Threat Intelligence

2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector

email security, Managed Detection and Response, Reports, Security Research, Threat Intelligence /

2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector 2024-10-29 at 15:17 By As the holiday shopping season approaches, the 2024 Trustwave Risk Radar Report: Retail Sector reveals that cybercriminals have sharpened their tactics, utilizing ransomware and phishing attacks that exploit well-known online brands to target retailers and consumers directly. This article is an […]

React to this headline:

Loading spinner

2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector Read More »

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches

Emerging Threats, Reports, Security Research, Threat Intelligence, Vulnerabilities /

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches 2024-10-22 at 17:18 By Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches Read More »

Ransomware Readiness: 10 Steps Every Organization Must Take

Database Protection, DFIR, penetration testing, Threat Intelligence, Tips & Tricks, Vulnerabilities /

Ransomware Readiness: 10 Steps Every Organization Must Take 2024-10-18 at 18:31 By At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. This article is an excerpt from

React to this headline:

Loading spinner

Ransomware Readiness: 10 Steps Every Organization Must Take Read More »

Analyzing Latrodectus: The New Face of Malware Loaders

Emerging Threats, Threat Intelligence, Vulnerabilities /

Analyzing Latrodectus: The New Face of Malware Loaders 2024-10-08 at 16:01 By This report is the latest in a series that will delve into the deep research theTrustwave SpiderLabs Threat Intelligence team conducts daily on the major threat actor groups currently operating globally.  This article is an excerpt from Trustwave Blog View Original Source React

React to this headline:

Loading spinner

Analyzing Latrodectus: The New Face of Malware Loaders Read More »

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader

Emerging Threats, Managed Security Services, Security Research, Threat Intelligence, Vulnerabilities /

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader 2024-10-08 at 16:01 By Cris Tomboc and King Orande Trustwave’s Threat Intelligence team has discovered a new malware dubbed Pronsis Loader, with its earliest known variant dating back to November 2023. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader Read More »

Cybersecurity Awareness Month: Adding Seasonal Spice to Managed Detection and Response (MDR)

DFIR, Managed Detection and Response, Threat Intelligence /

Cybersecurity Awareness Month: Adding Seasonal Spice to Managed Detection and Response (MDR) 2024-10-07 at 16:03 By It’s Cybersecurity Awareness Month and you know what that means. Pumpkin spice versions of Trustwave Managed Detection and Response (MDR) solutions are now available! This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Cybersecurity Awareness Month: Adding Seasonal Spice to Managed Detection and Response (MDR) Read More »

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

DFIR, Emerging Threats, Security Research, Threat Intelligence, Trustwave Rapid Response, Vulnerabilities /

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 2024-09-30 at 22:01 By On September 26, 2024, security researcher Simone Margaritelli disclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities, that, when chained together, can allow malicious actors to launch remote code execution (RCE) attacks on vulnerable systems. This article is

React to this headline:

Loading spinner

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 Read More »

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity

Application Security, email security, Government, Threat Intelligence /

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity 2024-09-27 at 16:01 By Karl Sigler As the intensity of a critical election year builds, the greatest threat isn’t necessarily the security of ballot machines. Instead, it lies in misinformation, amplified by social media, biased algorithms, and the spread of fake news. During the 2020 U.S. presidential election,

React to this headline:

Loading spinner

2024 Election Threats: Misinformation, Deepfakes, and Cybersecurity Read More »

Developing an effective cyberwarfare response plan

Armis, Artificial Intelligence, cybersecurity, Cyberwarfare, digital transformation, Don't miss, Features, Hot stuff, News, opinion, remediation, strategy, threat, Threat Intelligence /

Developing an effective cyberwarfare response plan 2024-09-27 at 07:01 By Mirko Zorz In this Help Net Security interview, Nadir Izrael, CTO at Armis, discusses how AI has transformed cyberwarfare by amplifying attacks’ scale and sophistication. Izrael emphasizes the need for AI-powered defenses and proactive cybersecurity strategies to combat these evolving threats. How has adopting AI

React to this headline:

Loading spinner

Developing an effective cyberwarfare response plan Read More »

FINRA Warns of Rising Risks as Third-Party Cyberattacks Threaten Financial Services

News, Security Research, Threat Intelligence /

FINRA Warns of Rising Risks as Third-Party Cyberattacks Threaten Financial Services 2024-09-26 at 01:03 By Earlier this month, the Financial Industry Regulatory Authority (FINRA) posted a cybersecurity advisory highlighting the recent cybersecurity risks of third parties impacting its members and financial services organizations. The recently released Trustwave SpiderLabs 2024 Trustwave Risk Radar Report: Financial Services

