The holiday shopping season is almost here, and according to the 2024 Trustwave Risk Radar Report: Retail Sector, threat actors have honed their skills and are prepared to use ransomware and phishing attacks that leverage well-known online brands to conduct direct attacks and fraud operations against retailers and consumers. Skills they will then use to infiltrate retail organizations of all types throughout the rest of the year.

As the holiday shopping season approaches, the 2024 Trustwave Risk Radar Report: Retail Sector reveals that cybercriminals have sharpened their tactics, utilizing ransomware and phishing attacks that exploit well-known online brands to target retailers and consumers directly. These skills will likely be employed to infiltrate various retail organizations throughout the year.

As Cybersecurity Awareness Month 2024 draws to a close, let’s take a few minutes and cover one more topic. The need to be cybersecurity aware 24/7/365. Attacks happen all day every day so having cybersecurity as a top-of-mind subject for just a month out of the year means that for the other 11 months, attackers have the advantage. Here are just a few reasons organizations and their employees need to remain hyper vigilant.

Security information and event management (SIEM) systems are crucial to collecting and analyzing incoming cyber threats, but many companies need help to tune and monitor them properly. These firms enlist a security service provider to do it for them. That often leads to the question of whether a managed detection and response (MDR) service is also necessary. In short, yes, adding MDR is a strong move as it adds deep threat investigation, threat hunting, and response actions at the endpoint.

For eight consecutive years, MSSP Alert has named Trustwave as one of the Top 10 Managed Security Services Providers worldwide. Trustwave placed 10th on MSSP's 2024 Top 250 MSSP list, indicating the company's status as a leading provider of managed security services.

Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector. The 2024 Trustwave Risk Radar Report: Retail Sector will cover in detail the threats facing the industry, the most prominent adversaries in the field, and the commonly used methods to attack retailers. The main report is supported by two supplementary pieces.

It’s Cybersecurity Awareness Month and you know what that means. We spend every spare hour waiting for The Great Pumpkin. As many of us know, (and we’re going to stretch this analogy to the limit) Linus actively created an environment that would attract The Great Pumpkin by establishing the sincerest pumpkin patch in the neighborhood. Furthermore, he went on the offensive to attract others to his belief that The Great Pumpkin would appear on Halloween night.

Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack with varying tactics, techniques, and procedures (TTP). Between July and September, we witnessed a 140% increase in these spam campaigns. In this blog, we will showcase the different spam techniques used in these phishing emails.

At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. Instead of waiting an extra couple of months, we thought why not get ahead of the curve, pretend that ransomware will again be an issue, because it will, and proceed to the part of the story where we go through the problem and mitigation methods.

Cybersecurity teams are in a tough spot these days. They are stuck between the pace of change in technology, the shortage of security professionals, and an overabundance of security tools all demanding their attention. It's a combination that should make the all-encompassing Microsoft Security product suite a compelling idea – if you can determine a migration strategy that makes sense for your company.