Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As we cross the halfway mark of this year, we need to evaluate and understand the rising complexity of cyberthreats that are transforming our digital landscape. From disruptive phishing campaigns to AI-exploited threats, cybercrime in India is escalating. Yet, amid the whirlwind of high-profile data breaches, we witness the resilience of our digital fortress with proactive measures from government agencies, businesses, and individuals.

A new flaw in AMD's Zen 2 processors is detailed in this blog post (archive.org snapshot) today, July 24, 2023. The 'Zenbleed' flaw affects the entire Zen 2 product stack, from AMD's EPYC data center processors to the Ryzen 3000 CPUs, and can be exploited to steal sensitive data stored in the CPU, including encryption keys and login credentials.

A new social engineering campaign tracked as “FakeSG” is distributing the NetSupport remote access Trojan (RAT) via phony browser updates, according to researchers at Malwarebytes. The campaign is similar but distinct from the widespread “SocGholish” campaign, which also uses fake browser updates to deliver NetSupport.

Security leaders today are facing a number of challenges, including a rise in the number of breaches, a need to accommodate remote work and networking requirements to replace MPLS networks. In this new blog post, we share insights about this new reality by David Holmes, Senior Analyst at Forrester, as well as an in-depth explanation about the security stack that can help. You can watch the webinar this blog post is based on here.

The National Industrial Security Program (NISP), the authority within the United States for access to classified data by government contractors. Have outlined requirements to ensure continued availability and integrity of classified data, and prevent its unauthorised disclosure. The operating manual (NISPOM) affects all government agencies and commercial contractors who have access to classified data.

Trustwave has achieved supplier status with Bridgepointe, a tech advisory firm that helps mid-market and enterprise companies transform tech investments into unrivaled business results. The Bridgepointe deals connects Trustwave to Bridgepointe’s expansive network to provide Trustwave security consulting, managed detection and response, threat hunting, co-managed SOC, database security, and email security services to their set of clients.

For more than two decades, virtual private networks (VPNs) have been the go-to technology for enterprise remote access — and by extension, for enforcing remote access security. Even ubiquitous internet connections are often redirected via VPN to a central data center, where security enforcement occurs through various hardware appliances. From there, the traffic is forwarded onward to the internet. Of course, it must follow the same indirect path back on the response side.