We’ve now seen a number of different use cases for ChatGPT from marketing, sales, software development and others including from the security field. This platform continues to dominate most of the headlines and impress based on how it’s able to handle questions and topics from various backgrounds.
For the third year in a row, the leading channel publication CRN has named Trustwave to its Managed Service Provider (MSP) 500 list in the Security 100 category for 2023. CRN’s annual MSP 500 list identifies the leading service providers in North America whose forward-thinking approaches to managed services are changing the landscape of the IT channel, helping end users increase efficiency and simplify IT solutions while maximizing their return on investment.
Last October, Trustwave SpiderLabs blogged about the use and prevalence of HTML email attachments to deliver malware and phishing for credentials. The use of HTML smuggling has become more prevalent, and we have since seen various cybercriminal groups utilizing these techniques to distribute malware. HTML smuggling employs HTML5 attributes that can work offline by storing a binary in an immutable blob of data within JavaScript code.
An information disclosure vulnerability has been identified in Money Lover, a finance tracking application created by Finsify and available on Android, iOS, Microsoft Store, with a web interface. This vulnerability allows any authenticated user to view live transactions related to shared wallets.
The popular saying “Keep Calm and Carry On” is a good mantra for any company that finds itself undergoing cyberattack, but what that pithy phrase does not mention is how one stays calm when a threat actor has locked down your system and is demanding a multimillion-dollar ransom?
During a recent penetration test, Trustwave SpiderLabs researchers discovered a weak input validation vulnerability in the CrushFTP application which caused the deletion of all users. CrushFTP is a secure high- speed file transfer server that runs on almost any OS. It handles a wide array of protocols, and security options. CrushFTP stores details of registered users within the filesystem in the users/MainUsers directory.
Cybersecurity is a complex term, it’s become all-encompassing and constantly evolving to include new and emerging technologies, attacks, actors, and a myriad of other points. What this means for organizations large, medium, and small is that each must have a cybersecurity plan in place. An interesting point, however, is despite the mindshare cybersecurity now enjoys, the industry itself is still in its relative infancy.
Trustwave’s recent revamp of its Advanced Continual Threat Hunt (ACTH) platform was inspired by the need to scale to meet a growing client base amid an ever-increasing threat landscape. Now with a patent-pending methodology, the SpiderLabs Threat Hunt team can conduct significantly more hunts and has an unprecedented ability to find more threats.
Trustwave’s new Rapid Action Program (RAP) security solution is designed to help clients quickly answer the question: “do we have any obvious security weaknesses that must be addressed quickly?” In the current environment of ubiquitous attacks and breaches, every company wants comfort that they at least have the basics covered.
The International Association of Privacy Professionals (IAPP) has partnered with the National Cybersecurity Alliance to promote International Data Privacy Day 2023 on January 28, an event dedicated to teaching everyone from major enterprises to the average Internet user how to protect their sensitive personal information.
