Emerging Threats

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider 2025-05-02 at 19:32 By The UK retail market has been thrown into turmoil in recent weeks, with three of that nation’s highest-profile retailers being targeted allegedly by the well-known threat group Scattered Spider in at least one of the most disruptive incidents. This article is an […]

React to this headline:

Loading spinner

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider Read More »

Yet Another NodeJS Backdoor (YaNB): A Modern Challenge

Yet Another NodeJS Backdoor (YaNB): A Modern Challenge 2025-04-30 at 00:08 By Reegun Jayapaul During an Advanced Continual Threat Hunt (ACTH) investigation conducted in early March 2025, Trustwave SpiderLabs identified a notable resurgence in malicious campaigns exploiting deceptive CAPTCHA verifications. These campaigns trick users into executing NodeJS-based backdoors, subsequently deploying sophisticated NodeJS Remote Access Trojans (RATs) similar to traditional

React to this headline:

Loading spinner

Yet Another NodeJS Backdoor (YaNB): A Modern Challenge Read More »

Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns

Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns 2025-04-17 at 17:22 By Pawel Knapczyk, Dawid Nesterowicz Earlier this year SpiderLabs observed an increase in mass scanning, credential brute forcing, and exploitation attempts originating from Proton66 ASN targeting organizations worldwide that we are discussing in a two-part series. This article is an excerpt from SpiderLabs

React to this headline:

Loading spinner

Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns Read More »

Rethinking the Human Factor in Cybersecurity

Rethinking the Human Factor in Cybersecurity 2025-04-17 at 16:52 By Rethink human involvement in cybersecurity—it’s not about blame, but about designing systems that support human strengths and mitigate limitations. Explore how secure email gateways (SEGs) like Trustwave MailMarshal use AI-powered threat detection to outpace phishing tactics and reduce human error. Understand the psychological triggers behind phishing attacks

React to this headline:

Loading spinner

Rethinking the Human Factor in Cybersecurity Read More »

Proton66 Part 1: Mass Scanning and Exploit Campaigns

Proton66 Part 1: Mass Scanning and Exploit Campaigns 2025-04-14 at 17:00 By Paweł Knapczyk, Dawid Nesterowicz Trustwave SpiderLabs continuously tracks a range of malicious activities originating from Proton66 ASN, including vulnerability scanning, exploit attempts, and phishing campaigns leading to malware infections. This article is an excerpt from SpiderLabs Blog View Original Source React to this

React to this headline:

Loading spinner

Proton66 Part 1: Mass Scanning and Exploit Campaigns Read More »

Tycoon2FA New Evasion Technique for 2025

Tycoon2FA New Evasion Technique for 2025 2025-04-10 at 19:36 By Phil Hay, Rodel Mendrez The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past endpoints and detection systems. These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection.

React to this headline:

Loading spinner

Tycoon2FA New Evasion Technique for 2025 Read More »

United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems

United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems 2025-04-10 at 16:17 By Global Call to Action: The United Nations urges international cooperation to protect healthcare infrastructure from rising cyber threats. Critical Insights from Trustwave SpiderLabs: Discover key findings from real-world Red Team exercises revealing vulnerabilities in healthcare security. Healthcare Under Siege: Learn how ransomware attacks target

React to this headline:

Loading spinner

United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems Read More »

Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’

Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’ 2025-04-02 at 00:15 By John Basmayor An investigation that started with a tip from one of our threat intel sources about the revival of the Babuk (figure 1) threat group has led Trustwave SpiderLabs to uncover what appears to be a paradigm shift in the ransomware

React to this headline:

Loading spinner

Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’ Read More »

Trustwave MailMarshal’s Secure Email Gateway Protects Against Phishing/Ransomware Attacks

Trustwave MailMarshal’s Secure Email Gateway Protects Against Phishing/Ransomware Attacks 2025-03-25 at 15:28 By Combat Medusa Ransomware: Learn how Trustwave MailMarshal’s secure email gateway effectively blocks phishing attacks, the primary entry point for this dangerous threat. Strengthen Your Email Security: Discover the layered protection and advanced threat detection capabilities of our managed email security services, and prevent costly data breaches.

