This blog was originally published on MSSP Alert on September 20, 2024 Cybersecurity platformization is usually discussed as it relates to large organizations. But cybersecurity service businesses stand to benefit as much from platformization as enterprises — if not more so.

Microsoft Active Directory is a directory service for Windows domain networks. Active Directory serves as a centralized database which stores information about network resources, including users, computers, and services. It plays a significant role in network management and security, providing a framework for user authentication, authorization, resource management, and policy enforcement. This allows organizations to manage permissions and access rights across the entire network efficiently.

The holiday season is here, and with it comes the thrill of Black Friday deals and holiday shopping sprees. But it's not just shoppers who are gearing up – cybercriminals are ready to take advantage of the holiday rush, hoping to catch unsuspecting consumers off guard. While Trustwave generally focuses on protecting enterprises from cyberattacks and scams, we feel it’s important to help consumers, as well. After all, many people use work devices for online shopping and accessing social media.

As the holiday shopping season kicks into high gear, cybercriminals are gearing up too. This year, alongside the usual suspects, we're seeing some crafty new scams, so let’s take a look at some of the ones you should be most careful of during Black Friday, Cyber Monday and Giving Tuesday. AI-Generated Fake Reviews AI has allowed scammers to flood product pages with well-written and convincing fake reviews of products.

Storm-0940 is a Chinese advanced persistent threat (APT) group that has operated since at least 2021, although some evidence suggests involvement in earlier incidents. Known for its complex cyber espionage tactics, this group primarily targets government agencies, military organizations, and critical infrastructure to gain intelligence for political and military advantage. Leveraging an arsenal of techniques ranging from spear-phishing to exploiting software vulnerabilities.

You can remove your personal information from the internet by requesting that Google and people search sites remove it, checking if your credit card offers any removal services, deleting unused accounts and adjusting your privacy settings. Removing your Personally Identifiable Information (PII) from the internet can prevent cybercriminals from stealing your identity, committing fraud and targeting you with spam.

Why are so many security teams migrating from legacy SOAR tools to next-gen solutions? This was one of the topics up for discussion as Tines engineer Whitney Young joined host Adrian Sanabria on the Enterprise Security Weekly podcast. Read on for a behind-the-scenes look at Whitney’s process for legacy SOAR migrations, including her top tips for teams considering a switch.

Attack surfaces in the cloud are expanding at a breakneck pace. Cloud security has reached an unprecedented level of complexity — ranging from misconfigurations and vulnerabilities to advanced threats and compliance challenges, all while malicious actors are increasingly using generative AI to target your cloud infrastructure.

According to our most recent cloud security report, most cloud security incidents are the result of compromised credentials for either human or non-human identities. Once an attacker successfully controls an identity, such as a highly privileged user account, they can quickly move to other areas of an environment, including prevalent targets like sensitive data stores. This pattern of behavior is similar across all cloud platforms and services.

Distributed Denial of Service (DDoS) attacks are cyberattacks that aim to overwhelm and disrupt online services, making them inaccessible to users. By leveraging a network of distributed devices, DDoS attacks flood the target system with excessive requests, consuming its bandwidth or exhausting compute resources to the point of failure. These attacks can be highly effective against unprotected sites and relatively inexpensive for attackers to launch.