Offensive security and active defense may appear at first glance as contradictory cybersecurity solutions, but when paired, they create complementary and robust protective solutions. Let's take a quick look at what each solution offers before we go into the details. Offensive security involves attempting to identify flaws in an organization before a threat actor has a chance to exploit them.

Developers and cybersecurity have an interesting relationship. Developers have no problem with security operations just as long as they’re not involved or adding security doesn’t slow down their development cycle. Thankfully, well-documented security operations — known as DevSecOps — assist with the software development lifecycle (SDLC) and perform mostly invisibly from the developer’s perspective.

In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It affects multiple versions of the open-source relational database management systems (RDMBS) MariaDB and Percona Server, and the wsrep (write set replication) plugin for MySQL. Fortunately, security professionals swiftly released a patch to ensure that affected systems could be updated to mitigate risks.

Patches are a way of life for any network administrator and are the most efficient method in place to ensure systems are running the most up-to-date and secure versions of their various software applications. For the most part, updates take place behind the scenes, with the average person only noticing a patch being installed when they are asked to reboot their machine to install the new version.

Hospitals face a challenging dilemma: delivering the highest quality of medical care while shielding patient and family data from ever-evolving cyber threats, all while ensuring that critical operations continue uninterrupted. At Trustwave, we understand the immense pressure hospitals are under and are dedicated to creating a safer digital environment where healthcare providers can thrive, and patients receive the uncompromised care they deserve.

Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could exploit this vulnerability, leading to remote code execution. Systems that have IPv6 disabled are not susceptible to this vulnerability.

Once an attacker enters your network, one of their first actions will be to try and hide their tracks by blending in, using methods of deception such as mimicking normal user activities. A cyber defender can also use methods of deception to detect and slow the advance of these adversaries. This is known as an active defense. This article will discuss some methods of using Active Defences, sometimes referred to as ’deceptions,’ as one part of a comprehensive cyber defense strategy.

Australia's business leaders face a complex and rapidly evolving market landscape that is highly competitive, globally interconnected, and demands a proactive approach to risk management. As continued technological innovation drives business development, efficiency, and success, it simultaneously empowers malicious threat actors to evolve and attack successful businesses more sophisticatedly.

The Microsoft 365 E5 license gives you access to a slew of valuable Microsoft Security products that will cover you quite well for all your enterprise security monitoring needs. However, monitoring is only part of the security equation; the resources and services you add to it will help you get real value from E5.

Tectonic shifts are occurring across the cyber landscape, and organizations are increasingly turning to Microsoft as a cornerstone of their security strategy. At Trustwave, we have been at the forefront of this trend, partnering with Microsoft for years to deliver unparalleled security solutions and outcomes for our clients. Microsoft 365 E5 has become a compelling option for many organizations due to its robust suite of productivity tools and integrated security features.