Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

To create a secure username, you must ensure your username is random, does not use any of your personal information and is unique from your other usernames across all other websites. A secure username should contain a combination of random numbers and symbols, prioritizing safety and privacy by not revealing personal details.

IDC has positioned Trustwave as a Major Player in the just released IDC MarketScape Worldwide Cloud Security Services in the AI Era 2024–2025 Vendor Assessment (IDC, November 2024) for its comprehensive set of offensive and defensive cloud security services. IDC said organizations should consider Trustwave when “Enterprises with varying levels of security maturity that require customized hybrid approach and depth of offensive and defensive security capabilities should consider Trustwave.

The vulnerabilities CVE-2024-0012 and CVE-2024-9474 exploit weaknesses in the PAN-OS management interface, allowing attackers to bypass authentication and escalate privileges, potentially resulting in unauthorized control over network devices. Addressing these vulnerabilities quickly and effectively is critical to maintaining security and compliance.

The NuPoint Unified Messaging (NPM) module in Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201) is vulnerable to a path traversal attack caused by insufficient input validation. This vulnerability could be exploited by an unauthenticated attacker to gain unauthorized access to sensitive files, potentially allowing them to read, alter, or delete user data and critical system settings. The Mitel MiCollab Arbitrary File Read Vulnerability combines CVE-2024-41713 with another yet-to-be-assigned issue.

On December 2, 2024, the Solana community faced a significant security incident involving the @solana/web3.js npm package, a critical library for developers building on the Solana blockchain with over 450K weekly downloads. This blog post aims to break down the attack flow, explore how it happened, and discuss the importance of supply chain security.

Confluent Cloud is a Kafka–as-a-service solution that simplifies the deployment, scaling, and operation of Kafka clusters. A popular feature is its Apache Kafka connectors, which make it easy to connect your Kafka clusters to any of 120+ third-party streaming data sources and destinations.

We are beyond excited to share some fantastic news with our community: Jazzer is now fully open source again under the Apache 2.0 license!

Once upon a time, workers sat in offices, only used corporate desktops and crossed a single authentication checkpoint to access company resources kept snugly behind a protective barrier. The world has changed dramatically since then. Cloud and hybrid environments are vast and complex. Work happens anywhere and everywhere. Company employees, contractors, partners and other users interact daily with multiple endpoints—personal and company-owned—alongside SaaS applications and sensitive data.

How to make your Celery tasks more resilient with best practices to prevent workflow interruptions and handle various failure scenarios.

What if there were a way to negate the effectiveness of multi-factor authentication (or even bypass secure login protocols) without ever cracking a password? Session hijacking offers attackers a tempting shortcut to user accounts, bypassing the usual security barriers. In 2022 alone, researchers scouring the shadier corners of the internet (like the dark web) found 22 billion device and session cookie records – each of which could help to enable session hijacking.