For companies with the Microsoft 365 E3 license, the decision on whether to upgrade to 365 E5 is likely taken into consideration, and security should certainly be included. With E5, companies will likely find security upgrades in three key areas: identity management, endpoints, and cloud. So says David Broggy, Trustwave's Senior Solutions Architect, Implementation Services, and a 2024 recipient of the Microsoft MVP Award, in a recent webinar on transitioning from Microsoft E3 to E5.

Phishing remains the favored and most successful method of obtaining an initial foothold in a targeted organization. So it should come as no surprise that threat actors have developed turnkey solutions that enable even low-skilled hackers to conduct successful email attacks.

Financial services organizations already face a dizzying array of external threats, but just as dangerous and often harder to spot are the threats posed by people inside their firm, according to the Trustwave SpiderLabs' Financial Services Deep Dive: Insider Threat. The report noted that insider threat attacks have become more common over the past year, with 40% of organizations reporting more frequent insider threat attacks compared to previous years.

The 2024 Trustwave Risk Radar Report: Financial Services Sector underscores the escalating threat landscape facing the industry. Deepfakes, highly realistic synthetic media, and the increasing adoption of cryptocurrencies are providing cybercriminals with new avenues to compromise financial institutions. These emerging threats are augmenting the already prevalent ransomware and phishing campaigns, creating a complex and dynamic threat environment.

Around two years ago, memN0ps took the initiative to create one of the first publicly available rootkit proof of concepts (PoCs) in Rust as an experimental project, while learning a new programming language. It still lacks many features, which are relatively easy to add once the concept is understood, but it was developed within a month, at a part-time capacity.

In the ever-evolving field of information security, curiosity and continuous learning drive innovation. This blog series is tailored for those deeply engaged in experimental projects, leveraging Rust's capabilities to push the boundaries of what's possible. The focus on Rust, after exploring various programming languages, has led to the creation of several cutting-edge projects that are highlighted in this report.

The Security of Critical Infrastructure (SOCI) Act in Australia mandates that organizations operating within critical infrastructure sectors implement robust cybersecurity measures to protect against an increasingly diverse and sophisticated range of cyber threats. These sectors, which include energy, water, communications, healthcare, transport, and other essential services, are vital to national security, public safety, and economic stability.

Trustwave has received the Frost & Sullivan Excellence in Best Practices Company of the Year Award in the Americas Managed Security Services (MSS) market, recognizing Trustwave as being at the forefront of innovation and growth in this category.

Trustwave SpiderLabs is prepped to launch its newest threat intelligence research, the 2024 Trustwave Risk Radar Report: Financial Services Sector. The upcoming report, which is set to be released on September 10, promises to be an indispensable resource for cybersecurity professionals. This comprehensive report not only sheds light on the modus operandi of a dominant ransomware gang but also delves into the persistent use of phishing and brute-force attacks to compromise credentials.

The Cybersecurity Maturity Model Certification (CMMC) framework is undergoing a significant transformation with the introduction of CMMC 2.0. This revamped approach aims to streamline compliance, reduce costs, and enhance the overall security posture of the defense industrial base (DIB). CMMC is a framework developed by the U.S. Department of Defense (DoD) to assess and certify the cybersecurity posture of its contractors and subcontractors.