Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

10 Tips to Help Holiday Shoppers to Stay Safe from Scams and Cyberattacks

The holiday season is here, and with it comes the thrill of Black Friday deals and holiday shopping sprees. But it's not just shoppers who are gearing up – cybercriminals are ready to take advantage of the holiday rush, hoping to catch unsuspecting consumers off guard. While Trustwave generally focuses on protecting enterprises from cyberattacks and scams, we feel it’s important to help consumers, as well. After all, many people use work devices for online shopping and accessing social media.

Follow-Up: Arctic Wolf Observes Ongoing Exploitation of Critical Palo Alto Networks Vulnerability CVE-2024-0012 Chained with CVE-2024-9474

On November 19, 2024, Arctic Wolf began observing active exploitation of the recently-disclosed CVE-2024-0012 and CVE-2024-9474 vulnerabilities impacting Palo Alto Networks PAN-OS software. When chained together, these vulnerabilities allow an unauthenticated threat actor with network access to the management web interface to gain administrator privileges.

What Happens if You Answer a Robocall?

If you answer a robocall, avoid interacting with the caller by not speaking or pressing any numbers on your phone’s keypad and hanging up immediately. Robocalls are phone calls that use pre-recorded messages; since these callers are not human beings speaking in real time, these phone calls are known as robocalls because their inauthentic nature makes them seem robotic.

How To Remove Your Personal Information From the Internet

You can remove your personal information from the internet by requesting that Google and people search sites remove it, checking if your credit card offers any removal services, deleting unused accounts and adjusting your privacy settings. Removing your Personally Identifiable Information (PII) from the internet can prevent cybercriminals from stealing your identity, committing fraud and targeting you with spam.

The Only Guide For NIST 800-53 You Need: Controls List, Control Examples, Challenges, Implementation Tips

NIST, or the National Institute of Standards and Technology, is a U.S. federal government agency that creates frameworks and publications to manage organisations’ security requirements. NIST has released many Special Publications (SP), each containing several guidelines and security controls. One of the most comprehensive frameworks under NIST is the SP 800-53. Initially designed for federal agencies, this framework has become increasingly relevant for businesses of all sizes.

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access. I’ve stood on the “phishing is a problem” soapbox for many years, attempting to focus the attention of cybersecurity teams on the single largest problem within the organization: the employees that fall for social engineering tactics time and time again.

Ransomware Gangs Evolve: They're Now Recruiting Penetration Testers

A new and concerning cybersecurity trend has emerged. According to the latest Q3 2024 Cato CTRL SASE Threat Report from Cato Networks, ransomware gangs are now actively recruiting penetration testers to enhance the effectiveness of their attacks. This development signals a significant shift in the tactics employed by cybercriminals and underscores the need for organizations to remain vigilant in their defense strategies.