October 1 marks the start of Cybersecurity Awareness Month and traditionally Trustwave has discussed the general security concepts highlighted by the Cybersecurity and Infrastructure Security Agency (CISA), and National Cybersecurity Alliance (NCSA). However, this year Trustwave will take a slightly different approach. In the same vein that one can never have too much cowbell, Trustwave believes there is no such thing as too many security tips.

XWorm is a relatively new versatile tool that was discovered in 2022. It enables attackers to carry out a variety of functions, which include accessing sensitive information, gaining remote access, and deploying additional malware. The multifaceted nature of XWorm is appealing to threat actors, as evidenced by its alleged use earlier this year by threat actors such as NullBulge and TA558. Through Netskope Threat Labs hunting efforts, we uncovered XWorm’s latest version in the wild.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from September.

Masking large volumes of data isn’t just a bigger version of small-scale masking—it’s exponentially more complex. High-volume data masking introduces unique engineering challenges that demand careful balancing of performance, integration, accuracy, and infrastructure costs. In this blog, we’ll dive into the critical factors you must consider when choosing the right tool for large-scale data masking, helping you confidently navigate these complexities.

On September 26, 2024, security researcher Simone Margaritellidisclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities, that, when chained together, can allow malicious actors to launch remote code execution (RCE) attacks on vulnerable systems. CUPS is a widely used, open-source printing system that supports Linux and other Unix-like operating systems. It also supports ChromeOS and macOS.

We're excited to share new updates and enhancements for September, including: For more information on these updates and others, please read the complete list below and follow the links for more detailed articles.

In social engineering attacks like smishing and phishing, the mind is the real target. How often do we quickly glance at a text or email and click without a second thought about its origins? Scammers know this, so they prey on the urgency conveyed in the convincing messages sent to your valued customers and unprepared coworkers. Opportunistic scammers send 3.4 billion spam emails daily.

Splunk has implemented SCIM (System for Cross-domain Identity Management), a standardized protocol designed for efficient and secure management of user identities across various systems. With the release of this feature, Splunk customers can automatically deprovision users within Splunk when a user(s) are removed from the customer’s Okta Identity Provider (IdP) with following benefits for the customers.

You can ensure data integrity in your organization by enabling data encryption, investing in a password manager, regularly backing up your data and implementing strict access controls. Data integrity ensures that your data is accurate and complete, meaning it hasn’t been changed, removed or stolen by an unauthorized user. Continue reading to learn why data integrity is important and how your organization can ensure your data is accurate, complete and consistent.

The number of ransomware attacks around the world increased by 73% in 2023, according to a new report by the Institute for Security and Technology’s Ransomware Task Force (RTF). These attacks opportunistically target organizations across all industries, but the hardest-hit sectors over the past two years have been construction, hospitals and health care, government, IT services and consulting, and financial services.