Emerging Threats

How Researchers Collect Indicators of Compromise

Emerging Threats, Security Research, threat hunting, Tips & Tricks /

How Researchers Collect Indicators of Compromise 2025-08-14 at 23:06 By Messiah Dela Cruz As security researchers, we actively monitor the latest CVEs and their publicly available exploits to create signatures. Beyond CVEs, we also hunt for malware on platforms such as MalwareBazaar, which enhances our visibility into attacks occurring across networks. This article is an […]

React to this headline:

Loading spinner

How Researchers Collect Indicators of Compromise Read More »

When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal

Emerging Threats, Security Research, threat hunting, Vulnerabilities /

When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal 2025-08-13 at 21:40 By Nathaniel Morales and Nikita Kazymirskyi Trustwave SpiderLabs researchers have recently identified an EncryptHub campaign that combines social engineering with abuse of the Brave Support platform to deliver malicious payloads via the CVE-2025-26633 vulnerability. In this blog post, we will

React to this headline:

Loading spinner

When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal Read More »

Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation

Emerging Threats, Microsoft Security, Security Research, Vulnerabilities /

Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation 2025-08-08 at 19:08 By Serhii Melnyk, Cris Tomboc, King Orande The Trustwave SpiderLabs CTI team began correlating telemetry from multiple enterprise environments in response to a rapidly developing threat landscape involving the widespread exploitation of Microsoft SharePoint on-premises infrastructure. In this blog, we share

React to this headline:

Loading spinner

Echoes in the Shell: Legacy Tooling Behind Ongoing SharePoint ‘ToolShell’ Exploitation Read More »

Inside Silver Fox’s Den: Trustwave SpiderLabs Unmasks a Global Threat Actor

Emerging Threats, Security Research, Vulnerabilities /

Inside Silver Fox’s Den: Trustwave SpiderLabs Unmasks a Global Threat Actor 2025-08-05 at 17:20 By Trustwave SpiderLabs’ latest research details the advanced persistent threat (APT) campaigns conducted by Silver Fox group, a significant and evolving threat actor. The likely China-based threat group primarily targets Chinese-speaking organizations. Trustwave SpiderLabs examines the tools, techniques, and procedures (TTPs)

React to this headline:

Loading spinner

Inside Silver Fox’s Den: Trustwave SpiderLabs Unmasks a Global Threat Actor Read More »

Using SQLmap to Dig for Sensitive Data in SQL Databases

Database Protection, Emerging Threats, Reports /

Using SQLmap to Dig for Sensitive Data in SQL Databases 2025-07-22 at 16:41 By Karl Biron In our latest report Data Pirates’ Toolkit (Leveraging SQLmap for Unearthing Digital Gold), we take a comprehensive look at a tried-and-tested cyberattack methodology that threat actors can use to unlock sensitive and critical data from unsecured databases: SQL injection (SQLi)

React to this headline:

Loading spinner

Using SQLmap to Dig for Sensitive Data in SQL Databases Read More »

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies”

data breach, Emerging Threats, Security Research, Vulnerabilities /

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” 2025-07-21 at 16:06 By Uncover how dark web “travel agencies” operate—from booking flights and hotels with stolen credentials to building customer-facing services that mimic legitimate platforms. Learn who uses dark web travel services and how unsuspecting consumers may get lured in through

React to this headline:

Loading spinner

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” Read More »

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies

data breach, Emerging Threats, Security Research /

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies 2025-07-21 at 16:06 By Nikita Kazymirskyi Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. SpiderLabs reviewed the operation of four dark web travel agencies. Dark web travel agencies were not spotted targeting specific hotel chains or airlines; instead, they

React to this headline:

Loading spinner

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies Read More »

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft

Emerging Threats, Security Research, Vulnerabilities /

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft 2025-07-18 at 16:06 By Serhii Melnyk Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and adaptable delivery mechanisms in mobile threat campaigns. Threat actors routinely exploit social engineering and off-market distribution to bypass conventional security controls and capitalize

React to this headline:

Loading spinner

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft Read More »

KAWA4096’s Ransomware Tide: Rising Threat With Borrowed Styles

Emerging Threats, News, threat hunting /

KAWA4096’s Ransomware Tide: Rising Threat With Borrowed Styles 2025-07-16 at 21:38 By Nathaniel Morales and John Basmayor KAWA4096, a ransomware whose name includes “Kawa”, the Japanese word for “river”, first emerged in June 2025. This new threat features a leak site that follows the style of the Akira ransomware group, and a ransom note format

React to this headline:

Loading spinner

KAWA4096’s Ransomware Tide: Rising Threat With Borrowed Styles Read More »

6 Proactive Steps for Tech Companies to Stay Protected in 2025

Emerging Threats, Reports, Threat Intelligence, Tips & Tricks /

6 Proactive Steps for Tech Companies to Stay Protected in 2025 2025-07-09 at 16:05 By The Trustwave’s SpiderLabs’ 2025 Risk Radar Report: Technology Sector highlights a persistent and evolving threat landscape, emphasizing that while the tech industry leads in digital offerings, it often lags in information security. This article is an excerpt from Trustwave Blog View Original

