REDCap: Multiple Cross-Site Scripting (XSS) Vulnerabilities 2025-09-26 at 20:23 By Harold Zang REDCap, developed by Vanderbilt University, is a secure platform designed for data collection in research studies and operations. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:
React to this headline:
REDCap: Multiple Cross-Site Scripting (XSS) Vulnerabilities Read More »
6 Steps to Counter Fourth-Party Supply Chain Vendor Attacks 2025-09-23 at 21:46 By Kory Daniels Managing a cybersecurity program is hard, but also very meaningful, work. This article is an excerpt from Trustwave Blog View Original Source React to this headline:
React to this headline:
6 Steps to Counter Fourth-Party Supply Chain Vendor Attacks Read More »
How Curtin University Partnered with Trustwave Managed Detection and Response 2025-09-12 at 21:36 By With cybersecurity threats targeting higher education growing in sophistication and frequency, Australia’s Curtin University recognized the need to strengthen its visibility into potential attacks, maximize the effectiveness of its internal resources, and build new layers of resilience across its digital environment.
React to this headline:
How Curtin University Partnered with Trustwave Managed Detection and Response Read More »
Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability 2025-09-10 at 21:44 By The strongest cybersecurity strategy includes robust physical security, since not all cyberattacks begin with a hack. Physical security is a crucial yet often overlooked part of any organization’s defense-in-depth approach. Improve your physical security and cybersecurity posture with a
React to this headline:
Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability Read More »
Securing Healthcare’s Vulnerable Supply Chain 2025-09-02 at 21:49 By Healthcare supply chains are increasingly vulnerable to cyber threats through third-party vendors, cloud services, and connected medical devices. Ransomware in healthcare can shut down critical systems, delay treatment, and endanger patient safety. Stronger cybersecurity standards, vendor risk management, and cross-border threat intelligence are vital to securing
React to this headline:
Securing Healthcare’s Vulnerable Supply Chain Read More »
Understanding DocumentDB’s Network Security Trade-offs: The VPC Challenge 2025-08-05 at 17:20 By Selam Gebreananeya AWS DocumentDB by default is securely isolated within a VPC, unreachable from the public internet, what could be more secure? This security architecture can create unexpected challenges and complexity. The root cause? The very VPC isolation designed to protect DocumentDB can
React to this headline:
Understanding DocumentDB’s Network Security Trade-offs: The VPC Challenge Read More »
Back Up With Care, But Neglecting Patches can Leave You in Despair! 2025-07-31 at 23:23 By Rox Harvey Rosales CVE-2024-7348, which was discovered by Noah Misch, is a race condition vulnerability affecting multiple versions of PostgreSQL when using the `pg_dump` utility. An attacker with sufficient privileges can exploit this vulnerability to execute arbitrary SQL commands
React to this headline:
Back Up With Care, But Neglecting Patches can Leave You in Despair! Read More »
The Danger of Weak Passwords: UK Trucking Firm Attacked and Permanently Shut Down 2025-07-25 at 20:18 By Discover how a single weak password led to a UK trucking firm’s permanent shutdown by a ransomware attack, highlighting the critical link between passwords and enterprise cybersecurity. Learn actionable strategies for creating strong passwords and implementing broader cybersecurity
React to this headline:
The Danger of Weak Passwords: UK Trucking Firm Attacked and Permanently Shut Down Read More »
Using SQLmap to Dig for Sensitive Data in SQL Databases 2025-07-22 at 16:41 By Karl Biron In our latest report Data Pirates’ Toolkit (Leveraging SQLmap for Unearthing Digital Gold), we take a comprehensive look at a tried-and-tested cyberattack methodology that threat actors can use to unlock sensitive and critical data from unsecured databases: SQL injection (SQLi)
React to this headline:
Using SQLmap to Dig for Sensitive Data in SQL Databases Read More »
Ensuring Compliance with DORA: How Trustwave Secures Your Databases and Meets Regulatory Standards 2025-07-17 at 16:20 By Montserrat Bonilla Achieve DORA Compliance with automated database security controls, audit-ready reports, and continuous compliance monitoring. Streamline Vulnerability Management by identifying, prioritizing, and remediating database risks across hybrid environments. Enhance Database Security with Trustwave’s enterprise-grade solutions, built to
React to this headline:
