Exposed and Exploited: Trustwave Uncovers the Alarming Cyber Risks Lurking in the Tech Sector 2025-06-20 at 16:02 By Uncover the top cyber threats targeting the technology industry in 2025. Gain exclusive insights from Trustwave SpiderLabs into emerging ransomware trends, attacker tactics, and dark web-fueled supply chain threats. Explore how AI is both a threat and […]
React to this headline:
The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone 2025-06-18 at 22:47 By The Israel-Iran conflict is barely a week old, but the security repercussions for the two combatants and the wider global community can already be seen as the cyberwarfare portion of the conflict is already spilling over
React to this headline:
The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone Read More »
Trustwave on High Alert: How the Israel-Iran Battle Could Impact Your Organization 2025-06-17 at 19:21 By The combat operations initiated on June 12 between Israel and Iran, as with the ongoing Ukraine-Russia conflict, once again place organizations on alert for any cyber operations either directly or adjacently related to the conflict. This article is an
React to this headline:
Trustwave on High Alert: How the Israel-Iran Battle Could Impact Your Organization Read More »
Phishing-as-a-Service (PhaaS): A Cybercrime Subscription Service 2025-06-04 at 16:02 By Phishing-as-a-Service (PhaaS) is skyrocketing, making sophisticated phishing attacks accessible to all cybercriminals. Learn how this “subscription model” for cybercrime fuels a dramatic rise in threats. Combat PhaaS with a robust email security strategy, including layered defenses and a secure email gateway. Discover essential protocols to protect
React to this headline:
Phishing-as-a-Service (PhaaS): A Cybercrime Subscription Service Read More »
PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec’s Operations 2025-05-28 at 23:26 By Cris Tomboc and King Orande Phishing-as-a-Service (PhaaS) platforms have significantly reshaped the phishing threat landscape in recent years. Since September 2023, Trustwave’s Threat Intelligence Team has been tracking a large-scale phishing campaign distributed via email, attributed to “Storm-1575”. Storm-1575 is known for
React to this headline:
PhaaS the Secrets: The Hidden Ties Between Tycoon2FA and Dadsec’s Operations Read More »
The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution 2025-05-23 at 16:04 By Muhammad Ahmad Multi-agent systems (MAS) are reshaping industries from IT services to innovative city governance by enabling autonomous AI agents to collaborate, compete, and solve complex problems. This powerful transformation comes with a cost. As multi-agent systems grow, their risks
React to this headline:
The Blind Spots of Multi-Agent Systems: Why AI Collaboration Needs Caution Read More »
It’s Time to Prepare as Scattered Spider Spreads Its Web to the US 2025-05-19 at 22:08 By DFIR: Enhance your cybersecurity resilience with Trustwave’s DFIR retainer services, offering rapid response, priority handling, and cost-efficient solutions to manage digital forensics and incident response effectively. Offensive Security: Protect retail operations against emerging threats like Scattered Spider with Trustwave’s Offensive
React to this headline:
It’s Time to Prepare as Scattered Spider Spreads Its Web to the US Read More »
Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities 2025-05-06 at 18:47 By Karl Biron Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate real-world exploitation techniques using Docker-based simulations and the custom-built Python tool M.A.T.R.I.X. This article is an excerpt from SpiderLabs Blog View Original Source
React to this headline:
Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider 2025-05-02 at 19:32 By The UK retail market has been thrown into turmoil in recent weeks, with three of that nation’s highest-profile retailers being targeted allegedly by the well-known threat group Scattered Spider in at least one of the most disruptive incidents. This article is an
React to this headline:
Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider Read More »
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge 2025-04-30 at 00:08 By Reegun Jayapaul During an Advanced Continual Threat Hunt (ACTH) investigation conducted in early March 2025, Trustwave SpiderLabs identified a notable resurgence in malicious campaigns exploiting deceptive CAPTCHA verifications. These campaigns trick users into executing NodeJS-based backdoors, subsequently deploying sophisticated NodeJS Remote Access Trojans (RATs) similar to traditional
React to this headline:
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge Read More »
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns 2025-04-17 at 17:22 By Pawel Knapczyk, Dawid Nesterowicz Earlier this year SpiderLabs observed an increase in mass scanning, credential brute forcing, and exploitation attempts originating from Proton66 ASN targeting organizations worldwide that we are discussing in a two-part series. This article is an excerpt from SpiderLabs
React to this headline:
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns Read More »
Rethinking the Human Factor in Cybersecurity 2025-04-17 at 16:52 By Rethink human involvement in cybersecurity—it’s not about blame, but about designing systems that support human strengths and mitigate limitations. Explore how secure email gateways (SEGs) like Trustwave MailMarshal use AI-powered threat detection to outpace phishing tactics and reduce human error. Understand the psychological triggers behind phishing attacks
React to this headline:
Rethinking the Human Factor in Cybersecurity Read More »
Proton66 Part 1: Mass Scanning and Exploit Campaigns 2025-04-14 at 17:00 By Paweł Knapczyk, Dawid Nesterowicz Trustwave SpiderLabs continuously tracks a range of malicious activities originating from Proton66 ASN, including vulnerability scanning, exploit attempts, and phishing campaigns leading to malware infections. This article is an excerpt from SpiderLabs Blog View Original Source React to this
React to this headline:
Proton66 Part 1: Mass Scanning and Exploit Campaigns Read More »
Tycoon2FA New Evasion Technique for 2025 2025-04-10 at 19:36 By Phil Hay, Rodel Mendrez The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at slipping past endpoints and detection systems. These include using a custom CAPTCHA rendered via HTML5 canvas, invisible Unicode characters in obfuscated JavaScript, and anti-debugging scripts to thwart inspection.
React to this headline:
Tycoon2FA New Evasion Technique for 2025 Read More »
United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems 2025-04-10 at 16:17 By Global Call to Action: The United Nations urges international cooperation to protect healthcare infrastructure from rising cyber threats. Critical Insights from Trustwave SpiderLabs: Discover key findings from real-world Red Team exercises revealing vulnerabilities in healthcare security. Healthcare Under Siege: Learn how ransomware attacks target
React to this headline:
United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems Read More »
Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’ 2025-04-02 at 00:15 By John Basmayor An investigation that started with a tip from one of our threat intel sources about the revival of the Babuk (figure 1) threat group has led Trustwave SpiderLabs to uncover what appears to be a paradigm shift in the ransomware
React to this headline:
Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’ Read More »
Trustwave MailMarshal’s Secure Email Gateway Protects Against Phishing/Ransomware Attacks 2025-03-25 at 15:28 By Combat Medusa Ransomware: Learn how Trustwave MailMarshal’s secure email gateway effectively blocks phishing attacks, the primary entry point for this dangerous threat. Strengthen Your Email Security: Discover the layered protection and advanced threat detection capabilities of our managed email security services, and prevent costly data breaches.
React to this headline:
The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats 2025-03-21 at 15:07 By With subject matter expertise and presence across the globe, RMI Global Solutions are recognized by the oil & gas, and broader energy industry on and offshore, as experts in the threats and risks that face the spectrum of this key industry
React to this headline:
The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats Read More »
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1 2025-03-19 at 21:19 By Karl Biron Picture this: an always-awake, never-tired, high-speed librarian that instantly finds the exact information you need from a massive collection of books. This extraordinary librarian is also capable of processing millions of requests simultaneously, understands
React to this headline:
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1 Read More »
A Deep Dive into Strela Stealer and how it Targets European Countries 2025-03-07 at 00:01 By Dawid Nesterowicz Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target
React to this headline:
A Deep Dive into Strela Stealer and how it Targets European Countries Read More »