Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trustwave

Trustwave Recognized in Gartner's 2022 Market Guide for Managed Security Services

Gartner has recognized Trustwave as a Representative Vendor in the analyst firm’s March 2022 Market Guide for Managed Security Services (MSS). In addition, Gartner previously recognized Trustwave as a leader in its MSS solution in its 2019 Gartner “Magic Quadrant for Managed Security Services, Worldwide.”

Why Managed Detection and Response is a Key Component to any Security Plan

The overnight move to remote and hybrid work models instantly created a more complex infrastructure for many organizations as they shifted their workers from corporate offices to their homes. The threat surface expanded exponentially as devices moved off-prem and into potentially unsecured environments and grew again as workers added their own devices to the mix.

Tough Times for Ukrainian Honeypot?

We've recently been inundated with news of increased cyberattacks and a general increase in cyber threats online. Hackers - both bad and good, government related or private groups - have their hands full every day as never before and compounding the situation is the Russia-Ukraine (UA) war which has sparked a cyber storm. This made us just more curious about Internet attacks on the UA telecom infrastructure.

Trustwave Security Colony Vendor Assessment: Know Your Vulnerabilities Before Others Do

This is the second installment in Trustwave’s in-depth tour of our Security Colony platform. For a broad overview of what Security Colony offers please read 5 Ways CISOs Can Leverage the Power of Trustwave Security Colony. Self-evaluation in any area, much less cybersecurity, can be challenging. Is my performance at work strong and consistent? Am I being friendly to my neighbors?

Enhancing Your Operational Technology Resiliency

Maintaining cyber resilience across your ecosystem is a significant challenge that must not be brushed aside as the likelihood of experiencing a cyber incident increases year after year. For example, in 2021 alone, there were multiple attacks on Critical National Infrastructure (CNI) such as Colonial Pipeline and against the Oldsmar, Fla. water treatment plant.

Why MDR is Your Most Important Security Investment

The cybersecurity threat landscape is continuously evolving, with the frequency and impacts of threats like malware and ransomware increasing every year. Today, organizations of all sizes and in every industry sector must be proactively searching for emerging threats and actively monitoring risk to protect themselves – and respond quickly in the event that a threat is identified.

Trustwave's Action Response: CVE-2022-22965 and CVE-2022-22963

Trustwave security and engineering teams are actively investigating the vulnerabilities CVE-2022-22965 (also referenced by other vendors at Spring4Shell / SpringShell) and CVE-2022-22963 and potential exploits. We are diligently watching over our clients for exposure and associated attacks and are taking action with approved mitigation efforts. At this time, Trustwave infrastructure and products have not been adversely affected by the vulnerability / exploits.

How to Get Security Peace of Mind Against Advanced Email Threats

The dangers of email security are often understated. One successful email attack can lead to malware injection, system compromise, impersonation, espionage, ransomware and more. After all, phishing remains the top attack vector used by hackers. The FBI reported phishing scams were extremely prominent, with 323,972 complaints being made in the U.S. in 2021, compared to 241,342 the previous year. Adjusted losses resulting from these attacks is more than $44 million, a $10 million decrease from 2020.

Cyber Attackers Leverage Russia-Ukraine Conflict in Multiple Spam Campaigns

The Trustwave SpiderLabs email security team has been monitoring the ongoing Russia-Ukraine crisis to ensure that our clients are protected and aware of any imminent threats. This research blog captures some of the phishing email threats we have discovered. Whenever there is a global event, threat actors are sure to take advantage of the situation. As the war between Russia and Ukraine continues, cybercriminals are pumping out spam emails that use the crisis as a lure.

Vidar Malware Launcher Concealed in Help File

Appending a malicious file to an unsuspecting file format is one of the tricks our adversaries use to evade detection. Recently, we came across an interesting email campaign employing this technique to deliver the info stealer Vidar malware. First, let’s examine the email delivery mechanism, then go on to take a closer look at the Vidar malware itself. Figure 1: The malicious spam message The messages in this campaign have two things in common.