Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails

Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack with varying tactics, techniques, and procedures (TTP). Between July and September, we witnessed a 140% increase in these spam campaigns. In this blog, we will showcase the different spam techniques used in these phishing emails.

Ransomware Readiness: 10 Steps Every Organization Must Take

At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. Instead of waiting an extra couple of months, we thought why not get ahead of the curve, pretend that ransomware will again be an issue, because it will, and proceed to the part of the story where we go through the problem and mitigation methods.

How to Implement Microsoft Security Products for Maximum Value

Cybersecurity teams are in a tough spot these days. They are stuck between the pace of change in technology, the shortage of security professionals, and an overabundance of security tools all demanding their attention. It's a combination that should make the all-encompassing Microsoft Security product suite a compelling idea – if you can determine a migration strategy that makes sense for your company.

Cybersecurity Awareness Month: It's Never too Early to Elevate Your Security Posture with Microsoft E5

It’s Cybersecurity Awareness Month and you know what that means. Christmas decorations have been out for a month at Home Depot. At Trustwave, it means it’s time for the next installment in our Cybersecurity Awareness Month series.

How Microsoft E5 Security Helps Protect Healthcare and Patient Data

In the healthcare industry, safeguarding patient data is not just a regulatory requirement but a moral imperative. With the increasing digitization of health records and the rise in cyber threats, healthcare organizations need robust security solutions. Microsoft E5 offers a comprehensive suite of security features designed to protect sensitive healthcare data. Coupled with Trustwave’s Microsoft expertise, organizations can get the most out of their E5 investments.

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign

The need for an iron-clad email security solution is once again making headlines. On October 3,the US Department of Justice (DoJ) reported that, working with Trustwave partner Microsoft, it had disrupted a Russian government-based scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials.

Analyzing Latrodectus: The New Face of Malware Loaders

This report is the latest in a series that will delve into the deep research the Trustwave SpiderLabs Threat Intelligence team conducts daily on the major threat actor groups currently operating globally. The information gathered is part of a data repository that helps Trustwave SpiderLabs identify possible intrusions as it conducts threat hunts, vulnerability scans, and other offensive and defensive security tasks.

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader

Trustwave's Threat Intelligence team has discovered a new malware dubbed Pronsis Loader, with its earliest known variant dating back to November 2023. This loader shares similarities with the D3F@ck Loader , which surfaced in January 2024. Pronsis Loader has been observed delivering different malware variants, including Lumma Stealer and Latrodectus as its primary payloads. Additionally, the team identified infrastructure linked to Lumma Stealer during the investigation.

Cybersecurity Awareness Month: Adding Seasonal Spice to Managed Detection and Response (MDR)

It’s Cybersecurity Awareness Month and you know what that means. Pumpkin spice versions of Trustwave Managed Detection and Response (MDR) solutions are now available! Well, not really, but pumpkin spice season is the perfect time to raise awareness about the importance of cybersecurity and ensuring that individuals and organizations are equipped to protect themselves against cyber threats.