Security Research

Get Ready for the 2025 Trustwave Risk Radar Report – Hospitality Sector

Reports, Security Research, Threat Intelligence /

Get Ready for the 2025 Trustwave Risk Radar Report – Hospitality Sector 2025-05-14 at 19:47 By Trustwave SpiderLabs’ upcoming report, the 2025 Trustwave Risk Radar Report: Hospitality Sector, will be released on May 21 and will delve into the latest threat landscape, highlighting critical vulnerabilities and offering actionable insights to help hospitality businesses stay secure. This […]

React to this headline:

Loading spinner

Get Ready for the 2025 Trustwave Risk Radar Report – Hospitality Sector Read More »

UK Cyber Security Survey 2025: Ransomware on the Rise, Phishing Still Reigns

data breach, DFIR, Security Research /

UK Cyber Security Survey 2025: Ransomware on the Rise, Phishing Still Reigns 2025-05-07 at 16:12 By Key findings from the 2025 Cyber Security Breaches Survey on ransomware and phishing. 43% of UK businesses experienced a cyber breach in 2024—phishing and ransomware remain dominant threats Cyber hygiene is improving, but supply chain risks and board engagement

React to this headline:

Loading spinner

UK Cyber Security Survey 2025: Ransomware on the Rise, Phishing Still Reigns Read More »

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities

Emerging Threats, Security Research, Vulnerabilities /

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities 2025-05-06 at 18:47 By Karl Biron Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate real-world exploitation techniques using Docker-based simulations and the custom-built Python tool M.A.T.R.I.X. This article is an excerpt from SpiderLabs Blog View Original Source

React to this headline:

Loading spinner

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities Read More »

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider

data breach, Database Protection, email security, Emerging Threats, Security Research, Threat Intelligence /

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider 2025-05-02 at 19:32 By The UK retail market has been thrown into turmoil in recent weeks, with three of that nation’s highest-profile retailers being targeted allegedly by the well-known threat group Scattered Spider in at least one of the most disruptive incidents. This article is an

React to this headline:

Loading spinner

Trustwave SpiderLabs’ Insights, History, and Mitigations for Scattered Spider Read More »

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse

News, Reports, Security Research, Threat Intelligence /

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse 2025-04-08 at 16:29 By Serhii Melnyk and Nikita Kazymirskyi In February 2025, the cybersecurity community witnessed an unprecedented leak that exposed the internal operations of Black Basta, a prolific ransomware group. This article is an excerpt from SpiderLabs Blog View Original Source React to this

React to this headline:

Loading spinner

Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse Read More »

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report

Database Protection, News, Reports, Security Research, Threat Intelligence /

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report 2025-03-26 at 15:02 By Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats. Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need for

React to this headline:

Loading spinner

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report Read More »

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures

Database Protection, News, Reports, Security Research, Threat Intelligence /

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures 2025-03-26 at 15:02 By Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats. Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need

React to this headline:

Loading spinner

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures Read More »

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats

Database Protection, Emerging Threats, Security Research, Vulnerabilities /

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats 2025-03-21 at 15:07 By With subject matter expertise and presence across the globe, RMI Global Solutions are recognized by the oil & gas, and broader energy industry on and offshore, as experts in the threats and risks that face the spectrum of this key industry

React to this headline:

Loading spinner

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats Read More »

Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2

Database Protection, Security Research, Tips & Tricks, Vulnerabilities /

Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2 2025-03-20 at 18:47 By Karl Biron In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster, we uncovered the dangers of running Elasticsearch with X-Pack disabled and thus, highlighting the ease with which attackers

React to this headline:

Loading spinner

Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2 Read More »

Russian State Actors: Development in Group Attributions

Database Protection, Government, Perspectives, Security Research, Vulnerabilities /

Russian State Actors: Development in Group Attributions 2025-03-07 at 16:33 By Pawel Knapczyk and Nikita Kazymirskyi This is the final installment of Trustwave SpiderLabs Russia-Ukraine digital battlefield series, which has spanned topics including the differences between Russia and Ukraine cyber actors, how government entities, defense organizations, and human targets were caught in the cyber crossfire,

