Too many consumers have awoken one morning to find messages from a retailer or their bank detailing purchases made through their account of which they were unaware. While the realization that they have been hacked will cause some well-deserved panic for the account holder, it usually only takes a few phone calls to cancel purchases, change a password, and cancel a credit card to put a stop to the problem.

The world is just beginning to understand how the intersection of artificial intelligence (AI) and data privacy will impact organizations, their employees, and those who use their services. As of June 2024, there are simply too many unknowns.

When working with Amazon Web Services (AWS), we often find that various AWS services need to store and manage secrets. AWS Secrets Manager is the go-to solution for this. It's a centralized service designed to help manage sensitive information securely, significantly reduce the risk of credential compromise, and facilitate your credential management process. However, there's more to it than just storing secrets.

Building an effective Security Operations framework that provides the right balance of people, processes, and technologies can take years. Here we’ll discuss some foundational topics that can be used to grow an effective SOC Operation.

AT&T reported on July 12 that an internal investigation had revealed that the telecommunication provider had been victimized by a third-party breach,resulting in the compromise of records of calls and texts of nearly all of AT&T’s cellular customers. An AT&T spokesperson confirmed to a news source that the breach resulted from of the data stolen from cloud storage firm Snowflake.

The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use Facebook for malicious activity has uncovered a new version of the SYS01 stealer. This stealer is designed to take over Facebook accounts, steal credential information from affected users' browsers, and then leverage legitimate accounts to further the spread of the malware.

As organizations consider their journey to establishing a strong Zero Trust culture, they must adopt a data-centric approach, and this begins with ensuring database security. Data, or more specifically, knowing your data, is at the heart of Zero Trust. This means databases must be considered critical assets with the appropriate security considerations applied.

DynamoDB is a fully managed NoSQL database service offered by Amazon Web Services (AWS). It is renowned for its scalability, dependability, and easy connection with other AWS services. Notwithstanding its manifold advantages, organizations continue to place a high premium on guaranteeing the security of data stored in DynamoDB. By default, DynamoDB can be accessed over the public network using HTTPS, ensuring secure communication with SSL/TLS encryption.

Trustwave SpiderLabs has put together nine vertical threat reports over the past 12 months, but in its most recent effort, the 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies report, our team of elite researchers delve into one of the broadest and most complicated vertical sectors yet covered.

Threat Intelligence, or just TI, is sometimes criticized for possibly being inaccurate or outdated. However, there are compelling reasons to incorporate it into your cybersecurity defense strategy. Let’s present some ways to use TI effectively as part of your security operations lifecycle.