Emerging Threats

Analyzing Play and LockBit: The Top Ransomware Threats Facing Retailers

data breach, Database Protection, Emerging Threats, Security Research, Threat Intelligence, Vulnerabilities /

Analyzing Play and LockBit: The Top Ransomware Threats Facing Retailers 2024-11-07 at 16:03 By This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. This article is an excerpt from Trustwave Blog View Original Source React […]

React to this headline:

Loading spinner

Analyzing Play and LockBit: The Top Ransomware Threats Facing Retailers Read More »

E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale

Emerging Threats, Security Research, Threat Intelligence, Vulnerabilities /

E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale 2024-10-30 at 15:05 By The booming e-commerce industry, with its projected $5 trillion in sales by 2025, has become a prime target for cybercriminals, a fact highlighted in the new Trustwave SpiderLabs report, Retail Sector Deep Dive: Rise of E-Commerce Threats. This article is an excerpt from

React to this headline:

Loading spinner

E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale Read More »

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches

Emerging Threats, Reports, Security Research, Threat Intelligence, Vulnerabilities /

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches 2024-10-22 at 17:18 By Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches Read More »

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails

email security, Emerging Threats, Vulnerabilities /

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails 2024-10-21 at 17:33 By Katrina Udquin Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack

React to this headline:

Loading spinner

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails Read More »

How Threat Actors Conduct Election Interference Operations: An Overview

Artificial Intelligence, Emerging Threats, Government, Security Research, Vulnerabilities /

How Threat Actors Conduct Election Interference Operations: An Overview 2024-10-18 at 21:46 By Pauline Bolaños The major headlines that arose from the three most recent US presidential election cycles illuminated the various fragilities of American election infrastructures and systems. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

How Threat Actors Conduct Election Interference Operations: An Overview Read More »

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)

data breach, Database Protection, Emerging Threats, Security Research, Vulnerabilities /

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack) 2024-10-17 at 22:04 By Karl Biron Introduction In the perpetually evolving field of cybersecurity, new threats materialize daily. Attackers are on the prowl for weaknesses in infrastructure and software like a cat eyeing its helpless prey. This article is an excerpt from

React to this headline:

Loading spinner

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack) Read More »

Combating Misinformation and Cyber Threats to Secure the 2024 US Election

Artificial Intelligence, email security, Emerging Threats, Government, Vulnerabilities /

Combating Misinformation and Cyber Threats to Secure the 2024 US Election 2024-10-15 at 16:01 By Karl Sigler As we near the 2024 election, safeguarding the integrity of our democratic process is of paramount importance. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Combating Misinformation and Cyber Threats to Secure the 2024 US Election Read More »

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign

email security, Emerging Threats, Government, Microsoft Security, Vulnerabilities /

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign 2024-10-09 at 16:02 By The need for an iron-clad email security solution is once again making headlines. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign Read More »

Analyzing Latrodectus: The New Face of Malware Loaders

Emerging Threats, Threat Intelligence, Vulnerabilities /

Analyzing Latrodectus: The New Face of Malware Loaders 2024-10-08 at 16:01 By This report is the latest in a series that will delve into the deep research theTrustwave SpiderLabs Threat Intelligence team conducts daily on the major threat actor groups currently operating globally.  This article is an excerpt from Trustwave Blog View Original Source React

React to this headline:

Loading spinner

Analyzing Latrodectus: The New Face of Malware Loaders Read More »

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader

Emerging Threats, Managed Security Services, Security Research, Threat Intelligence, Vulnerabilities /

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader 2024-10-08 at 16:01 By Cris Tomboc and King Orande Trustwave’s Threat Intelligence team has discovered a new malware dubbed Pronsis Loader, with its earliest known variant dating back to November 2023. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader Read More »

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

DFIR, Emerging Threats, Security Research, Threat Intelligence, Trustwave Rapid Response, Vulnerabilities /

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 2024-09-30 at 22:01 By On September 26, 2024, security researcher Simone Margaritelli disclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities, that, when chained together, can allow malicious actors to launch remote code execution (RCE) attacks on vulnerable systems. This article is

React to this headline:

Loading spinner

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 Read More »

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content

data breach, email security, Emerging Threats, Security Research, Threat Intelligence, Vulnerabilities /