React to this headline:

Loading spinner

Russian State Actors: Development in Group Attributions Read More »

A Deep Dive into Strela Stealer and how it Targets European Countries

data breach, Database Protection, Emerging Threats, Security Research, Vulnerabilities /

A Deep Dive into Strela Stealer and how it Targets European Countries 2025-03-07 at 00:01 By Dawid Nesterowicz Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target

React to this headline:

Loading spinner

A Deep Dive into Strela Stealer and how it Targets European Countries Read More »

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond

Database Protection, Security Research, Vulnerabilities /

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond 2025-03-06 at 19:34 By Cyber Threats in Manufacturing: The 2025 Trustwave Risk Radar Report highlights how cybercriminals exploit vulnerabilities in manufacturing infrastructure, workers, and digital supply chains, with over 3,500 critical vulnerabilities listed on CISA’s KEV list. Top Manufacturing Cyber Risks: Attackers leverage high-profile exploits

React to this headline:

Loading spinner

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond Read More »

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure

Government, Security Research, Vulnerabilities /

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure 2025-03-05 at 16:08 By Pawel Knapczyk and Nikita Kazymirskyi This post is the third part of our blog series that tackles the Russia-Ukraine war in the digital realm. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure Read More »

Attacks Against Government Entities, Defense Sector, and Human Targets

Government, Perspectives, Security Research, Vulnerabilities /

Attacks Against Government Entities, Defense Sector, and Human Targets 2025-02-25 at 17:08 By Pawel Knapczyk and Nikita Kazymirskyi In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we gave a brief look at our major findings as well as the main differences between how Russia and Ukraine wage attacks in the digital frontlines. In

React to this headline:

Loading spinner

Attacks Against Government Entities, Defense Sector, and Human Targets Read More »

Beyond the Chatbot: Meta Phishing with Fake Live Support

Emerging Threats, Security Research, Vulnerabilities /

Beyond the Chatbot: Meta Phishing with Fake Live Support 2025-02-04 at 16:03 By Mike Casayuran and John Kevin Adriano In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals exploit Facebook Messenger chatbots to execute social engineering attacks, deceiving users into falling victim to scams and phishing schemes. These attacks often rely on the perceived legitimacy

React to this headline:

Loading spinner

Beyond the Chatbot: Meta Phishing with Fake Live Support Read More »

Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats

Database Protection, Emerging Threats, Security Research /

Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats 2025-01-29 at 20:49 By This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. This article is an excerpt from Trustwave Blog View Original Source React to

React to this headline:

Loading spinner

Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats Read More »

CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day

Security Research, Vulnerabilities /

CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day 2025-01-14 at 21:07 By In late November and December 2024, Artic Wolf observed evidence of a mass compromise of Fortinet FortiGate. While the initial attack vector was unknown at the time, evidence of compromise (with new users and SSL profiles) was consistent across compromised devices. This article is an excerpt from SpiderLabs

React to this headline:

Loading spinner

CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day Read More »

From Retail Rampages to 2FA Fails: Trustwave’s Wild Ride Through the 2024 Cybersecurity Circus

Emerging Threats, Perspectives, Security Research /

From Retail Rampages to 2FA Fails: Trustwave’s Wild Ride Through the 2024 Cybersecurity Circus 2024-12-30 at 18:18 By As always in cybersecurity, hardly a dull day went by in 2024. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

From Retail Rampages to 2FA Fails: Trustwave’s Wild Ride Through the 2024 Cybersecurity Circus Read More »

Email Bombing: Why You Need to be Concerned

email security, Emerging Threats, Security Research /

Email Bombing: Why You Need to be Concerned 2024-12-18 at 16:03 By Phil Hay Over the last few months, the topic of email bombing has been brought to our attention multiple times, mostly queries from customers that go something like this: This article is an excerpt from SpiderLabs Blog View Original Source React to this

React to this headline:

Loading spinner

Email Bombing: Why You Need to be Concerned Read More »

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution

Emerging Threats, News, Security Research, Vulnerabilities /

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution 2024-11-27 at 18:50 By Pauline Bolaños On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution Read More »

Scroll to Top