Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows search functionality embedded in HTML code to deploy malware. We found the threat actors utilizing a sophisticated understanding of system vulnerabilities and user behaviors. Let’s break down the HTML and the Windows search code to better understand their roles in the attack chain.

As businesses continue to rely on cloud services for all sorts of applications, computing, and storage services, each with its APIs, they dramatically increase their attack surface. It’s a situation that results in prime breeding grounds for cyber threats and, therefore, drives the need for managed detection and response (MDR) services. Consider the software-as-a-service (SaaS) market. It has grown steadily from a $31.4 billion market in 2015 to $232.3 billion in 2024, according to Techopedia.

Imagine being on shift as the guard of a fortress. Your job is to identify threats as they approach the perimeter. The more methods you have for detecting those threats, the better your chances of succeeding. A good security reporting framework works the same way and can help a security team develop the insights needed for an effective threat monitoring strategy.

In the dynamic world of cybersecurity, creating an effective offensive security program is paramount for organizations seeking to proactively identify and mitigate potential threats. An offensive security program encompasses a suite of strategic components designed to test and strengthen an organization's defenses. An effective offensive security program includes various components, such as penetration testing, red/purple teaming, managed vulnerability scanning, and bug bounty programs, to name a few.

Trustwave's just-released Microsoft Security-focused solutions are designed to bring clients greater security, resilience, and a higher return on their investment by helping optimize their Microsoft 365 enterprise plan. Let's drill down and see exactly how organizations will gain the most from the Microsoft 365 enterprise plan, (including E5 and G5) by partnering with Trustwave.

During a recent client investigation, Trustwave SpiderLabs found a malicious version of the Advanced IP Scanner installer, which contained a backdoored DLL module. Our client had been searching for the Advanced IP Scanner tool online and inadvertently downloaded the compromised installer from a typo-squatted domain that appeared in their search results. Figure 1. Search results for Advanced IP Scanner may direct users to a malicious domain.

Trustwave has launched six new Microsoft-focused offerings that will bring clients greater security, resilience, and a higher return on their investment by helping optimize their Microsoft 365 enterprise plan to take full advantage of all of its security features.

On May 20, 2024, Live Nation discovered and disclosed an unauthorized activity in its third-party cloud database environment, which was eventually identified to be Snowflake, in its SEC filing. The database contains information regarding the company, primarily from its Ticketmaster subsidiary. Following this filing and in the following days, analysts discovered multiple clients of Snowflake have had data posted on the Dark Web for sale.

A major botnet operation that controlled an estimated 19 million IP addresses and was responsible for $99 million in illegal gains was shut down this week, and an international law enforcement operation arrested its primary operator. Botnet operations may not be as top of mind as ransomware, but these attacks are still responsible for millions in losses and pose a massive threat to businesses and consumers.

Pressure is increasing on manufacturers to monitor their shop floors for malicious activity to avoid creating major disruptions in the supply chain. One key security defensive tool for monitoring network-connected devices in a manufacturing environment is Operational Technology Security or just OT. Let’s look at what OT is and how it can detect malicious activity.