Security Research

In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies

News, Security Research, Trustwave Rapid Response /

In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies 2025-07-24 at 00:23 By Pauline Bolaños Two critical zero-day vulnerabilities in the Microsoft SharePoint Server environment, CVE-2025-53770 (9.8 CVSS score) and CVE-2025-53771 (6.5 CVSS score), are being actively exploited by threat actors to compromise vulnerable on-premises SharePoint servers. This article is an excerpt from […]

React to this headline:

Loading spinner

In-the-wild Exploitation of CVE-2025-53770 and CVE-2025-53771: Technical Details and Mitigation Strategies Read More »

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies”

data breach, Emerging Threats, Security Research, Vulnerabilities /

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” 2025-07-21 at 16:06 By Uncover how dark web “travel agencies” operate—from booking flights and hotels with stolen credentials to building customer-facing services that mimic legitimate platforms. Learn who uses dark web travel services and how unsuspecting consumers may get lured in through

React to this headline:

Loading spinner

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” Read More »

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies

data breach, Emerging Threats, Security Research /

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies 2025-07-21 at 16:06 By Nikita Kazymirskyi Dark web travel agencies remain a persistent niche in the cybercrime ecosystem. SpiderLabs reviewed the operation of four dark web travel agencies. Dark web travel agencies were not spotted targeting specific hotel chains or airlines; instead, they

React to this headline:

Loading spinner

No Tell Motel: Trustwave Exposes the Secrets of Dark Web Travel Agencies Read More »

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft

Emerging Threats, Security Research, Vulnerabilities /

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft 2025-07-18 at 16:06 By Serhii Melnyk Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and adaptable delivery mechanisms in mobile threat campaigns. Threat actors routinely exploit social engineering and off-market distribution to bypass conventional security controls and capitalize

React to this headline:

Loading spinner

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft Read More »

Ransomware Threat Still Rising: Key Trends in the Technology Sector in 2025

Database Protection, Reports, Security Research, Threat Intelligence /

Ransomware Threat Still Rising: Key Trends in the Technology Sector in 2025 2025-07-02 at 16:01 By The 2025 Trustwave Technology Risk Radar Report highlights ransomware as a major and persistent threat within the technology sector that shows no signs of abating as new ransomware-focused threat groups are constantly appearing. This article is an excerpt from Trustwave

React to this headline:

Loading spinner

Ransomware Threat Still Rising: Key Trends in the Technology Sector in 2025 Read More »

Tracing Blind Eagle to Proton66

News, Security Research, Threat Intelligence /

Tracing Blind Eagle to Proton66 2025-06-27 at 16:19 By Serhii Melnyk Trustwave SpiderLabs has assessed with high confidence that the threat group Blind Eagle, aka APT-C-36, is associated with the Russian bulletproof hosting service provider Proton66. Blind Eagle is a threat actor actively targeting organizations across Latin America, with a notable focus on Colombian financial institutions.

React to this headline:

Loading spinner

Tracing Blind Eagle to Proton66 Read More »

Trustwave SpiderLabs Goes Inside the AI Cyber Arms Race

Artificial Intelligence, Reports, Security Research, Threat Intelligence /

Trustwave SpiderLabs Goes Inside the AI Cyber Arms Race 2025-06-26 at 16:01 By While all manner of legitimate organizations are attempting to understand how to best and safely use artificial intelligence to improve productivity, the Trustwave SpiderLabs’ Technology Deep Dive: AI Cyber Arms Race takes a forward-looking view at how adversaries are gaining experience and capability in

React to this headline:

Loading spinner

Trustwave SpiderLabs Goes Inside the AI Cyber Arms Race Read More »

Tech Under Siege: Unpacking Cyber Threats in Trustwave’s 2025 Risk Report

Artificial Intelligence, data breach, Security Research, Threat Intelligence, Vulnerabilities /

Tech Under Siege: Unpacking Cyber Threats in Trustwave’s 2025 Risk Report 2025-06-25 at 16:40 By Dive into Trustwave SpiderLabs’ newest report for crucial insights on protecting tech companies from today’s changing cyber threats. Uncover the impact of ransomware attacks on tech firms and identify the most active threat actors of 2025. Learn about the best

React to this headline:

Loading spinner

Tech Under Siege: Unpacking Cyber Threats in Trustwave’s 2025 Risk Report Read More »

Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector

Artificial Intelligence, data breach, Security Research, Threat Intelligence, Vulnerabilities /

Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector 2025-06-25 at 16:02 By Explore key insights from Trustwave SpiderLabs’ latest report on securing tech firms against evolving cyber threats. Discover how ransomware attacks are impacting technology companies and learn about the most prolific threat actors in 2025.  Find out the best practices and mitigation strategies technology

React to this headline:

Loading spinner

Trustwave SpiderLabs’ 2025 Risk Radar Report: Technology Sector Read More »

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors

DFIR, Managed Detection and Response, Managed Security Services, Security Research, Threat Intelligence /

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors 2025-06-25 at 01:04 By Nathaniel Morales Dire Wolf is a newly emerged ransomware group first observed in May 2025 and Trustwave SpiderLabs recently uncovered a Dire Wolf ransomware sample that revealed for the first time key details about how the ransomware operates. This article is an

React to this headline:

Loading spinner

Dire Wolf Strikes: New Ransomware Group Targeting Global Sectors Read More »

The Attack Vector: Database Triggers as Persistence Mechanisms

Database Protection, Security Research, Vulnerabilities /

The Attack Vector: Database Triggers as Persistence Mechanisms 2025-06-24 at 16:15 By Organizations often assume that restoring a backup to a patched environment eliminates threats. However, backups encapsulate both data and schema objects, including triggers. A compromised backup, often taken after an initial breach, may contain hidden triggers that reactivate the attacker’s access upon restore.

