Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The United States Patent and Trademark Office (USPTO) is the repository for a wealth of knowledge dating back to the nation's founding. The information behind many of the world's greatest inventions ranging from the light bulb, iPhone, Maglev trains to the zipper are housed and protected by the USPTO. A task that is now considerably more difficult as the primary storage medium moves from paper to on-premises and into the cloud.

Trustwave’s MailMarshal received a major update this month with the addition of PageML to the Blended Threat Module. The BTM enables the email security solution to conduct in-depth, real-time scans when a URL in an email is clicked to determine if the URL is malicious. PageML boosts the BTM’s ability to detect malicious URLs by one-third by applying machine learning techniques to page content in real time. The new scanning feature is named PageML, short for Page Machine Learning.

The well-respected industry analyst firm Gartner named Trustwave as a Representative Vendor in its just released 2023 Market Guide for Managed Detection and Response Services.

Ensuring employees operate securely regardless of location has grown in importance over the last several years as the number of people working remotely has exploded. These workers are most likely operating within a software-defined wide area network (SD-WAN). They use SD-WAN to work with data that is now processed more and more in many different cloud services.

Trustwave and Trellix have entered a strategic partnership that will see the two premier cybersecurity companies deliver best-in-class Managed Detection and Response (MDR) solutions to enterprise-class organizations. The partnership will begin with Trustwave's innovative MDR services on Trellix EDR products, which will result in these clients receiving unrivaled threat visibility and the ability to detect and respond to threats faster and more precisely.

Trustwave SpiderLabs “noted” in Part 1 and Part 2 of our OneNote research that OneNote has been used as a malware delivery mechanism now we will shift gears and focus on several OneNote decoy notes SpiderLabs has discovered that deliver malware families like Qakbot, XWorm, Icedid, and AsyncRAT. While the malware payload can change, the techniques have generally been the same.

In part one, we examined how threat actors abuse a OneNote document to install an infostealer. Part 2 of this series discusses an AsyncRAT infection chain while detailing important parts of the code. We’ll also quickly analyze other notable malware strains such as Qakbot and RemcosRAT.

Threat actors are taking advantage of Microsoft OneNote's ability to embed files and use social engineering techniques, such as phishing emails and lures inside the OneNote document, to get unsuspecting users to download and open malicious files. Once clicked, an attacker can use the embedded code for various malicious purposes, such as stealing data or installing ransomware on victims' systems.

Australia is renowned for our willingness to adopt IT efficiencies! The ongoing shift to cloud computing both worldwide and here, seen recently in Amazon’s expansion to a second data center in Melbourne, shows that Australians are not afraid of outsourcing workloads to shared data center.

President Joe Biden took the next step in the nation's ongoing effort to combat cyber threats by issuing the National Cybersecurity Strategy on March 2, which focuses on growing the public-private sector security partnership needed to protect critical infrastructure, dismantle threat groups, and increase resiliency.