React to this headline:

Loading spinner

FINRA Warns of Rising Risks as Third-Party Cyberattacks Threaten Financial Services Read More »

Shedding Light on Election Deepfakes

Artificial Intelligence, email security, Government, Threat Intelligence /

Shedding Light on Election Deepfakes 2024-09-25 at 16:01 By Pauline Bolaños Contrary to popular belief, deepfakes — AI-crafted audio files, images, or videos that depict events and statements that never occurred; a portmanteau of “deep learning” and “fake” — are not all intrinsically malicious.  This article is an excerpt from SpiderLabs Blog View Original Source React to

React to this headline:

Loading spinner

Shedding Light on Election Deepfakes Read More »

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content

data breach, email security, Emerging Threats, Security Research, Threat Intelligence, Vulnerabilities /

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content 2024-09-24 at 16:01 By Mike Casayuran HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ blog discussed its use in distributing malware by storing binaries in immutable blob data within JavaScript code that gets decoded on the client-side browser, eventually delivering

React to this headline:

Loading spinner

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content Read More »

Why Do Criminals Love Phishing-as-a-Service Platforms?

data breach, email security, Emerging Threats, Managed Detection and Response, Managed Security Services, Threat Intelligence /

Why Do Criminals Love Phishing-as-a-Service Platforms? 2024-09-23 at 13:01 By Rodel Mendrez Phishing-as-a-Service (PaaS) platforms have become the go-to tool for cybercriminals, to launch sophisticated phishing campaigns targeting the general public and businesses, especially in the financial services sector. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Why Do Criminals Love Phishing-as-a-Service Platforms? Read More »

Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China

Malware & Threats, Noise Storm, Threat Intelligence /

Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China 2024-09-20 at 15:46 By Ionut Arghire GreyNoise has observed millions of spoofed IPs flooding internet providers with web traffic primarily focusing on TCP connections. The post Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China Read More »

Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future Threats

Insider Threat, Threat Intelligence /

Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future Threats 2024-09-19 at 15:46 By Marc Solomon Threats have become more complex as the threat surface has expanded and it is now about the evolution of protecting a business and its ecosystem. The post Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution

React to this headline:

Loading spinner

Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future Threats Read More »

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann

Rockwell Automation, Siemens, Threat Intelligence, Viessmann, vulnerability /

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann 2024-09-19 at 09:18 By dakshsharma16 Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) has observed multiple vulnerabilities in its Weekly Industrial Control System (ICS) Vulnerability Intelligence Report. This report provides a comprehensive overview of critical vulnerabilities disclosed from September 10 to September

React to this headline:

Loading spinner

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann Read More »

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann

Rockwell Automation, Siemens, Threat Intelligence, Viessmann, vulnerability /

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann 2024-09-18 at 22:31 By dakshsharma16 Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) has observed multiple vulnerabilities in its Weekly Industrial Control System (ICS) Vulnerability Intelligence Report. This report provides a comprehensive overview of critical vulnerabilities disclosed from September 10 to September

React to this headline:

Loading spinner

Top ICS Vulnerabilities This Week: Critical Bugs in Rockwell Automation, Siemens, and Viessmann Read More »

The First Step in Creating an Offensive Security Program: Managed Vulnerability Scanning

Managed Security Services, Threat Intelligence, Tips & Tricks /

The First Step in Creating an Offensive Security Program: Managed Vulnerability Scanning 2024-09-18 at 16:01 By An offensive security program is an excellent component of a mature cybersecurity program, but kicking off that process can be overwhelming for some organizations.  This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

The First Step in Creating an Offensive Security Program: Managed Vulnerability Scanning Read More »

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies

email security, Emerging Threats, Managed Detection and Response, Security Research, Threat Intelligence, Vulnerabilities /

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies 2024-09-17 at 16:01 By ALPHV, also known as BlackCat or Noberus, is a sophisticated ransomware group targeting critical infrastructure and various organizations, including being the most active group used to attack the financial services sector. This article is an excerpt from Trustwave Blog View Original

React to this headline:

Loading spinner

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies Read More »

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season

email security, Emerging Threats, Government, Security Research, Threat Intelligence, Vulnerabilities /

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season 2024-09-17 at 16:01 By The US election is less than 70 days away and threat actors are busy crafting malicious spam that uses candidate names and political themes as social engineering tools to convince recipients to open their emails. This article is an excerpt

React to this headline:

Loading spinner

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season Read More »

Scroll to Top