React to this headline:

Loading spinner

The Attack Vector: Database Triggers as Persistence Mechanisms Read More »

The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone

Emerging Threats, News, Perspectives, Reports, Security Research, Vulnerabilities /

The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone 2025-06-18 at 22:47 By The Israel-Iran conflict is barely a week old, but the security repercussions for the two combatants and the wider global community can already be seen as the cyberwarfare portion of the conflict is already spilling over

React to this headline:

Loading spinner

The Digital Front Line: Israel and Iran Turn the Internet into a Covert Combat Zone Read More »

How Dark Web Travel Agencies and Fraud Impact the Hospitality Industry

data breach, Reports, Security Research, Threat Intelligence /

How Dark Web Travel Agencies and Fraud Impact the Hospitality Industry 2025-05-23 at 16:04 By Dark Web Travel Agencies: Discover how stolen hospitality data fuels fraudulent bookings and impacts customers. From Breach to Booking Abuse: Learn the lifecycle of stolen hotel data and its exploitation on the dark web. Trustwave SpiderLabs’ just released Deep Dive: How Threat Actors

React to this headline:

Loading spinner

How Dark Web Travel Agencies and Fraud Impact the Hospitality Industry Read More »

Deep Dive: A DFIR Case Study in Hospitality

DFIR, Reports, Security Research, Threat Intelligence /

Deep Dive: A DFIR Case Study in Hospitality 2025-05-22 at 16:03 By Phishing in Hospitality: Real-world case study reveals how QR codes and fake e-signatures target hotel employees. Inside a Hotel Cyberattack: Learn DFIR tactics used to analyze and respond to phishing attempts against hospitality targets. Protect your Hospitality Business: Actionable insights from a 2024 phishing case study

React to this headline:

Loading spinner

Deep Dive: A DFIR Case Study in Hospitality Read More »

Trustwave SpiderLabs Report Highlights Ransomware and Dark Web Dangers for the Hospitality Sector

News, Reports, Security Research, Threat Intelligence /

Trustwave SpiderLabs Report Highlights Ransomware and Dark Web Dangers for the Hospitality Sector 2025-05-21 at 16:07 By New Trustwave SpiderLabs report reveals rising ransomware and dark web risks for hotels. Understand the dark web connection and key vulnerabilities in the hospitality sector. Arm your hospitality business against evolving travel scams & ransomware – download the

React to this headline:

Loading spinner

Trustwave SpiderLabs Report Highlights Ransomware and Dark Web Dangers for the Hospitality Sector Read More »

Hospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025

News, Reports, Security Research, Threat Intelligence /

Hospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025 2025-05-21 at 16:07 By As the summer travel season approaches, travelers worldwide are busy booking their holidays, entrusting the hospitality industry with some of their most sensitive personal and financial information. Unfortunately, this makes the sector a prime target for threat actors looking to

React to this headline:

Loading spinner

Hospitality Under Attack: New Trustwave Report Highlights Cybersecurity Challenges in 2025 Read More »

Get Ready for the 2025 Trustwave Risk Radar Report – Hospitality Sector

Reports, Security Research, Threat Intelligence /

Get Ready for the 2025 Trustwave Risk Radar Report – Hospitality Sector 2025-05-14 at 19:47 By Trustwave SpiderLabs’ upcoming report, the 2025 Trustwave Risk Radar Report: Hospitality Sector, will be released on May 21 and will delve into the latest threat landscape, highlighting critical vulnerabilities and offering actionable insights to help hospitality businesses stay secure. This

React to this headline:

Loading spinner

Get Ready for the 2025 Trustwave Risk Radar Report – Hospitality Sector Read More »

UK Cyber Security Survey 2025: Ransomware on the Rise, Phishing Still Reigns

data breach, DFIR, Security Research /

UK Cyber Security Survey 2025: Ransomware on the Rise, Phishing Still Reigns 2025-05-07 at 16:12 By Key findings from the 2025 Cyber Security Breaches Survey on ransomware and phishing. 43% of UK businesses experienced a cyber breach in 2024—phishing and ransomware remain dominant threats Cyber hygiene is improving, but supply chain risks and board engagement

React to this headline:

Loading spinner

UK Cyber Security Survey 2025: Ransomware on the Rise, Phishing Still Reigns Read More »

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities

Emerging Threats, Security Research, Vulnerabilities /

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities 2025-05-06 at 18:47 By Karl Biron Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate real-world exploitation techniques using Docker-based simulations and the custom-built Python tool M.A.T.R.I.X. This article is an excerpt from SpiderLabs Blog View Original Source

React to this headline:

Loading spinner

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities Read More »

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider

data breach, Database Protection, email security, Emerging Threats, Security Research, Threat Intelligence /

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider 2025-05-02 at 19:32 By The UK retail market has been thrown into turmoil in recent weeks, with three of that nation’s highest-profile retailers being targeted allegedly by the well-known threat group Scattered Spider in at least one of the most disruptive incidents. This article is an

React to this headline:

Loading spinner

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider Read More »

Scroll to Top