Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Trustwave MDR: The Pivot Point That Enhances Multiple Security Tools

Several years ago, Trustwave, already a leader in Managed Security Services (MSS), recognized the shift in market needs and fully pivoted to its future as a Managed Detection and Response (MDR) leader. Trustwave's leadership chose this course because it understood that a leading cybersecurity solution provider could no longer be effective without all the weapons MDR brings to the fight.

Trustwave Threat Intelligence Briefing: The 2023 Retail Services Sector Threat Landscape

The holiday shopping season is teed up for its annual explosion of spending. Retailers know this, consumers know this, cybercriminals know this, and are unfortunately ready to take advantage of any weak link that can be found to steal vital consumer and business data. However, unlike gift buyers heading to stores or shopping online on Black Friday and Cyber Monday, these adversaries are not seasonal actors.

The 2023 Retail Services Sector Threat Landscape: A Trustwave Threat Intelligence Briefing

The annual holiday shopping season is poised for a surge in spending, a fact well-known to retailers, consumers, and cybercriminals alike. The latter group, however, is poised to exploit any vulnerabilities they can find to pilfer valuable consumer and business data. Unlike holiday shoppers flocking to stores or browsing online during Black Friday and Cyber Monday, these adversaries don't adhere to a seasonal schedule.

Unlocking the Power of Co-Managed SOC: A Strategic Solution for Maximizing SIEM Effectiveness and Cybersecurity Success

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools, network structures, and software applications. Yet, the mere presence of a SIEM isn't a magic bullet. For optimal functionality, SIEM systems must be appropriately set up, governed, and supervised round-the-clock.

Pwning Electroencephalogram (EEG) Medical Devices by Default

Overall Analysis of Vulnerability Identification – Default Credentials Leading to Remote Code Execution During internal network testing, a document was discovered titled the “XL Security Site Administrator Reference.pdf.” It appeared to be a guide for the specific configuration of the SQL service running on NeuroWorks Natus. Being that this was a guide, it was extensive and detailed the software in-depth.

Trustwave Measures the Pros and Cons of President Biden's Executive Order to Regulate AI Development

President Joe Biden, on October 30, signed the first-ever Executive Order designed to regulate and formulate the safe, secure, and trustworthy development and use of artificial intelligence within the United States. Overall, Trustwave’s leadership commended the Executive Order, but raised several questions concerning the government’s ability to enforce the ruling and the impact it may have on AI’s development in the coming years.

Managing Risk Appetite: Balancing Cybersecurity and Business Growth

Determining, dealing with, and accepting a certain level of risk will always be a top priority for the members of any C-Suite. Eliminating risk is likely not a possibility, especially when it concerns cybersecurity. Simply put, the threat landscape changes so rapidly that fully solving this problem is likely beyond our reach. That means organisations must focus on what they can control and how much they are willing to leave up to chance.

Continuing the Conversation on Cybersecurity as a Business Risk

Board members often lack technical expertise and may not fully understand the risks associated with cybersecurity. On the other hand, CISOs are more familiar with IT staff and the technical aspects of cybersecurity. This is understandable, as the board is responsible for making high-level decisions and does not typically get involved in the details of implementation and technical audits.

Final Cybersecurity Awareness Month Thoughts: Don't Get Hooked By a Phishing Email

We close out Cybersecurity Awareness Month for 2023 with a few final points that show that a company's security is a team sport, one in which everyone must participate. As noted in Trustwave SpiderLabs recent report, 2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies, phishing is one of the most effective methods attackers use to gain an initial foothold in financial services organizations.

Understanding the Implications of Data Sovereignty and Why Data Residency may be a Better Choice for Your Business

The variety of cloud services that store organizational data continues to proliferate in type and number leading to tension as more governments, policymakers, and organizations consider (or are in the process of) implementing mandates requiring that specific types of data remain within geographical borders. Many organizations need to navigate these data management compliance mandates while also satisfying the competing needs of expediency, cost-effectiveness and, of course, data security.