Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Aligning with the Australian Government’s Information Security Manual (ISM) and the Essential Eight (E8) remains a foundational step for organizations working with or alongside government agencies. Trustwave’s Essential Eight Control Effectiveness Assessment is a great first step, but relying solely on compliance as a goal can leave security programs stagnant.

Two critical zero-day vulnerabilities in the Microsoft SharePoint Server environment, CVE-2025-53770 (9.8 CVSS score) and CVE-2025-53771 (6.5 CVSS score), are being actively exploited by threat actors to compromise vulnerable on-premises SharePoint servers. The two new vulnerabilities are part of a complex attack chain dubbed “ToolShell”, which grants threat actors access to unpatched SharePoint servers’ content and the ability to execute code over the network.

Recognizing the need to better protect organizations that rely on operational technology (OT), Trustwave is advancing its OT security services portfolio. Trustwave now delivers end-to-end visibility and threat response across IT and OT environments, enabling better detection, investigation capabilities, and response to threats targeting critical infrastructure by being integrated Trustwave’s Co-Managed SOC and penetration testing services.

In our latest report Data Pirates' Toolkit (Leveraging SQLmap for Unearthing Digital Gold), we take a comprehensive look at a tried-and-tested cyberattack methodology that threat actors can use to unlock sensitive and critical data from unsecured databases: SQL injection (SQLi) attacks.

It’s a well-known fact that threat actors use stolen personal data for many purposes ranging from launching phishing attacks, gaining access to an employer, or very commonly using credit card information to make purchases. What has also become somewhat common in the last eight or so years is using stolen information to support grander illegal enterprises like supplying air and hotel travel at heavily reduced prices via dark web travel agencies.

Dark web travel agencies have emerged as one of the more sophisticated and lucrative operations within the underground economy. As mentioned in the Wall Street Journal's coverage of Trustwave’s research, these shadowy enterprises offer dramatically discounted flights, luxury hotel stays, rental vehicles, and entire vacation packages, all facilitated through stolen credit card information, compromised loyalty program accounts, and forged identification documents.

For many organizations, especially those in industries like automotive manufacturing, navigating escalating cyber threats and meeting stringent insurance requirements is no simple endeavor. This is where a robust solution like Trustwave Managed Detection and Response (MDR) can make all the difference.

Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and adaptable delivery mechanisms in mobile threat campaigns. Threat actors routinely exploit social engineering and off-market distribution to bypass conventional security controls and capitalize on user trust to steal a variety of data, such as log in credentials.

The EU’s Digital Operational Resilience Act (DORA) establishes a unified regulatory framework to ensure financial institutions can withstand and recover from IT disruptions. As a cornerstone of operational resilience, secure and compliant database environments are critical to safeguarding sensitive financial data and maintaining regulatory alignment.

Trustwave is making Executive Business Reviews (EBR) available to its client base. EBRs are a methodology designed to deepen Trustwave's already strong client relationships by helping clients stay informed as to their current security status, regional and sector-related threats, security costs and optimization opportunities.