Russia’s military incursion against Ukraine began on February 24, 2022, with a massive ground attack supported by several cyber incidents. This activity set the stage for what would become an active hybrid war fought in two domains: cyber and ground warfare.
U.S. Sen. Mark Warner (D-Va.) issued the 35-page report Cybersecurity on Patient Safety on November 3, which called the ongoing transition to better cybersecurity for the healthcare sector as being painfully slow and inadequate. This is despite the fact the healthcare sector is uniquely vulnerable to cyberattacks.
On November 1 the OpenSSL Project released patches addressing the previously rated "Critical" vulnerability that was pre-announced last week. The "Critical" rating has been downgraded to "High.".
There are many arguments on either side of remote work, including whether it impacts an organization’s cybersecurity posture. While most people perceive risks to be higher while people are working from home, this is generally driven by a fear of the unknown. In reality, while some risk factors have changed in some cases, risk is often reduced in a remote working scenario.
Perhaps it’s fitting that 2022 Cybersecurity Awareness Month ended on Halloween as there are a few similarities that can be drawn between these two events. Cyberattacks are scary. Ransomware is kind of like to older kids threatening to egg your house unless you give them all your candy. And is there really a difference between a child dressed up as Buzz Lightyear or Captain Marvel and a well-crafted socially engineered phishing email? After all, neither are as they appear…..
Trustwave has enhanced its pen testing offering to now include a high-quality, cost-effective offering to larger organizations. This new Enterprise Pen Testing (EPT) offering is designed to meet the complex testing needs of these organizations with an extensive breadth and depth of vulnerability identification, ability to deliver scaled programs of work, at an extremely competitive price point.
Following Trustwave SpiderLabs’ blog on social media-themed phishing on Facebook, comes another flavor of ‘infringement’ phishing. In this case, the targets, still under the umbrella of Meta, are Instagram users. This theme is not new, and we have seen it from time to time over the last year. It’s the same copyright infringement trickery again, but this time, the attackers gain more personal information from their victims and use evasion techniques to hide phishing URLs.
Having the most advanced, artificially intelligent-featured security software certainly makes a company “sound” secure, and in fact, those defenses do help stop most advanced attacks. But not all attacks involve complicated ransomware, spearfishing, or DDoS attacks. What organizations have to remember is their computer network is only one threat vector they have to worry about. And it’s not even the most obvious.
Trustwave's Co-Managed SOC (Security Operations Center) is a powerful offering that has a tremendous track record of helping organizations maximize the value realized from their SIEM (Security Information and Event Management) investment, reducing alert noise by up to 90%, while maintaining a position of “your SIEM, your content.” The service has just received a major enhancement with the addition of Trustwave’s one-of-a-kind cybersecurity collaboration platform, Security Colony, whic
Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in password-protected archives with about 96% of these being spammed by the Emotet Botnet. In the first half of 2022, we identified password-protected ZIP files as the third most popular archive format used by cybercriminals to conceal malware.
