Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

From Phishing to Malware: How to Defend Against a Modern Kill Chain

Every day, threat actors devise new plans for breaking into secure systems. The steps they take, from researching a target to carrying out the attack, are known as the cyber kill chain. Traditionally, that kill chain has targeted devices and networks that lie completely within your organization’s control. For better or worse, mobile and cloud-based work have upended that dynamic.

CrowdStrike Showcases Cloud Security Innovation and Leadership at AWS re:Invent

As organizations accelerate their innovation in the cloud and their adoption of AI, securing AI workloads and identities has become critical. Misconfigurations, vulnerabilities and identity-based threats expose high-value assets to potential manipulation and exploitation. For AWS customers, advancing cloud security means establishing resilient guardrails that protect innovation without compromising speed.

Remote Employee Monitoring: How to Make Remote Work Effective and Secure

Remote and hybrid work models have transformed how organizations operate, offering flexibility, cost efficiency, and other benefits. However, this shift also introduces challenges, particularly in securing sensitive data against breaches and maintaining employee productivity. Remote employee monitoring has emerged as a vital solution to address these concerns. In this article, we will explore the risks of remote work and how to manage these risks with actionable practices.

The Role of AI in Cybersecurity: Opportunities, Challenges, and Future Threats

As 2024 comes to a close, we went around the room and asked some of Trustwave’s top executives what cybersecurity issues and technology they saw playing a prominent role in 2025. Over the next several weeks their thoughts will be posted here, so please read on and stay tuned! As artificial intelligence (AI) continues to advance, its applications in cybersecurity will become more prominent and will spark conversations around its potential and its risks.

Machine Learning Bug Bonanza - Exploiting ML Clients and "Safe" Model Formats

In our previous blog post in this series we showed how the immaturity of the Machine Learning (ML) field allowed our team to discover and disclose 22 unique software vulnerabilities in ML-related projects, and we analyzed some of these vulnerabilities that allowed attackers to exploit various ML services.

CIS Control 10: Malware Defenses

With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing the enterprise. Anti-Malware technologies have become an afterthought in many organizations, a technology that they’ve always had, always used, and never really thought about. This control serves as a reminder that this technology is as critical as it ever was and lays out the minimum requirements for ensuring your malware defenses are up to the task.

Admin update: Create auto-lock, release channel, and 1Password browser extension rules

Every organization has its own team culture, processes, and security requirements. That’s why we’re continuously updating 1Password Enterprise Password Manager with new options that give you greater flexibility and granular control.

Past, Present, and Future of IoT/OT Security in Automotive Cybersecurity

At the Device Authority Virtual Summit, Kaivan Karimi discussed how, as IoT and OT ecosystems grow more intertwined, especially within the automotive industry, the stakes in cybersecurity have never been higher. Connected vehicles, once a novel innovation, are now mission-critical infrastructure vulnerable to advanced threats.

Protecting Against Bot-Enabled API Abuse

APIs have become the backbone of modern digital ecosystems, powering everything from mobile apps to e-commerce platforms. However, as APIs grow in importance, they also become prime targets for malicious actors. Increasingly, bots are being weaponized to exploit vulnerabilities, overwhelm systems, and siphon sensitive data—all without triggering alarms until it’s too late.

CrowdStrike Announces Falcon Identity Protection for AWS IAM Identity Center

As organizations scale their operations on Amazon Web Services (AWS), they must secure their identities and ensure all users have the correct permissions. AWS IAM Identity Center is built to simplify access management across multiple AWS accounts — a critical tool for rapidly growing AWS environments. This hub for identity data and processes demands strong protection against the identity-focused threats growing popular among today’s adversaries.