Managed detection and response (MDR) is justifiably one of the fastest-growing areas of cybersecurity, with Gartner estimating 50 percent of organizations will be using MDR services by 2025. But in choosing an MDR service, security pros should take into consideration what kind of expertise the provider can bring to bear – and how that expertise should extend beyond the MDR service itself.

The analyst firm Frost & Sullivan awarded Trustwave the dual honors of being named 2023 Company of the Year for Managed and Professional Security in the Americas, Excellence in Best Practices, and as the Leading Innovator in the 2023 Frost Radar™: Americas Managed & Professional Security Services Market. Trustwave was also recently named a Top 5 Innovator in the Global MDR Radar Report.

In early March, one of the notorious botnets, Emotet, resumed its spamming activities after a 3-month period of inactivity. Recently, Trustwave SpiderLabs saw Emotet switch focus to using OneNote attachments, which is a tactic also adopted by other malware groups in recent months. This analysis is intended to help the cybersecurity community better understand the wider obfuscation and padding tricks Emotet is using.

Trustwave SpiderLabs uncovered a new strain of malware that it dubbed Rilide, which targets Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and Opera. Rilide malware is disguised as a legitimate Google Drive extension and enables threat actors to carry out a broad spectrum of malicious activities, including monitoring browsing history, taking screenshots, and injecting malicious scripts to withdraw funds from various cryptocurrency exchanges.

Threat groups intending to cause widespread damage often opt to use a supply chain attack, as seen in the massive supply chain compromise that struck VOIP software provider 3CX on March 29. Trustwave SpiderLabs has issued a blog detailing the attack and upcoming steps to mitigate the problem. Striking an organization's supply chain simplifies the attack process by eliminating the need to strike multiple targets by instead focusing on breaching one organization that is key to many others.

On March 29, a massive supply chain compromise in 3CX software resulted in malware being installed globally across multiple industries. It is similar to the other high-profile supply chain attacks (like SolarWinds and Kaseya) in that rather than targeting a single organization, the criminals target a popular service or software provided to many large organizations. With one single compromise of the supplier, dozens and potentially hundreds of organizations may fall in turn.

The Trustwave SpiderLabs research team has been tracking a new threat group calling itself Anonymous Sudan, which has carried out a series of Distributed Denial of Service (DDoS) attacks against Swedish, Dutch, Australian, and German organizations purportedly in retaliation for anti-Muslim activity that had taken place in those countries.

John Kevin Adriano, Trustwave SpiderLabs Security Researcher Tax season is a busy time of year for taxpayers and threat actors. Consumers and businesses focus on filing their taxes and getting excited over possible refunds, while cybercriminals roll out both their tried-and-true tax scams along with implementing new efforts.

Gartner’s newly released 2023 Market Guide for Managed Detection and Response Services offers detailed advice to organizations on what capabilities an MDR provider must deliver in order to keep its clients secure. The guide reinforces the notion that a MDR provider must come to the table with a portfolio of strong supporting solutions to deliver an effective and comprehensive security product.

Trustwave has inked a channel partnership deal with Intelisys, one of the nation's leading providers of technology services and solutions, that will allow its network of more than 1,700 sales partners to offer Trustwave security consulting, managed detection and response (MDR), threat hunting, co-managed SOC, database security, and email security to their client base.