tradition in cybersecurity circles to say the Board of Directors' ignorance or indifference on the topic is one of the biggest impediments an organization must overcome to have better security. But is this still the case?

Trustwave SpiderLabs’ just released Deep Dive: How Threat Actors Turn Vulnerabilities into Big Business offers an amazing look at how threat actors use information from hospitality victims to conduct a myriad of fraudulent activities.

Multi-agent systems (MAS) are reshaping industries from IT services to innovative city governance by enabling autonomous AI agents to collaborate, compete, and solve complex problems. This powerful transformation comes with a cost. As multi-agent systems grow, their risks also increase, opening the door to adversarial manipulation, emergent vulnerabilities, and distributed attack surfaces.

As part of the 2025 Trustwave Risk Radar Report: Hospitality Sector, Trustwave SpiderLabs' Digital Forensics and Incident Response (DFIR) team provided an in-depth analysis of how phishing-based cybersecurity threat actors prey on organizations in the hospitality sector. Drawing on real-world incidents derived from Trustwave SpiderLabs everyday work, the report consolidates data from multiple investigations into a single case study under the pseudonym "Five Star Hotels".

As the summer travel season approaches, travelers worldwide are busy booking their holidays, entrusting the hospitality industry with some of their most sensitive personal and financial information. Unfortunately, this makes the sector a prime target for threat actors looking to exploit and steal this data. To help organizations in the hospitality sector address these risks, Trustwave SpiderLabs has released the 2025 Trustwave Risk Radar Report: Hospitality Sector.

The summer travel season is almost here, and travelers worldwide are in the process of booking their holidays, thus placing some of their most vital personal and financial information into the hands of the hospitality industry. A fact not lost to threat actors who thrive on gaining access and stealing this data.

Modern cloud ecosystems often place a single identity provider in charge of handling logins and tokens for a wide range of customers. This approach certainly streamlines single sign-on (SSO) for end users, but it also places enormous trust in a single set of signing keys. If those private keys are compromised, attackers can create tokens that appear valid to any service that relies on them.

Trustwave has introduced MailMarshal Integrated Cloud. A new email security offering which is designed to deliver advanced, layered protection for organizations using Microsoft 365. MailMarshal Integrated Cloud is a cloud-native solution that provides a seamless, API-led security layer that enhances resilience against sophisticated email threats, making it even easier for organizations operating in a Microsoft 365 environment to create a layered defense.

Scattered Spider, aka UNC3944, is switching the focus of its retail-oriented attacks from the UK market to the US, according to published reports. At this time, no US retailers have been named as targets, but the alleged Scattered Spider activity is a clear sign retailers in the US and worldwide need to prepare.

Dependency management is one of the biggest challenges in modern software development. Large projects often rely on dozens or even hundreds of libraries. Each one can introduce new vulnerabilities or even malicious code. Attackers sometimes upload fake packages to popular open-source repositories, hoping that build systems will download these packages automatically. This problem is made worse by transitive dependencies, where a single library might include several other libraries under the hood.

Trustwave SpiderLabs’ upcoming report, the 2025 Trustwave Risk Radar Report: Hospitality Sector, will be released on May 21 and will delve into the latest threat landscape, highlighting critical vulnerabilities and offering actionable insights to help hospitality businesses stay secure. The report notes that the hospitality industry has become a prime target for cybercriminals, with threats growing in volume and sophistication.

At a recent Sydney luncheon, Trustwave sat down with a room of senior security leaders to dig into the evolving role of red and purple team testing in a modern technical security assurance program. The discussion was led by Trustwave's Craig Searle, Director of Consulting & Professional Services in Pacific at Trustwave and TJ Acton, Director of SpiderLabs Testing, Pacific. More than 20 Sydney-area security professionals attended the event at Restaurant Huberts.

While security professionals know well that a defense-in-depth strategy is crucial to proper cybersecurity, sometimes a detailed story of how a threat was discovered and eradicated can bring the value home, especially to the uninitiated. This is one such story. In this case, the story relates to the value of employing a cybersecurity threat hunting service alongside a managed detection and response offering.

The three high-profile UK retailers struck with cyberattacks in the last few weeks are each still feeling the impact of the attacks and attempting to regain full functionality across all their systems.

The UK's Department for Science, Innovation, and Technology last month released its Cyber Security Breaches Survey 2025, an annual piece of research designed to inform national policy and bolster the country's cyber resilience.

Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate real-world exploitation techniques using Docker-based simulations and the custom-built Python tool M.A.T.R.I.X. The danger here is an attacker who gains unauthorized access to a misconfigured Modbus TCP server can send malicious write commands to turn coils ON or OFF, thereby illegally activating or deactivating physical devices.

The need to purchase, install, and optimize cybersecurity technology is not up for debate. No organization is immune to the possibility of a cyberattack, which means each must be prepared to defend themselves to reduce the likelihood of a successful attack. While organizations start out with the goal of keeping their tech stack simple, cost-effective, and productive, many find that over time, the technology they have acquired has the polar-opposite impact.

The best secure email gateways mimic the tried and true “defense in depth” cybersecurity strategy by using a layered approach, including advanced features that make effective use of AI. The results are compelling, especially when two email security tools are used together, such as employing an additional secure email gateway to augment Microsoft Defender for Office 365 email security.

The UK retail market has been thrown into turmoil in recent weeks, with three of that nation's highest-profile retailers being targeted allegedly by the well-known threat group Scattered Spider in at least one of the most disruptive incidents.

A quarter century ago, a former computer science student from the Philippines accidentally unleashed one of the most destructive computer viruses in modern history.

SC Media calls out Trustwave’s ability to maximize the value of their Microsoft Security tools for clients. Trustwave was honored by SC Media with its prestigious SC Trust Award for Best Managed Security Service in recognition of its Managed Extended Detection and Response (MXDR) for Microsoft.