Trustwave Executive Business Reviews Turn Security Updates into Board Level Conversations 2025-07-16 at 16:03 By Discover how Trustwave’s new Executive Business Reviews (EBRs) transform routine updates into powerful, strategic discussions. Learn how EBRs shift the focus from raw data to real-world risk reduction, operational resilience, and cost efficiency for your organization. See how these quarterly
React to this headline:
The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner 2025-07-04 at 15:34 By Nikita Kazymirskyi On July 3, 2025, Qantas confirmed in an update statement that a cyber incident had compromised data from one of its contact centers, following the detection of suspicious activity on June 30. The breach didn’t strike at the heart
React to this headline:
The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner Read More »
Ransomware Threat Still Rising: Key Trends in the Technology Sector in 2025 2025-07-02 at 16:01 By The 2025 Trustwave Technology Risk Radar Report highlights ransomware as a major and persistent threat within the technology sector that shows no signs of abating as new ransomware-focused threat groups are constantly appearing. This article is an excerpt from Trustwave
React to this headline:
Ransomware Threat Still Rising: Key Trends in the Technology Sector in 2025 Read More »
Trustwave DbProtect Expands to Secure Snowflake: Strengthening AI Repository Protection 2025-06-30 at 16:03 By Discover how Trustwave DbProtect enhances database security for cloud-based platforms like Snowflake, ensuring your AI repositories remain safe from potential threats. Learn how Trustwave’s database activity monitoring and threat detection capabilities provide real-time insights into database activities and potential vulnerabilities. Understand the importance
React to this headline:
Trustwave DbProtect Expands to Secure Snowflake: Strengthening AI Repository Protection Read More »
The Attack Vector: Database Triggers as Persistence Mechanisms 2025-06-24 at 16:15 By Organizations often assume that restoring a backup to a patched environment eliminates threats. However, backups encapsulate both data and schema objects, including triggers. A compromised backup, often taken after an initial breach, may contain hidden triggers that reactivate the attacker’s access upon restore.
React to this headline:
The Attack Vector: Database Triggers as Persistence Mechanisms Read More »
Answering 7 Questions About Trustwave Managed Vulnerability Scanning (MVS) 2025-06-13 at 00:33 By Understanding and mitigating vulnerabilities is paramount for any organization. Trustwave’s Managed Vulnerability Scanning (MVS) offers a comprehensive solution to help businesses stay ahead of potential risks and ensure proper database protection. But what exactly is MVS, and how can it benefit your organization? This article
React to this headline:
Answering 7 Questions About Trustwave Managed Vulnerability Scanning (MVS) Read More »
Using Password 123456 is Bad, but No Password is Worse 2025-06-05 at 19:48 By An independent cybersecurity researcher claims to have uncovered a breach of an unnamed database containing 184 million records, with exposed information including emails, passwords, and login links. This article is an excerpt from Trustwave Blog View Original Source React to this headline:
React to this headline:
Using Password 123456 is Bad, but No Password is Worse Read More »
Why Offensive Security Is Crucial for Retail Resilience 2025-05-09 at 16:12 By Retail Cyberattacks: How recent incidents highlight the need for proactive security. Offensive Security Tactics: Key strategies to identify and mitigate retail vulnerabilities. DFIR Best Practices: Responding to cyber incidents with speed and precision. The three high-profile UK retailers struck with cyberattacks in the last few weeks
React to this headline:
Why Offensive Security Is Crucial for Retail Resilience Read More »
Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider 2025-05-02 at 19:32 By The UK retail market has been thrown into turmoil in recent weeks, with three of that nation’s highest-profile retailers being targeted allegedly by the well-known threat group Scattered Spider in at least one of the most disruptive incidents. This article is an
React to this headline:
Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider Read More »
The Top Phishing Lures Targeting Manufacturers Revealed by Trustwave SpiderLabs 2025-04-30 at 16:03 By As detailed in the 2025 Trustwave Risk Radar Report, cybercriminals are increasingly targeting the manufacturing sector with sophisticated phishing tactics, exploiting both human behavior and trusted platforms. Trustwave SpiderLabs researchers uncover the most prevalent phishing lures—file-sharing notifications, HR documents, fake payment
React to this headline:
The Top Phishing Lures Targeting Manufacturers Revealed by Trustwave SpiderLabs Read More »