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content 2024-09-24 at 16:01 By Mike Casayuran HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ blog discussed its use in distributing malware by storing binaries in immutable blob data within JavaScript code that gets decoded on the client-side browser, eventually delivering

React to this headline:

Loading spinner

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content Read More »

Why Do Criminals Love Phishing-as-a-Service Platforms?

data breach, email security, Emerging Threats, Managed Detection and Response, Managed Security Services, Threat Intelligence /

Why Do Criminals Love Phishing-as-a-Service Platforms? 2024-09-23 at 13:01 By Rodel Mendrez Phishing-as-a-Service (PaaS) platforms have become the go-to tool for cybercriminals, to launch sophisticated phishing campaigns targeting the general public and businesses, especially in the financial services sector. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Why Do Criminals Love Phishing-as-a-Service Platforms? Read More »

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies

email security, Emerging Threats, Managed Detection and Response, Security Research, Threat Intelligence, Vulnerabilities /

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies 2024-09-17 at 16:01 By ALPHV, also known as BlackCat or Noberus, is a sophisticated ransomware group targeting critical infrastructure and various organizations, including being the most active group used to attack the financial services sector. This article is an excerpt from Trustwave Blog View Original

React to this headline:

Loading spinner

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies Read More »

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season

email security, Emerging Threats, Government, Security Research, Threat Intelligence, Vulnerabilities /

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season 2024-09-17 at 16:01 By The US election is less than 70 days away and threat actors are busy crafting malicious spam that uses candidate names and political themes as social engineering tools to convince recipients to open their emails. This article is an excerpt

React to this headline:

Loading spinner

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season Read More »

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media

Artificial Intelligence, Emerging Threats, Government, Managed Security Services, Threat Intelligence, Vulnerabilities /

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media 2024-09-13 at 16:01 By Jose Tozo With the US election on the horizon, it’s a good time to explore the concept of social media weaponization and its use in asymmetrically manipulating public opinion through bots, automation, AI, and shady

React to this headline:

Loading spinner

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media Read More »

Incident Response Testing: An Australian Perspective

DFIR, Emerging Threats, penetration testing, Trustwave Rapid Response, Vulnerabilities /

Incident Response Testing: An Australian Perspective 2024-08-29 at 16:02 By In today’s rapidly evolving digital landscape, organizations must be prepared for the inevitable occurrence of cybersecurity incidents. Incident response testing is a critical component of a robust cybersecurity strategy, ensuring an organization can swiftly and effectively respond to incidents when they occur. This article highlights

React to this headline:

Loading spinner

Incident Response Testing: An Australian Perspective Read More »

Protecting Patient Safety: Trustwave’s Role in Healthcare Cybersecurity

Database Protection, database security, Emerging Threats, penetration testing, Vulnerabilities /

Protecting Patient Safety: Trustwave’s Role in Healthcare Cybersecurity 2024-08-27 at 19:16 By The healthcare industry’s digital transformation has brought unprecedented advancements in patient care. However, it has also introduced new vulnerabilities that put sensitive patient data at risk. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Protecting Patient Safety: Trustwave’s Role in Healthcare Cybersecurity Read More »

Exposed and Encrypted: Inside a Mallox Ransomware Attack

data breach, Emerging Threats, Security Research, Threat Intelligence /

Exposed and Encrypted: Inside a Mallox Ransomware Attack 2024-08-27 at 16:16 By Bernard Bautista Recently, a client enlisted the support of Trustwave to investigate an unauthorized access incident within its internal cloud-based environment, leading to the deployment of Mallox ransomware by threat actors to its server. This article is an excerpt from SpiderLabs Blog View

React to this headline:

Loading spinner

Exposed and Encrypted: Inside a Mallox Ransomware Attack Read More »

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors

Database Protection, email security, Emerging Threats, Reports, Threat Intelligence /

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors 2024-08-26 at 16:01 By The Trustwave SpiderLabs team regularly collects a trove of data while protecting clients from email-based attacks. HTML attachments, malicious QR codes, and business email compromise (BEC) are the favored attack methods. This article is an excerpt from Trustwave Blog

React to this headline:

Loading spinner

Trustwave Data Reveals HTML Attachments, QR Codes, and BEC as Top Email Attack Vectors Read More »

Scroll to Top