As the January 2025 deadline approaches, financial institutions across the European Union prepare to increase their financial data security by meeting regulatory compliance standards with the Digital Operational Resilience Act (DORA). But what exactly is DORA, and why does it matter for your organisation? Let’s take a closer look.

Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more convincing to employees who frequently use these services. “Legitimate hosting services, such as SharePoint, OneDrive, and Dropbox, are widely used by organizations for storing, sharing, and collaborating on files,” Microsoft says.

The U.S. FBI warns that scammers are attempting to trick law firms into transferring money as part of a phony debt collection scheme. The scam “may focus on any type of representation where a lawyer is hired to assist in the transfer or collection of money, e.g. real estate, collection matters, collaborative law agreements in family matters, etc.” The schemes typically take the following steps: The FBI outlines some recommendations to help organizations avoid falling for these scams.

On October 15, 2024, SolarWinds released a hotfix for CVE-2024-28988, a critical Remote Code Execution (RCE) vulnerability affecting Web Help Desk (WHD). WHD is an IT service management software widely used across various industries for tracking and managing support tickets. This vulnerability arises from a Java deserialization flaw, which could enable a remote unauthenticated attacker to execute arbitrary code on vulnerable hosts.

In this blog, we summarize the results of a fall 2022 survey of IT, helpdesk, and security professionals about how their companies protect sensitive data.

In this article, we discuss how admins can programmatically access Spotlight using a utility called osquery, and we demonstrate useful queries you can run to find evidence of compromise in your organization.

If you’re a firm that works with foreign governments, in addition to certifications like ISO 27001 that you will generally need to achieve, you will also have to have processes in place for handling foreign government information or FGI. It’s not enough that your internal network is classified and access controlled; you need specific handling processes and procedures for managing FGI separately from other confidential or classified data you may have.

At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. Instead of waiting an extra couple of months, we thought why not get ahead of the curve, pretend that ransomware will again be an issue, because it will, and proceed to the part of the story where we go through the problem and mitigation methods.

Because of the frequency of phishing attacks landing in user mailboxes and the severity of the consequences of a user falling for a lure, any improvement at all can make the difference between an organization suffering a breach.

Identity and Access Management (IAM) is a broad term covering different methods to block unauthorized access. It’s built on four key pillars: Identity Governance and Administration (IGA), Access Management (AM), Privileged Access Management (PAM), and Active Directory Management (ADMgmt).