Today’s blog installment brings us to the end of our 30-week journey that covered 30 cybersecurity topics that I felt would be of interest to a wide variety of security practitioners, such as Security Architects, Security Admins, and Security Auditors. I hope everyone found it as helpful as I found it to write. So, let’s move on with our last topic.

In today's rapidly evolving digital landscape, organizations must be prepared for the inevitable occurrence of cybersecurity incidents. Incident response testing is a critical component of a robust cybersecurity strategy, ensuring an organization can swiftly and effectively respond to incidents when they occur.

The analyst firm Frost & Sullivan has recognized Trustwave with the dual honors of being positioned as the Innovation leader in its 2024 Managed Security Services (MSS) Radar, Americas, and 2024 MSS Radar, Europe, the second time Frost & Sullivan has recognized Trustwave as such in the Americas.

The healthcare industry's digital transformation has brought unprecedented advancements in patient care. However, it has also introduced new vulnerabilities that put sensitive patient data at risk. Cybersecurity is no longer an option but a critical component of delivering safe and effective care. Threat actors have no compunction about taking advantage of this increased threat surface.

Recently, a client enlisted the support of Trustwave to investigate an unauthorized access incident within its internal cloud-based environment, leading to the deployment of Mallox ransomware by threat actors to its server. A misconfiguration allowed unauthorized individuals to bypass security restrictions. This blog details the initial access method, the tools used to execute their operations, and an analysis of the Mallox ransomware.

One doesn’t have to be a magician to understand how to track the hundreds, if not thousands, of applications that are running on your network. To lighten the load and eliminate the need for having supernatural abilities, let’s go over some simple tasks a security defender can take to track, detect, and even block application threats.

The Trustwave SpiderLabs team regularly collects a trove of data while protecting clients from email-based attacks. HTML attachments, malicious QR codes, and business email compromise (BEC) are the favored attack methods. A recent snapshot of data from June 2024 from Trustwave MailMarshal shows that email-based threat actors still favor HTML attachments to deliver a variety of malware types.

The business mantra "employees are our number one asset" is true for many reasons. Including helping protect an organization from cyber threats. An organization can have the finest security technology stack available, employ offensive security measures such as penetration tests, and have a cybersecurity vendor on speed dial in case an incident occurs. However, if its workers are not cybersecurity conscious, all that effort and financial outlay will be wasted.

Trustwave was awarded a pair of honors from the industry analyst firm ISG, being named a Leader in the US for Managed Security Services – SOC (Midmarket) and as a Rising Star in the UK for Managed Security Services – SOC (Midmarket) in ISG’s 2024 Provider Lens Quadrant Reports for these regions. This is the second consecutive year Trustwave was named a Leader in MSS for the US (Midmarket).

Trustwave Government Solutions (TGS) has attained authorized status by the State Risk and Authorization Management Program (StateRAMP) for its Government Fusion platform. "State and local agencies rely heavily on their technology partners to strengthen their cybersecurity postures, and we're proud to be able to deliver a solution that meets or exceeds their elevated security requirements," said TGS President Bill Rucker.