React to this headline:

Loading spinner

6 Proactive Steps for Tech Companies to Stay Protected in 2025 Read More »

Exposed and Exploited: Trustwave Uncovers the Alarming Cyber Risks Lurking in the Tech Sector

Emerging Threats, News, Reports, Threat Intelligence, Vulnerabilities /

Exposed and Exploited: Trustwave Uncovers the Alarming Cyber Risks Lurking in the Tech Sector 2025-06-20 at 16:02 By Uncover the top cyber threats targeting the technology industry in 2025. Gain exclusive insights from Trustwave SpiderLabs into emerging ransomware trends, attacker tactics, and dark web-fueled supply chain threats. Explore how AI is both a threat and

React to this headline:

Loading spinner

Exposed and Exploited: Trustwave Uncovers the Alarming Cyber Risks Lurking in the Tech Sector Read More »

The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone

Emerging Threats, News, Perspectives, Reports, Security Research, Vulnerabilities /

The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone 2025-06-18 at 22:47 By The Israel-Iran conflict is barely a week old, but the security repercussions for the two combatants and the wider global community can already be seen as the cyberwarfare portion of the conflict is already spilling over

React to this headline:

Loading spinner

The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone Read More »

Trustwave on High Alert: How the Israel-Iran Battle Could Impact Your Organization

Emerging Threats, Government, News, Vulnerabilities /

Trustwave on High Alert: How the Israel-Iran Battle Could Impact Your Organization 2025-06-17 at 19:21 By The combat operations initiated on June 12 between Israel and Iran, as with the ongoing Ukraine-Russia conflict, once again place organizations on alert for any cyber operations either directly or adjacently related to the conflict. This article is an

React to this headline:

Loading spinner

Trustwave on High Alert: How the Israel-Iran Battle Could Impact Your Organization Read More »

Phishing-as-a-Service (PhaaS): A Cybercrime Subscription Service

email security, Emerging Threats /

Phishing-as-a-Service (PhaaS): A Cybercrime Subscription Service 2025-06-04 at 16:02 By Phishing-as-a-Service (PhaaS) is skyrocketing, making sophisticated phishing attacks accessible to all cybercriminals. Learn how this “subscription model” for cybercrime fuels a dramatic rise in threats. Combat PhaaS with a robust email security strategy, including layered defenses and a secure email gateway. Discover essential protocols to protect

React to this headline:

Loading spinner

Phishing-as-a-Service (PhaaS): A Cybercrime Subscription Service Read More »

PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec’s Operations

Emerging Threats, Vulnerabilities /

PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec’s Operations 2025-05-28 at 23:26 By Cris Tomboc and King Orande Phishing-as-a-Service (PhaaS) platforms have significantly reshaped the phishing threat landscape in recent years. Since September 2023, Trustwave’s Threat Intelligence Team has been tracking a large-scale phishing campaign distributed via email, attributed to “Storm-1575”. Storm-1575 is known for

React to this headline:

Loading spinner

PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec’s Operations Read More »

The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution

Artificial Intelligence, Emerging Threats, Vulnerabilities /

The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution 2025-05-23 at 16:04 By Muhammad Ahmad Multi-agent systems (MAS) are reshaping industries from IT services to innovative city governance by enabling autonomous AI agents to collaborate, compete, and solve complex problems. This powerful transformation comes with a cost. As multi-agent systems grow, their risks

React to this headline:

Loading spinner

The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution Read More »

It’s Time to Prepare as Scattered Spider Spreads Its Web to the US

DFIR, Emerging Threats, News, Trustwave Rapid Response, Vulnerabilities /

It’s Time to Prepare as Scattered Spider Spreads Its Web to the US 2025-05-19 at 22:08 By DFIR: Enhance your cybersecurity resilience with Trustwave’s DFIR retainer services, offering rapid response, priority handling, and cost-efficient solutions to manage digital forensics and incident response effectively. Offensive Security: Protect retail operations against emerging threats like Scattered Spider with Trustwave’s Offensive

React to this headline:

Loading spinner

It’s Time to Prepare as Scattered Spider Spreads Its Web to the US Read More »

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities

Emerging Threats, Security Research, Vulnerabilities /

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities 2025-05-06 at 18:47 By Karl Biron Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate real-world exploitation techniques using Docker-based simulations and the custom-built Python tool M.A.T.R.I.X. This article is an excerpt from SpiderLabs Blog View Original Source

React to this headline:

Loading spinner

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities Read More »

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider

data breach, Database Protection, email security, Emerging Threats, Security Research, Threat Intelligence /

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider 2025-05-02 at 19:32 By The UK retail market has been thrown into turmoil in recent weeks, with three of that nation’s highest-profile retailers being targeted allegedly by the well-known threat group Scattered Spider in at least one of the most disruptive incidents. This article is an

React to this headline:

Loading spinner

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider Read More »

Scroll to Top