Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Trustwave's 2025 Cybersecurity Predictions: The Rise of Generative AI Data Breaches, Quantum Computing, and Cyber Warfare

As we look ahead to 2025, the cybersecurity landscape is poised for significant shifts and challenges. Here are some key predictions that I believe will take place or start to happen in the coming year.

Challenges with Data Security Posture Management (DSPM)

While Data Security Posture Management (DSPM) is a powerful approach for discovering, monitoring, and managing sensitive data across complex systems, it is not without its challenges. These hurdles often stem from the complexity of modern data environments, evolving threats, and operational constraints. Below are the primary challenges associated with DSPM.

Transforming the energy industry through workflow automation

In a guest blog post, Trace3's Advisory CISO Michael Farnum introduces a new whitepaper from the team at Trace3 and Tines. In 25+ years of helping organizations build robust cybersecurity programs, I’ve seen firsthand how high the stakes are in the energy sector. As an energy sector professional, you’re likely facing increasing pressure to maintain operational efficiency while safeguarding against ever-evolving security threats.

What's new in Tines: November 2024 edition

The beauty of Tines pages is that you can interact with anyone at any point in the workflow, so why not make those pages more dynamic and even more interactive? All of you agreed, because our most requested capability is finally live! Today, you can set conditions to show, hide, or disable elements on a page based on the preceding elements. This makes the page more focused, only revealing relevant information to the individual.

Underscoring the Importance of Cybersecurity to C-level Executives

I have spent many years, perhaps too many, working in the world of IT and information security. I can’t complain, I have to say, it has been rewarding. And I have noticed in recent years that there has been a considerable shift in how cybersecurity is perceived within organizations, with this function gaining greater importance and relevance. The personal influence of the CISO has been improving lately, both in terms of attitude and perception.

Websites and HIPAA: Navigating Online Tracking Technologies

Today, healthcare providers, insurers, and other HIPAA-covered entities are increasingly relying on websites to share information, engage with patients, and streamline operations. While websites offer numerous benefits, it’s crucial to understand the implications of online tracking technologies for the privacy and security of protected health information (PHI).

Behavior Driven Governance

There’s an unfortunate truth about applications and access in the enterprise. Many applications are underutilized. This means patches and updates can fall down the to-do list of already-stretched IT service desks. Naturally, this increases the vulnerabilities – and opportunities for attackers. Risks are compounded when many users retain access they no longer need, especially when it’s access to the most critical and sensitive resources.

Forging the proverbial bulletproof container

The phrase “Forging the Proverbial Bulletproof Container” carries both metaphorical and practical significance, particularly in the areas of technology and security. It reflects the idea of building robust, resilient systems that can withstand both internal and external threats. But in the current world of modern, cloud-native software development — where containers have become the backbone of application deployment — the term takes on a literal meaning as well.

The Rise of Pig Butchering Scams

In recent years, “Pig Butchering” scams have rapidly emerged as a significant global threat, primarily targeting individuals with fraudulent investment schemes. This type of scam, originally known for its roots in China, has transformed into a global phenomenon, where victims are led to believe they are making lucrative investments, often in cryptocurrency.

Phreak Out!: New Bluebox Extortion Group DLS Emerges

Another week, another extortion group data-leak site emerges. Cyjax has continued to observe the emergence of data-leak sites (DLSs) for extortion and ransomware groups. New groups FunkSec, ContFR, Argonauts, Kairos, Chort, and Termite appeared in December and November 2024 alone, bringing this year’s total up to 69. On 11 December 2024, Cyjax identified the emergence of a Tor-based DLS belonging to a new data-leak extortion group going by the name ’Bluebox’.