Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

To address a rising attack vector: client-side JavaScript tampering on payment pages.

BERT ransomware targets Windows and Linux platforms, TGR-CRI-0045 exploits leaked machine keys to access organizations, and XWorm evolves into a modular and evasive remote access trojan.

Getting through secure email gateways (SEGs) is simply the cost of doing business for a cybercriminal. Literally, detection at the perimeter by a SEG is the same as falling at the first hurdle. SEGs have been adopted broadly, especially in larger organizations (although this picture has started to change in recent years - more on that below). Even where organizations don’t use a SEG, many native controls in email platforms (like Microsoft Exchange) operate using the same principles.

Digital connectivity is reshaping European manufacturing, driving both efficiency and innovation. However, this shift has also created a complex and vulnerable cyber threat landscape, making manufacturing the most targeted industry for cyberattacks for the past four years. Connected systems and legacy infrastructure are colliding, expanding the attack surface and exposing manufacturers to increased risks.

Since at least February 2025, Arctic Wolf has observed Interlock Remote Access Trojan (RAT) being deployed via social engineering techniques. Recently, The DFIR Report published a technical analysis of the Interlock RAT being delivered via a social engineering technique dubbed “FileFix.” The name FileFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages.

Arctic Wolf has recently observed a widespread phishing campaign targeting multiple organizations by abusing Microsoft 365’s Direct Send feature—a feature designed for internal email delivery without requiring authentication. Threat actors can identify valid domains and recipients, then send spoofed emails that appear to originate from internal domains—often impersonating the user themself—without needing credentials or access to the tenant.

For organizations operating in the cloud, visibility is everything. You need a reliable source of truth to answer “who did what, when, and where,” whether you’re investigating a security incident, chasing compliance goals, or monitoring operational activity. Enter the Sumo Logic CloudTrail App, your go-to solution for transforming raw AWS CloudTrail logs into meaningful, actionable insights.

Welcome to the chaos. You’ve been told you need a SIEM. Maybe it was your CISO. Maybe it was your auditor. Maybe your SOC is tired of stitching together logs with duct tape and Python scripts. Doesn’t matter — you’re now on the SIEM buying journey. Congratulations… and condolences. Let’s walk through how to actually buy your first SIEM without lighting your budget (and your team’s morale) on fire.

SQL injection attacks remain one of the most dangerous and frequently exploited web vulnerabilities—even in today’s age of secure coding and DevSecOps. Despite widespread awareness, attackers continue to target database-driven applications using clever payloads that evade surface-level defenses. The challenge isn’t just that SQL injections still work—it’s that many organizations don’t detect them until it’s too late.

Trustwave is making Executive Business Reviews (EBR) available to its client base. EBRs are a methodology designed to deepen Trustwave's already strong client relationships by helping clients stay informed as to their current security status, regional and sector-related threats, security costs and optimization opportunities.