React to this headline:

Loading spinner

Trustwave MailMarshal’s Secure Email Gateway Protects Against Phishing/Ransomware Attacks Read More »

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats 2025-03-21 at 15:07 By With subject matter expertise and presence across the globe, RMI Global Solutions are recognized by the oil & gas, and broader energy industry on and offshore, as experts in the threats and risks that face the spectrum of this key industry

React to this headline:

Loading spinner

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats Read More »

Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1

Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1 2025-03-19 at 21:19 By Karl Biron Picture this: an always-awake, never-tired, high-speed librarian that instantly finds the exact information you need from a massive collection of books. This extraordinary librarian is also capable of processing millions of requests simultaneously, understands

React to this headline:

Loading spinner

Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1 Read More »

A Deep Dive into Strela Stealer and how it Targets European Countries

A Deep Dive into Strela Stealer and how it Targets European Countries 2025-03-07 at 00:01 By Dawid Nesterowicz Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target

React to this headline:

Loading spinner

A Deep Dive into Strela Stealer and how it Targets European Countries Read More »

Why Offensive Security Should Be a Top Priority, Not Just a Check-the-Box Compliance Requirement

Why Offensive Security Should Be a Top Priority, Not Just a Check-the-Box Compliance Requirement 2025-03-04 at 16:18 By Lisel Newton The following is a guest blog by Lisel Newton, Executive Director, Information Security, Risk & Compliance at Gossamer Bio. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Why Offensive Security Should Be a Top Priority, Not Just a Check-the-Box Compliance Requirement Read More »

Generative AI: Essential Insights for CISOs on Security Impacts

Generative AI: Essential Insights for CISOs on Security Impacts 2025-03-03 at 16:04 By Generative AI (GenAI) is transforming the cybersecurity landscape, requiring Chief Information Security Officers (CISOs) and their teams to adapt quickly to both opportunities and challenges, according to the Gartner® report 4 Ways Generative AI Will Impact CISOs and Their Teams[1]. This article is

React to this headline:

Loading spinner

Generative AI: Essential Insights for CISOs on Security Impacts Read More »

The Rise of Email Marketing Platforms for Business Email Compromise Attacks

The Rise of Email Marketing Platforms for Business Email Compromise Attacks 2025-02-18 at 21:49 By Maria Katrina Udquin In a statistical report published in September 2024 by the Federal Bureau of Investigation (FBI), it was revealed that more than US$55 billion was lost to business email compromise (BEC) attacks between October 2013 and December 2023. This profitability

React to this headline:

Loading spinner

The Rise of Email Marketing Platforms for Business Email Compromise Attacks Read More »

The Threat Within: Understanding the Role of Malicious Insiders in Cyberattacks

The Threat Within: Understanding the Role of Malicious Insiders in Cyberattacks 2025-02-13 at 20:33 By Understanding Insider Threats: Learn how insider threats in the financial sector have evolved, driven by malicious insiders and cybercriminals leveraging employee access for harmful purposes. Factors Driving Malicious Behavior: Discover the key motivations behind insider threats, from financial gain to personal grievances

React to this headline:

Loading spinner

The Threat Within: Understanding the Role of Malicious Insiders in Cyberattacks Read More »

Trustwave SpiderLabs: Examining How New Ransomware Groups Emerge

Trustwave SpiderLabs: Examining How New Ransomware Groups Emerge 2025-02-04 at 22:48 By Two newcomers have made their way onto the ransomware threat group stage, becoming the biggest threat to the energy and utilities sector in 2025. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Trustwave SpiderLabs: Examining How New Ransomware Groups Emerge Read More »

Beyond the Chatbot: Meta Phishing with Fake Live Support

Beyond the Chatbot: Meta Phishing with Fake Live Support 2025-02-04 at 16:03 By Mike Casayuran and John Kevin Adriano In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals exploit Facebook Messenger chatbots to execute social engineering attacks, deceiving users into falling victim to scams and phishing schemes. These attacks often rely on the perceived legitimacy

React to this headline:

Loading spinner

Beyond the Chatbot: Meta Phishing with Fake Live Support Read More »

Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats

Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats 2025-01-29 at 20:49 By This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. This article is an excerpt from Trustwave Blog View Original Source React to

React to this headline:

Loading spinner

Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats Read More »

Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025

Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025 2025-01-24 at 16:02 By Ransomware has a long history, first established in 1989 with the introduction of the AIDS Trojan, of use by criminals to force organizations and regular people to hand over money. Trustwave SpiderLabs follows the continuously changing history of ransomware and those

React to this headline:

Loading spinner

Ransomware’s Evolution: Key Threat Groups Targeting the Energy and Utilities Sector in 2025 Read More »

Scroll to Top